### Let's Encrypt

Let's Encrypt provides free SSL certificates trusted by most browsers, ideal for production environments.

#### Prerequisites

- **Certbot** installed on your system.
- DNS records properly configured to point to your server.

#### Steps

1. **Create Directories for Nginx Files:**

    ```bash
    mkdir -p conf.d ssl
    ```

2. **Create Nginx Configuration File:**

    **`conf.d/open-webui.conf`:**

    ```nginx
    server {
        listen 80;
        server_name your_domain_or_IP;

        location / {
            proxy_pass http://host.docker.internal:3000;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;

            # (Optional) Disable proxy buffering for better streaming response from models
            proxy_buffering off;
        }
    }
    ```

3. **Simplified Let's Encrypt Script:**

    **`enable_letsencrypt.sh`:**

    ```bash
    #!/bin/bash

    # Description: Simplified script to obtain and install Let's Encrypt SSL certificates using Certbot.

    DOMAIN="your_domain_or_IP"
    EMAIL="your_email@example.com"

    # Install Certbot if not installed
    if ! command -v certbot &> /dev/null; then
        echo "Certbot not found. Installing..."
        sudo apt-get update
        sudo apt-get install -y certbot python3-certbot-nginx
    fi

    # Obtain SSL certificate
    sudo certbot --nginx -d "$DOMAIN" --non-interactive --agree-tos -m "$EMAIL"

    # Reload Nginx to apply changes
    sudo systemctl reload nginx

    echo "Let's Encrypt SSL certificate has been installed and Nginx reloaded."
    ```

    **Make the script executable:**

    ```bash
    chmod +x enable_letsencrypt.sh
    ```

4. **Update Docker Compose Configuration:**

    Add the Nginx service to your `docker-compose.yml`:

    ```yaml
    services:
      nginx:
        image: nginx:alpine
        ports:
          - "80:80"
          - "443:443"
        volumes:
          - ./conf.d:/etc/nginx/conf.d
          - ./ssl:/etc/nginx/ssl
        depends_on:
          - open-webui
    ```

5. **Start Nginx Service:**

    ```bash
    docker compose up -d nginx
    ```

6. **Run the Let's Encrypt Script:**

    Execute the script to obtain and install the SSL certificate:

    ```bash
    ./enable_letsencrypt.sh
    ```

#### Access the WebUI

Access Open WebUI via HTTPS at:

[https://your_domain_or_IP](https://your_domain_or_IP)