diff --git a/nginx_config_maker/.gitignore b/nginx_config_maker/.gitignore
new file mode 100644
index 00000000..5023c922
--- /dev/null
+++ b/nginx_config_maker/.gitignore
@@ -0,0 +1 @@
+output/*.conf
\ No newline at end of file
diff --git a/nginx_config_maker/README.md b/nginx_config_maker/README.md
new file mode 100644
index 00000000..d688332b
--- /dev/null
+++ b/nginx_config_maker/README.md
@@ -0,0 +1,12 @@
+# Nginx config maker
+
+crée une configuration nginx pour des sites web selon certaines préconfigurations
+
+# utilisation
+configurer l'objet de conf listant les domaines et leur framework,
+lancer la commande :
+```
+node index.mjs
+```
+
+et tada, les fichiers de conf pour nginx installé sur proxmox sont produits
\ No newline at end of file
diff --git a/nginx_config_maker/index.mjs b/nginx_config_maker/index.mjs
new file mode 100644
index 00000000..2c664626
--- /dev/null
+++ b/nginx_config_maker/index.mjs
@@ -0,0 +1,64 @@
+/**
+ * setup domains
+ * @type {{framework: string, domain: string}[]}
+ */
+
+import fs from 'node-fs'
+import { makeHostFileForWordpress } from './model.wordpress.mjs'
+import { makeHostFileForSymfony } from './model.symfony.mjs'
+
+const LXCcontainerLocalIP = '10.10.10.103'
+const LXCcontainerProtocol = 'https'
+
+const domainsConfig = [{
+	LXCcontainerLocalIP,
+	LXCcontainerProtocol,
+	name: 'Blog cipherbliss',
+	domain: 'www.cipherbliss.com',
+	framework: 'wordpress',
+	disableSSL: false,
+}, {
+	LXCcontainerLocalIP,
+	LXCcontainerProtocol,
+	name: 'Funky Framadate Démo',
+	domain: 'framadate-api.cipherbliss.com',
+	framework: 'symfony',
+	disableSSL: false,
+},
+{
+	LXCcontainerLocalIP,
+	LXCcontainerProtocol,
+	name: 'Caisse Bliss',
+	domain: 'caisse.cipherbliss.com',
+	framework: 'symfony',
+	disableSSL: false,
+},
+]
+
+for (let configDomain of domainsConfig) {
+	console.log('domaine :', configDomain.name)
+	let hostFile
+	if (configDomain.framework === 'wordpress') {
+		hostFile = makeHostFileForWordpress(configDomain)
+	}
+	if (configDomain.framework === 'symfony') {
+		hostFile = makeHostFileForSymfony(configDomain)
+	}
+	writeFile(configDomain.domain + '.host.conf', hostFile.homeNginxConf)
+	writeFile(configDomain.domain + '.container.conf', hostFile.containerNginxConf)
+}
+
+
+function writeFile (fileName, fileContent) {
+	console.log('write file', fileName)
+	return fs.writeFile(
+		`./output/${fileName}`,
+		fileContent,
+		'utf8',
+		(err) => {
+			if (err) {
+				console.log(`Error writing file: ${err}`)
+			}
+		}
+	)
+}
\ No newline at end of file
diff --git a/nginx_config_maker/model.symfony.mjs b/nginx_config_maker/model.symfony.mjs
new file mode 100644
index 00000000..318e1365
--- /dev/null
+++ b/nginx_config_maker/model.symfony.mjs
@@ -0,0 +1,40 @@
+/**
+ * turns a domain config to two config files for nginx web sever on proxmox and its container
+ * @param domainConfig
+ * @returns {{homeNginxConf: string, containerNginxConf: string}}
+ */
+export function makeHostFileForSymfony(domainConfig){
+	const model = {
+		homeNginxConf : `
+# ---------------- ${domainConfig.name} -------------------------
+
+server {
+        server_name ${domainConfig.name};
+        listen 80 http2;
+        return 301 https://${domainConfig.name}$request_uri;
+
+}
+
+server {
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+
+        server_name ${domainConfig.name};
+       ${domainConfig.disableSSL ? '#' : ''} ssl_certificate /etc/letsencrypt/live/${domainConfig.name}-0001/fullchain.pem;
+       ${domainConfig.disableSSL ? '#' : ''} ssl_certificate_key /etc/letsencrypt/live/${domainConfig.name}-0001/privkey.pem;
+                add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
+        location / {
+                proxy_set_header   X-Forwarded-For $remote_addr;
+                proxy_set_header   Host $http_host;
+                # redirection to containter
+                proxy_pass         http://${domainConfig.LXCcontainerLocalIP};
+        }
+
+        add_header Permissions-Policy "interest-cohort=()";
+
+}
+`,
+		containerNginxConf : ``
+	}
+	return model;
+}
\ No newline at end of file
diff --git a/nginx_config_maker/model.wordpress.mjs b/nginx_config_maker/model.wordpress.mjs
new file mode 100644
index 00000000..41c42d8f
--- /dev/null
+++ b/nginx_config_maker/model.wordpress.mjs
@@ -0,0 +1,51 @@
+/**
+ * turns a domain config to two config files for nginx web sever on proxmox and its container
+ * @param domainConfig
+ * @returns {{homeNginxConf: string, containerNginxConf: string}}
+ */
+export function makeHostFileForWordpress(domainConfig){
+
+	/**
+	 * example:
+	 *	# redirect to https+www without www from https
+	 * server {
+        listen 443 http2;
+        listen [::]:443 http2;
+        server_name ${domainConfig.name};
+        return 301 https://${domainConfig.name}$request_uri;
+}
+	 * @type {{homeNginxConf: string, containerNginxConf: string}}
+	 */
+	const model = {
+		homeNginxConf: `
+# ============ ${domainConfig.name} ===============
+
+server {
+			# redirect to https from http
+        server_name ${domainConfig.name};
+        listen 80 http2;
+        return 301 https://${domainConfig.name}$request_uri;
+}
+
+server {
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+
+        server_name ${domainConfig.name};
+        ssl_certificate /etc/letsencrypt/live/${domainConfig.name}-0001/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/${domainConfig.name}-0001/privkey.pem;
+                add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
+        location / {
+                proxy_set_header   X-Forwarded-For $remote_addr;
+                proxy_set_header   Host $http_host;
+                # Container tksites
+                proxy_pass         ${domainConfig.LXCcontainerProtocol}://${domainConfig.LXCcontainerLocalIP};
+        }
+
+        add_header Permissions-Policy "interest-cohort=()";
+}
+`,
+		containerNginxConf: ``
+	}
+	return model
+}
\ No newline at end of file
diff --git a/nginx_config_maker/output/.gitkeep b/nginx_config_maker/output/.gitkeep
new file mode 100644
index 00000000..e69de29b
diff --git a/nginx_config_maker/package-lock.json b/nginx_config_maker/package-lock.json
new file mode 100644
index 00000000..f2d48b9e
--- /dev/null
+++ b/nginx_config_maker/package-lock.json
@@ -0,0 +1,35 @@
+{
+  "name": "nginx_config_maker",
+  "lockfileVersion": 2,
+  "requires": true,
+  "packages": {
+    "": {
+      "dependencies": {
+        "node-fs": "^0.1.7"
+      }
+    },
+    "node_modules/node-fs": {
+      "version": "0.1.7",
+      "resolved": "https://registry.npmjs.org/node-fs/-/node-fs-0.1.7.tgz",
+      "integrity": "sha512-XqDBlmUKgDGe76+lZ/0sRBF3XW2vVcK07+ZPvdpUTK8jrvtPahUd0aBqJ9+ZjB01ANjZLuvK3O/eoMVmz62rpA==",
+      "os": [
+        "linux",
+        "darwin",
+        "freebsd",
+        "win32",
+        "smartos",
+        "sunos"
+      ],
+      "engines": {
+        "node": ">=0.1.97"
+      }
+    }
+  },
+  "dependencies": {
+    "node-fs": {
+      "version": "0.1.7",
+      "resolved": "https://registry.npmjs.org/node-fs/-/node-fs-0.1.7.tgz",
+      "integrity": "sha512-XqDBlmUKgDGe76+lZ/0sRBF3XW2vVcK07+ZPvdpUTK8jrvtPahUd0aBqJ9+ZjB01ANjZLuvK3O/eoMVmz62rpA=="
+    }
+  }
+}
diff --git a/nginx_config_maker/package.json b/nginx_config_maker/package.json
new file mode 100644
index 00000000..65fb60b6
--- /dev/null
+++ b/nginx_config_maker/package.json
@@ -0,0 +1,5 @@
+{
+  "dependencies": {
+    "node-fs": "^0.1.7"
+  }
+}