diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..68f5d13
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+/data/certbot
diff --git a/data/nginx/app.conf b/data/nginx/app.conf
index cd90438..52dc0e7 100644
--- a/data/nginx/app.conf
+++ b/data/nginx/app.conf
@@ -1,6 +1,7 @@
 server {
     listen 80;
     server_name example.org;
+    server_tokens off;
 
     location /.well-known/acme-challenge/ {
         root /var/www/certbot;
@@ -14,6 +15,7 @@ server {
 server {
     listen 443 ssl;
     server_name example.org;
+    server_tokens off;
 
     ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem;
@@ -21,6 +23,9 @@ server {
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 
     location / {
-        proxy_pass http://example.org;
+        proxy_pass  http://example.org;
+        proxy_set_header    Host                $http_host;
+        proxy_set_header    X-Real-IP           $remote_addr;
+        proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
     }
 }
diff --git a/docker-compose.yml b/docker-compose.yml
index ed189d2..9615cc1 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,7 +1,9 @@
 version: '3'
+
 services:
   nginx:
     image: nginx:1.15-alpine
+    restart: unless-stopped
     volumes:
       - ./data/nginx:/etc/nginx/conf.d
       - ./data/certbot/conf:/etc/letsencrypt
@@ -12,6 +14,7 @@ services:
     command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
   certbot:
     image: certbot/certbot
+    restart: unless-stopped
     volumes:
       - ./data/certbot/conf:/etc/letsencrypt
       - ./data/certbot/www:/var/www/certbot
diff --git a/init-letsencrypt.sh b/init-letsencrypt.sh
index 330c38f..9073664 100644
--- a/init-letsencrypt.sh
+++ b/init-letsencrypt.sh
@@ -1,68 +1,83 @@
 #!/bin/bash
 
-domains=( "example.org" "example.com" )
+domains=(example.com example.org)
 rsa_key_size=4096
 data_path="./data/certbot"
-email="" #Adding a valid address is strongly recommended 
-staging=0 #Set to 1 if you're just testing your setup to avoid hitting request limits
+email="" # Adding a valid address is strongly recommended
+staging=0 # Set to 1 if you're testing your setup to avoid hitting request limits
+
+if [ "$EUID" -ne 0 ]; then
+  read -p "You ran this script without root privileges, do you want to continue? (WARNING: script won't be able to delete generated by Let's Encrypt TLS certificates) (Y/n) " decision
+  case $decision in
+    [Y]* ) ;;
+    [n]* ) exit;;
+    * ) echo "Please choose the right variant (Y/n).";;
+  esac
+fi
+
 
 echo "### Preparing directories in $data_path ..."
-rm -Rf "$data_path"
-mkdir -p "$data_path/www"
-mkdir -p "$data_path/conf/live/$domains"
+if [ -d "$data_path" ]; then
+  read -p "There is already folder with certbot data, do you want to remove it? (WARNING: removing folder will remove all data which is stored in the $data_path) (Y/n) " decision
+  case $decision in
+    [Y]* ) rm -rf "$data_path" && mkdir -p "$data_path";;
+    [n]* ) ;;
+    * ) echo "Please choose the right variant (Y/n).";;
+  esac
+fi
 
 
-echo "### Creating dummy certificate ..."
-path="/etc/letsencrypt/live/$domains"
-mkdir -p "$path"
-docker-compose run --rm --entrypoint "\
-    openssl req -x509 -nodes -newkey rsa:1024 -days 1\
-      -keyout '$path/privkey.pem' \
-      -out '$path/fullchain.pem' \
-      -subj '/CN=localhost'" certbot
+if [ ! -e "$data_path/conf/options-ssl-nginx.conf" ] && [ ! -e "$data_path/conf/ssl-dhparams.pem" ]; then
+  echo "### Downloading recommended TLS parameters ..."
+  mkdir -p "$data_path/conf"
+  curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/options-ssl-nginx.conf > "$data_path/conf/options-ssl-nginx.conf"
+  curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot/ssl-dhparams.pem > "$data_path/conf/ssl-dhparams.pem"
+fi
 
 
-echo "### Downloading recommended HTTPS parameters ..."
-curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/options-ssl-nginx.conf > "$data_path/conf/options-ssl-nginx.conf"
-curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot/ssl-dhparams.pem > "$data_path/conf/ssl-dhparams.pem"
-
-
-echo "### Starting nginx ..."
-docker-compose up -d nginx
-
-
-echo "### Deleting dummy certificate ..."
-sudo rm -Rf "$data_path/conf/live"
-
-echo "### Downloading recommended TLS options ..."
-curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/options-ssl-nginx.conf > "$data_path/conf/options-ssl-nginx.conf"
-curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot/ssl-dhparams.pem > "$data_path/conf/ssl-dhparams.pem"
-
-
-echo "### Requesting initial certificate ..."
-
-#Join $domains to -d args
-domain_args=""
 for domain in "${domains[@]}"; do
-  domain_args="$domain_args -d $domain"
+  if [ -d "$data_path/conf/live/$domain" ]; then
+    read -p "There is already folder with $domain domain data, do you want to remove it? (WARNING: removing folder will remove all certbot data for this domain) (Y/n) " decision
+    case $decision in
+      [Y]* ) rm -rf "$data_path/conf/live/$domain" && mkdir -p "$data_path/conf/live/$domain";;
+      [n]* ) domains=(${domains[@]/$domain});;
+      * ) echo "Please choose the right variant (Y/n).";;
+    esac
+  else
+    mkdir -p "$data_path/conf/live/$domain"
+  fi
 done
 
-#Select appropriate email arg
+
+for domain in "${domains[@]}"; do
+  echo "### Creating dummy certificate for $domain domain..."
+
+  path="/etc/letsencrypt/live/$domain"
+  docker-compose run --rm --entrypoint "openssl req -x509 -nodes -newkey rsa:1024 \
+  -days 1 -keyout '$path/privkey.pem' -out '$path/fullchain.pem' -subj '/CN=localhost'" certbot
+done
+
+echo "### Starting nginx ..."
+# Restarting for case if nginx container is already started
+docker-compose up -d nginx && docker-compose restart nginx
+
+# Select appropriate email arg
 case "$email" in
   "") email_arg="--register-unsafely-without-email" ;;
   *) email_arg="--email $email" ;;
 esac
 
-#Enable staging mode if needed
+# Enable staging mode if needed
 if [ $staging != "0" ]; then staging_arg="--staging"; fi
 
-docker-compose run --rm --entrypoint "\
-  certbot certonly --webroot -w /var/www/certbot \
-    $staging_arg \
-    $email_arg \
-    $domain_args \
-    --rsa-key-size $rsa_key_size \
-    --agree-tos \
-    --force-renewal" certbot
+for domain in "${domains[@]}"; do
+  echo "### Deleting dummy certificate for $domain domain ..."
+  rm -rf "$data_path/conf/live/$domain"
 
-docker-compose stop nginx
+  echo "### Requesting Let's Encrypt certificate for $domain domain ..."
+  mkdir -p "$data_path/www"
+  docker-compose run --rm --entrypoint "certbot certonly --webroot -w /var/www/certbot -d $domain \
+  $staging_arg $email_arg --rsa-key-size $rsa_key_size --agree-tos --force-renewal" certbot
+done
+
+docker-compose exec nginx nginx -s reload