diff --git a/Nginx-Reverse-Proxy-Configuration.md b/Nginx-Reverse-Proxy-Configuration.md
new file mode 100644
index 0000000..d177957
--- /dev/null
+++ b/Nginx-Reverse-Proxy-Configuration.md
@@ -0,0 +1,25 @@
+# This first block redirects non-HTTPS traffic to secure port 443. Optional, but recommended.
+server {
+    listen 80;
+    listen [::]:80;
+    server_name invidious.domain.tld;
+
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name invidious.domain.tld;
+
+    ssl_certificate /etc/letsencrypt/live/invidious.domain.tld/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/invidious.domain.tld/privkey.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:3000/;
+        proxy_set_header   Host                $host;
+        proxy_set_header   X-Real-IP           $remote_addr;
+        proxy_set_header   X-Forwarded-For     $proxy_add_x_forwarded_for;
+        proxy_set_header   X-Forwarded-Proto   $scheme;
+    }
+}
\ No newline at end of file