diff --git a/autonginx b/autonginx
index c233b19..ace0a92 100644
--- a/autonginx
+++ b/autonginx
@@ -7,7 +7,7 @@ IP:   adresse ip locale du service (127.0.0.1 si sur cette machine, 172.23.100.X
 PORT: port utilisé par le service (entre 1 et 65535; certains ports sont déjà utilisés)"
 
 error() {
-	echo "$@"
+	echo "$@" >&2
 	exit 1
 }
 
@@ -39,7 +39,6 @@ sanitize() {
 			*) error "$USAGE";;
 		esac
 	fi
-	echo "looks good"
 }
 
 verify() {
@@ -49,10 +48,12 @@ verify() {
 	if ! timeout 1 sh -c "(echo > /dev/tcp/$IP/$PORT) >/dev/null 2>&1"; then
 		error "Error : Port $PORT isn't open"
 	fi
-	echo "is good"
 }
 
 main() {
+	if [ "$(id -u)" -ne 0 ]; then
+		error "Please run as root." >&2
+	fi
 	if [ $# != 3 ]; then
 		error "$USAGE"
 	fi
@@ -74,10 +75,18 @@ main() {
 
 	sanitize
 	verify
-	echo "$NGINX"
-	# generate config, put it in right location
-	# verify nginx config (nginx -t)
-	# generate ssl certificate
+	mkdir -p /etc/nginx/sites-available
+	mkdir -p /etc/nginx/sites-enabled
+	sh -c 'echo "${0}" > /etc/nginx/sites-available/${1}' "$NGINX" "$URL"
+	ln -s "/etc/nginx/sites-available/$URL" "/etc/nginx/sites-enabled/$URL"
+	if nginx -t >/dev/null 2>/dev/null; then
+		rm -f "/etc/nginx/sites-available/$URL" "/etc/nginx/sites-enabled/$URL"
+		error "Error : Nginx config failed"
+	fi
+	if certbot run --nginx -d "$URL"; then
+		rm -f "/etc/letsencrypt/live/$URL" "/etc/letsencrypt/archive/$URL"
+		error "Error : certbot failure"
+	fi
 }
 
 main "$@"