diff --git a/stack/monitor/buildout.cfg b/stack/monitor/buildout.cfg
index 6cd24b63b7ba5a5ea067bd251a94610242372fb9..9dd57a72f4e67b56542d56db10c80e9107696518 100644
--- a/stack/monitor/buildout.cfg
+++ b/stack/monitor/buildout.cfg
@@ -2,8 +2,10 @@
 
 extends =
   ../../component/dcron/buildout.cfg
+  ../../component/openssl/buildout.cfg
+  ../../component/nginx/buildout.cfg
 
-parts =
+parts +=
   backup-script-template
   collective.recipe.template-egg
   dcron
@@ -12,8 +14,10 @@ parts =
   make-rss
   monitor-bin
   monitor-template
+  nginx
   rss-bin
   slapos-cookbook
+  template-nginx-conf
 
 [collective.recipe.template-egg]
 recipe = zc.recipe.egg
@@ -71,12 +75,13 @@ output = $${directory:services}/crond
 mode = 0700
 logfile = $${directory:log}/crond.log
 
-#[status2rss]
-#recipe = slapos.recipe.download
-#url = ${:_profile_base_location_}/status2rss.py
-#md5sum = 916f37f083b1ef391adea2f7a717bf8a
-#location = ${buildout:parts-directory}/${:_buildout_section_name_}/status2rss.py
-#mode = 0644
+[template-nginx-conf]
+recipe = hexagonit.recipe.download
+url = ${:_profile_base_location_}/${:filename}
+download-only = true
+#md5sum = 
+filename = nginx_rss.conf.in
+mode = 0644
 
 [eggs]
 recipe = z3c.recipe.scripts
diff --git a/stack/monitor/monitor.cfg.in b/stack/monitor/monitor.cfg.in
index 4cef1bbb9bae2c5d09782f56023e16ff475423d3..27af492574d523d7f9a2aeebd0c2192819475d1d 100644
--- a/stack/monitor/monitor.cfg.in
+++ b/stack/monitor/monitor.cfg.in
@@ -1,8 +1,19 @@
+[slap-parameters]
+recipe = slapos.cookbook:slapconfiguration
+computer = $${slap-connection:computer-id}
+partition = $${slap-connection:partition-id}
+url = $${slap-connection:server-url}
+key = $${slap-connection:key-file}
+cert = $${slap-connection:cert-file}
+
 [directory]
 home = $${buildout:directory}
 etc = $${:home}/etc
 bin = $${:home}/bin
+srv = $${:home}/srv
+
 var = $${:home}/var
+ca-dir = $${:srv}/ssl
 cron-entries = $${:etc}/cron.d
 crontabs = $${:etc}/crontabs
 cronstamps = $${:etc}/cronstamps
@@ -10,6 +21,10 @@ log = $${:var}/log
 monitor = $${:etc}/monitor
 monitor-result = $${:var}/monitor
 promise = $${:etc}/promise
+run = $${:etc}/run
+service = $${:etc}/service/
+tmp = $${:home}/tmp
+www = $${:var}/www
 
 [cron]
 recipe = slapos.cookbook:cron
@@ -74,4 +89,74 @@ recipe = slapos.recipe.template
 url = ${make-rss-script:output}
 output = $${directory:bin}/make-rss.sh
 #md5sum = 
-mode = 0744
\ No newline at end of file
+mode = 0744
+
+[tempdirectory]
+recipe = slapos.cookbook:mkdirectory
+client_body_temp_path = $${directory:tmp}/client_body_temp_path
+proxy_temp_path = $${directory:tmp}/proxy_temp_path
+fastcgi_temp_path = $${directory:tmp}/fastcgi_temp_path
+uwsgi_temp_path = $${directory:tmp}/uwsgi_temp_path
+scgi_temp_path = $${directory:tmp}/scgi_temp_path
+
+[cadirectory]
+recipe = slapos.cookbook:mkdirectory
+requests = $${directory:ca-dir}/requests/
+private = $${directory:ca-dir}/private/
+certs = $${directory:ca-dir}/certs/
+newcerts = $${directory:ca-dir}/newcerts/
+crl = $${directory:ca-dir}/crl/
+
+[certificate-authority]
+recipe = slapos.cookbook:certificate_authority
+openssl-binary = ${openssl:location}/bin/openssl
+ca-dir = $${directory:ca-dir}
+requests-directory = $${cadirectory:requests}
+wrapper = $${directory:service}/certificate_authority
+ca-private = $${cadirectory:private}
+ca-certs = $${cadirectory:certs}
+ca-newcerts = $${cadirectory:newcerts}
+ca-crl = $${cadirectory:crl}
+
+[ca-nginx]
+<= certificate-authority
+recipe = slapos.cookbook:certificate_authority.request
+key-file = $${cadirectory:certs}/nginx_rss.key
+cert-file = $${cadirectory:certs}/nginx_rss.crt
+executable = $${nginx-parameters:bin_launcher}
+wrapper = $${directory:service}/nginx-rss
+# Put domain name
+name = example.com
+
+[nginx-parameters]
+nb_workers = 2
+port = 9685
+global-ip = $${slap-parameters:ipv6}
+# SSL
+ssl-certificate = $${ca-nginx:cert-file}
+ssl-key = $${ca-nginx:key-file}
+# Log
+path_pid = $${directory:run}/nginx.pid
+path_log = $${directory:log}/nginx.log
+path_access_log = $${directory:log}/nginx.access.log
+path_error_log = $${directory:log}/nginx.error.log
+path_tmp = $${directory:tmp}
+# Config files
+nginx_conf = $${nginx-conf:rendered}
+# Executables
+bin_nginx = ${nginx:location}/sbin/nginx
+bin_launcher = $${directory:bin}/nginx-launcher
+www = $${directory:www}
+
+[nginx-conf]
+recipe = slapos.recipe.template:jinja2
+template = ${template-nginx-conf:location}/${template-nginx-conf:filename}
+rendered = $${directory:etc}/nginx_rss.conf
+context =
+    section param_nginx nginx-parameters
+    section param_tempdir tempdirectory
+
+[nginx-service]
+recipe = slapos.cookbook:wrapper
+wrapper-path = $${nginx-parameters:bin_launcher}
+command-line = $${nginx-parameters:bin_nginx} -c $${nginx-parameters:nginx_conf}
\ No newline at end of file
diff --git a/stack/monitor/nginx_rss.conf.in b/stack/monitor/nginx_rss.conf.in
new file mode 100644
index 0000000000000000000000000000000000000000..98c539b24f9f40f1eda6ee96e2e224541cea5b3f
--- /dev/null
+++ b/stack/monitor/nginx_rss.conf.in
@@ -0,0 +1,49 @@
+worker_processes {{ param_nginx['nb_workers'] }};
+
+pid {{ param_nginx['path_pid'] }};
+error_log {{ param_nginx['path_error_log'] }};
+
+daemon off;
+
+events {
+        worker_connections 1024;
+        accept_mutex off;
+}
+
+http {
+     default_type application/octet-stream;
+     access_log {{ param_nginx['path_access_log'] }} combined;
+     map $http_upgrade $connection_upgrade {
+        default upgrade;
+        ''      close;
+     }
+     
+     gzip on;
+     gzip_disable "msie6";
+     gzip_vary on;
+     gzip_proxied any;
+     gzip_comp_level 6;
+     gzip_buffers 16 8k;
+     gzip_http_version 1.1;
+     gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
+  
+     server {
+        listen [{{ param_nginx['global-ip'].pop() }}]:{{ param_nginx['port'] }} ssl;
+        server_name _;
+        ssl_certificate     {{ param_nginx['ssl-certificate'] }};
+        ssl_certificate_key {{ param_nginx['ssl-key'] }};
+        ssl_protocols       SSLv3 TLSv1 TLSv1.1 TLSv1.2;
+        ssl_ciphers         HIGH:!aNULL:!MD5;
+
+        keepalive_timeout 90s;
+        client_body_temp_path {{ param_tempdir['client_body_temp_path'] }};
+        proxy_temp_path {{ param_tempdir['proxy_temp_path'] }};
+        fastcgi_temp_path {{ param_tempdir['fastcgi_temp_path'] }};
+        uwsgi_temp_path {{ param_tempdir['uwsgi_temp_path'] }};
+        scgi_temp_path {{ param_tempdir['scgi_temp_path'] }};
+        
+        location / {
+          root {{ param_nginx['www'] }};
+        }
+     }
+}
\ No newline at end of file