diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index dd9cec3..d1a32ca 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -6,8 +6,8 @@ on:
       - 'v*.*.*'
 
 env:
+  TAG: ${{github.ref_name}}
   IMAGE_NAME: ${{ vars.IMAGE_NAME }}
-  IMAGE_NAME_PROXY: ${{ vars.IMAGE_NAME_PROXY }}
   DOCKER_REGISTRY: ${{ secrets.DOCKER_REGISTRY }}
   DOCKER_HUB_USER: ${{ secrets.DOCKER_HUB_USER }}
   DOCKER_HUB_PASS: ${{ secrets.DOCKER_HUB_PASS }}
@@ -20,25 +20,38 @@ jobs:
     - uses: actions/checkout@v3
 
     - name: Build the Docker image
-      run: docker build ./Foodie --tag $IMAGE_NAME:${{github.ref_name}}
+      run: docker build ./Foodie --tag $IMAGE_NAME:$TAG
 
     - name: Publish image
       run: |
         docker login -u $DOCKER_HUB_USER -p $DOCKER_HUB_PASS
-        docker tag $IMAGE_NAME:${{github.ref_name}} $DOCKER_REGISTRY/$IMAGE_NAME:${{github.ref_name}}
-        docker push $DOCKER_REGISTRY/$IMAGE_NAME:${{github.ref_name}}
+        docker tag $IMAGE_NAME:$TAG $DOCKER_REGISTRY/$IMAGE_NAME:$TAG
+        docker push $DOCKER_REGISTRY/$IMAGE_NAME:$TAG
 
-  publish-nginx:
+  deploy:
     runs-on: ubuntu-latest
+    needs: [publish-dotnet]
     
     steps:
-    - uses: actions/checkout@v3
-
-    - name: Build the Docker image
-      run: docker build ./nginx -f ./nginx/Nginx.Dockerfile --tag $IMAGE_NAME_PROXY:${{github.ref_name}}
-
-    - name: Publish image
-      run: |
-        docker login -u $DOCKER_HUB_USER -p $DOCKER_HUB_PASS
-        docker tag $IMAGE_NAME_PROXY:${{github.ref_name}} $DOCKER_REGISTRY/$IMAGE_NAME_PROXY:${{github.ref_name}}
-        docker push $DOCKER_REGISTRY/$IMAGE_NAME_PROXY:${{github.ref_name}}
+    - name: setup env and docker compose up
+      uses: appleboy/ssh-action@master
+      env:
+        CERT_KEY_PATH: ${{ secrets.CERT_KEY_PATH }}
+        CERT_PATH: ${{ secrets.CERT_PATH }}
+        PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
+        CERTIFICATE: ${{ secrets.CERTIFICATE }}
+        NGINX_CONF: ${{ secrets.NGINX_CONF }}
+      with:
+        host: ${{ secrets.HOST }}
+        username: ${{ secrets.USERNAME }}
+        password: ${{ secrets.PASSWORD }}
+        envs: TAG,IMAGE_NAME,DOCKER_REGISTRY,CERT_KEY_PATH,CERT_PATH,PRIVATE_KEY,CERTIFICATE,NGINX_CONF
+        script: |
+          rm -rf repo
+          git clone https://github.com/${{github.repository}} repo && cd repo
+          git fetch origin $TAG
+          git checkout $TAG
+          chmod +x ./setup_env.sh
+          ./setup_env.sh
+          docker-compose -f docker-compose.prod.yml down
+          docker-compose -f docker-compose.prod.yml up -d
diff --git a/.gitignore b/.gitignore
index 01da99d..ae7db43 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,5 @@
 .vs/
 .vscode/
+
+.nginx/
+.env
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
new file mode 100644
index 0000000..cd38b1c
--- /dev/null
+++ b/docker-compose.prod.yml
@@ -0,0 +1,37 @@
+version: "3.7"
+
+services:
+  kestrel:
+    container_name: foodie
+    image: "${DOCKER_REGISTRY}/${IMAGE_NAME}:${TAG}"
+    depends_on:
+      - db
+    restart: always
+
+  db:
+    container_name: mssql_db
+    user: root
+    image: "mcr.microsoft.com/mssql/server"
+    ports:
+      - "1433:1433"
+    environment:
+      SA_PASSWORD: "Your_password123"
+      ACCEPT_EULA: "Y"
+    volumes:
+      - mssql-data:/var/opt/mssql/data
+
+  reverseproxy:
+    image: nginx
+    depends_on:
+      - kestrel
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - ${PWD}/.nginx/fullchain.pem:${CERT_PATH}
+      - ${PWD}/.nginx/privkey.pem:${CERT_KEY_PATH}
+      - ${PWD}/.nginx/nginx.conf:/etc/nginx/nginx.conf:ro
+
+volumes:
+  mssql-data:
+    driver: local
diff --git a/docker-compose.yml b/docker-compose.yml
index 31d605d..14432ec 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -29,7 +29,10 @@ services:
     ports:
       - "80:80"
       - "443:443"
-
+    volumes:
+      - ${PWD}/nginx/localhost.key:/etc/ssl/private/localhost.key:ro
+      - ${PWD}/nginx/localhost.crt:/etc/ssl/certs/localhost.crt:ro
+      - ${PWD}/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
 volumes:
   mssql-data:
     driver: local
diff --git a/nginx/Nginx.Dockerfile b/nginx/Nginx.Dockerfile
index 24ec1a5..025e17d 100644
--- a/nginx/Nginx.Dockerfile
+++ b/nginx/Nginx.Dockerfile
@@ -1,5 +1,4 @@
 FROM nginx:latest
 
-COPY nginx.conf /etc/nginx/nginx.conf
-COPY localhost.crt /etc/ssl/certs/localhost.crt
-COPY localhost.key /etc/ssl/private/localhost.key
\ No newline at end of file
+RUN apt-get update
+RUN apt-get install -y certbot python3-certbot-nginx
diff --git a/nginx/localhost.csr b/nginx/localhost.csr
deleted file mode 100644
index 19f3472..0000000
--- a/nginx/localhost.csr
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIEyDCCArACAQAwXDELMAkGA1UEBhMCR0IxEDAOBgNVBAgMB0VuZ2xhbmQxETAP
-BgNVBAcMCEJyaWdodG9uMRcwFQYDVQQKDA5IYWxsbWFya2Rlc2lnbjEPMA0GA1UE
-AwwGRm9vZGllMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1udYXS9q
-rVDYe5VLHpPLl4s/EbYIzA7gbX8+ks8zzwOVKX8nhjw90ayL+5ZLwJgrU90nDLiI
-e4b7Lte6VaOSbkoQ8uTIONFKaklD+WcmmWmgFQkcDBRjSMpbswF/18QgcHN1SwIx
-1aSRIyXhdcgjfXct6VAtgD7a703yJSbQ/k8wxsaRFkiD5ikvVGvbBi/B57o5EG9v
-tynPzDaCAxvqbqv2reBoIzubGB4i8zEUdx3EsXJBW/vW5uzbCNak5G5PrQYW7Hqf
-fTSbgVM5rlacRqkUeIhGBikFn9ctqYf82G6NSnu4FdyeLe4Ki5Rg3Sg/3GY5H9OR
-aVDTUhpucP1GLH82fVA4x9DuTIT0YqStUuiNzisU7RbLAd4y+CNerYk+fRDNtOha
-6MA3D/M3ioyytDoqc76Gz5/K+alIpBUmTM7hCD0/5zfLyR4c97Xbp1a1nGNMsTeV
-ujx+6g7X4jbRqbmzqSsnM5HXAO3e6QFrjt65/Wellwoa/MfR8IM7Q0r0Yru3cme/
-7WHa34Ug/aZrGmOmEPVMnCZ3I2wHyIvK1gdpeErsEAebDg3wjQFiwLPFcUVidpcV
-jeBbjJVffXqwLSs1asLLisxURs8Vv0/Y5qdLzsgqkrEf63Y9EO5i/kKB8VITZmZJ
-Sm3OfSsHuxhsrDaikvTJ0oSs8y3Az3tQWKcCAwEAAaAnMCUGCSqGSIb3DQEJDjEY
-MBYwFAYDVR0RBA0wC4IJbG9jYWxob3N0MA0GCSqGSIb3DQEBCwUAA4ICAQA0vOz8
-j1ZMWQffb23TDSGwI8bOfy2sJTD6HjLCIhvDRPxoumw2RAK1p6mH2bqeqe0NXi/a
-+uhyAiZzXQIUUZFgnooxc304WHGCN7au8fI6NFOjvTI4PDrPV22gre2U9LVdL17X
-8XWlWGB5VGmy5yPTMwzCN92u5BchPY+QKzc4Vm7jt79tgzA62tu41XakPHiMh+Wc
-Sf5f0tFgYPqKAClCZsztIgXIzKuisfAgAuvFEsaCEeJHA82RRrwCogxVv32KgJu9
-Erath21YkUi9DjL1v2lrtflb/mcyAkuQYBUdOb8ve/0mhvaoD9Md0FWGkbs+0qLP
-cfpJ4tuE21yTaPBYxv5E7GzjwFt16WUA7lZcF3q1A2yWoTB7iUzMBup0W/avRdNL
-718uxdWaBAcJANm8RWPO6is368QzkK722OXl8A9r6ZxVYBEfYbt0mDA5lm4QC/QE
-XMBAOrCzyR8HUov9lEDIcZ2/H2GKk61ZyL7e9rd17NFQeNngtu+zD3Ee1oG8Eida
-yYEnS3Wx99waNaZimQuTmfny33gXnv362/ysHg+1JOZxXLJyftBgQJfF2oyCaiw2
-vUeInwuF1266ve1fhmiYz809cohQKgU9r669GHhTRIRRgCq42LzbCStTmjl/fOcF
-zEKLU7gvJ5K8s1NmGAeRLPKnGuKIBUsEiuBuCQ==
------END CERTIFICATE REQUEST-----
diff --git a/setup_env.sh b/setup_env.sh
new file mode 100644
index 0000000..f10c145
--- /dev/null
+++ b/setup_env.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+rm -rf .env
+echo TAG=$TAG >> .env
+echo IMAGE_NAME=$IMAGE_NAME >> .env
+echo DOCKER_REGISTRY=$DOCKER_REGISTRY >> .env
+echo CERT_PATH=$CERT_PATH >> .env
+echo CERT_KEY_PATH=$CERT_KEY_PATH >> .env
+
+rm -rf .nginx
+mkdir .nginx
+cd .nginx
+echo "$PRIVATE_KEY" > privkey.pem
+echo "$CERTIFICATE" > fullchain.pem
+echo "$NGINX_CONF" > nginx.conf