diff --git a/consul/secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt.sample b/consul/secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt.sample
new file mode 100644
index 0000000..e69de29
diff --git a/consul/secrets/jitsi/auth.jitsi.deuxfleurs.fr.key.sample b/consul/secrets/jitsi/auth.jitsi.deuxfleurs.fr.key.sample
new file mode 100644
index 0000000..e69de29
diff --git a/consul/secrets/jitsi/global_env.sample b/consul/secrets/jitsi/global_env.sample
new file mode 100644
index 0000000..e69de29
diff --git a/consul/secrets/jitsi/jitsi.deuxfleurs.fr.crt.sample b/consul/secrets/jitsi/jitsi.deuxfleurs.fr.crt.sample
new file mode 100644
index 0000000..e69de29
diff --git a/consul/secrets/jitsi/jitsi.deuxfleurs.fr.key.sample b/consul/secrets/jitsi/jitsi.deuxfleurs.fr.key.sample
new file mode 100644
index 0000000..e69de29
diff --git a/nomad/jitsi.hcl b/nomad/jitsi.hcl
index 7f69d80..09d9ccd 100644
--- a/nomad/jitsi.hcl
+++ b/nomad/jitsi.hcl
@@ -1,9 +1,7 @@
 /*
  * WIP WIP WIP WIP
  *
- *   + NEED TO INJECT CERTIFICATES
  *   + NEED TO SET ENV VARIABLES
- *   + ADD AT LEAST jitsi-videobridge.jitsi.deuxfleurs.fr TO DNS
  */
 
 job "jitsi" {
@@ -28,6 +26,28 @@ job "jitsi" {
         }
       }
 
+      template {
+        data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}"
+        destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt"
+      }
+      template {
+        data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.key\" }}"
+        destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.key"
+      }
+      template {
+        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}"
+        destination = "secrets/certs/jitsi.deuxfleurs.fr.crt"
+      }
+      template {
+        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.key\" }}"
+        destination = "secrets/certs/jitsi.deuxfleurs.fr.key"
+      }
+      template {
+        data = "{{ key \"secrets/jitsi/global_env\" }}"
+        destination = "secrets/global_env"
+        env = true
+      }
+
       resources {
         cpu = 300
         memory = 200
@@ -75,6 +95,20 @@ job "jitsi" {
         }
       }
 
+      template {
+        data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}"
+        destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt"
+      }
+      template {
+        data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.key\" }}"
+        destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.key"
+      }
+      template {
+        data = "{{ key \"secrets/jitsi/global_env\" }}"
+        destination = "secrets/global_env"
+        env = true
+      }
+
       resources {
         cpu = 300
         memory = 200
@@ -90,7 +124,8 @@ job "jitsi" {
           "jitsi",
           "traefik.enable=true",
           "traefik.frontend.entryPoints=https,http",
-          "traefik.frontend.rule=Host:jitsi.deuxfleurs.fr;PathPrefix:/"
+          "traefik.frontend.rule=Host:jitsi.deuxfleurs.fr;PathPrefix:/",
+          "traefik.protocol=https"
         ]
         port = "https_port"
         address_mode = "host"
@@ -116,6 +151,20 @@ job "jitsi" {
         network_mode = "host"
       }
 
+      template {
+        data = "{{ key \"secrets/jitsi/jitsi.deuxfleurs.fr.crt\" }}"
+        destination = "secrets/certs/jitsi.deuxfleurs.fr.crt"
+      }
+      template {
+        data = "{{ key \"secrets/jitsi/auth.jitsi.deuxfleurs.fr.crt\" }}"
+        destination = "secrets/certs/auth.jitsi.deuxfleurs.fr.crt"
+      }
+      template {
+        data = "{{ key \"secrets/jitsi/global_env\" }}"
+        destination = "secrets/global_env"
+        env = true
+      }
+
       resources {
         cpu = 300
         memory = 200
@@ -133,6 +182,12 @@ job "jitsi" {
         }
       }
 
+      template {
+        data = "{{ key \"secrets/jitsi/global_env\" }}"
+        destination = "secrets/global_env"
+        env = true
+      }
+
       resources {
         cpu = 300
         memory = 500