Nginx

# /etc/nginx/sites-available/wwh, linked to  /etc/nginx/sites-enabled
server {
        server_name wwh.codevillains.com;

        location / {
                proxy_pass http://127.0.0.1:3000;

                proxy_redirect     default;

                proxy_set_header   Host             $host;
                proxy_set_header   X-Real-IP        $remote_addr;
                proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
                proxy_max_temp_file_size 0;

                client_max_body_size       10m;
                client_body_buffer_size    128k;

                proxy_connect_timeout      90;
                proxy_send_timeout         90;
                proxy_read_timeout         90;

                proxy_buffer_size          4k;
                proxy_buffers              4 32k;
                proxy_busy_buffers_size    64k;
                proxy_temp_file_write_size 64k;
        }
}

sudo certbot certonly --nginx -d domain.com -d domain.com
# it mdifies config and so on (if i recall correctly ;))