diff --git a/Makefile b/Makefile
index 412a307..a29af92 100644
--- a/Makefile
+++ b/Makefile
@@ -26,4 +26,6 @@ tarball: $(RPM_SOURCEDIR)/$(NAME)-$(VERSION).tar.gz
 .PHONY: install
 install:
 	install --directory $(DESTDIR)$(RPM_SYSCONFDIR)/nginx
-	install --target-directory=$(DESTDIR)$(RPM_SYSCONFDIR)/nginx nginx.conf
+	install --target-directory=$(DESTDIR)$(RPM_SYSCONFDIR)/nginx etc/nginx/nginx.conf
+	install --directory $(DESTDIR)$(RPM_SYSCONFDIR)/certbot
+	install --target-directory=$(DESTDIR)$(RPM_SYSCONFDIR)/certbot etc/certbot/ovh.ini.tpl
diff --git a/netoik-rp.spec b/netoik-rp.spec
index 0439913..bfa54e1 100644
--- a/netoik-rp.spec
+++ b/netoik-rp.spec
@@ -8,9 +8,9 @@ License:        MIT
 URL:            https://git.netoik.io/samuel/netoik-rp
 
 Source0:        %{name}-%{version}.tar.gz
-Buildarch:      x86_64
+Buildarch:      noarch
 BuildRequires:  make
-Requires:       nginx
+Requires:       nginx,python3,python-devel,augeas-devel,gcc
 
 %description
 Install the reverse proxy called nginx with a predefined configuration and with TLS certificates attached to netoik.io
@@ -21,8 +21,18 @@ Install the reverse proxy called nginx with a predefined configuration and with
 %install
 %make_install
 
+%post
+if [ $1 == 1 ]; then
+  python3 -m venv /opt/certbot
+  /opt/certbot/bin/pip install --upgrade pip certbot certbot-dns-ovh
+  envsubst < %{_sysconfdir}/certbot/ovh.ini.tpl > %{_sysconfdir}/certbot/ovh.ini
+  /opt/certbot/bin/certbot certonly --dns-ovh --dns-ovh-credentials "%{_sysconfdir}/certbot/ovh.ini" -d "*.netoik.io" -d "*.samuel-campos.fr"
+fi
+
 %files
-%attr(644, root, root) /%{_sysconfdir}/nginx/nginx.conf
+%attr(755, root, root) %dir %{_sysconfdir}/certbot
+%attr(600, root, root) %config %{_sysconfdir}/certbot/ovh.ini
+%attr(644, root, root) %{_sysconfdir}/certbot/ovh.ini.tpl
 
 %changelog
 %autochangelog