diff --git a/cmd/nginx/Dockerfile b/cmd/nginx/Dockerfile
deleted file mode 100644
index cd438c4..0000000
--- a/cmd/nginx/Dockerfile
+++ /dev/null
@@ -1,15 +0,0 @@
-FROM nginx:stable-alpine
-
-ADD nginx.conf /etc/nginx/nginx.conf
-ADD podsync.conf /etc/nginx/conf.d/podsync.conf
-
-ADD entrypoint.sh /entrypoint.sh
-ADD le.sh /le.sh
-
-RUN rm /etc/nginx/conf.d/default.conf && \
-    chmod +x /entrypoint.sh && \
-    chmod +x /le.sh && \
-    apk add  --update certbot tzdata openssl && \
-    rm -rf /var/cache/apk/*
-
-CMD ["/entrypoint.sh"]
\ No newline at end of file
diff --git a/cmd/nginx/build.sh b/cmd/nginx/build.sh
deleted file mode 100755
index 7017873..0000000
--- a/cmd/nginx/build.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/usr/bin/env bash
-
-docker build -t nginx .
-docker tag nginx gcr.io/pod-sync/nginx
-gcloud docker -- push gcr.io/pod-sync/nginx
\ No newline at end of file
diff --git a/cmd/nginx/entrypoint.sh b/cmd/nginx/entrypoint.sh
deleted file mode 100644
index 3a9a703..0000000
--- a/cmd/nginx/entrypoint.sh
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-echo "start nginx"
-
-#set TZ
-cp /usr/share/zoneinfo/$TZ /etc/localtime && \
-echo $TZ > /etc/timezone && \
-
-#setup ssl keys
-echo "ssl_key=${SSL_KEY:=le-key.pem}, ssl_cert=${SSL_CERT:=le-crt.pem}"
-SSL_KEY=/etc/nginx/ssl/${SSL_KEY}
-SSL_CERT=/etc/nginx/ssl/${SSL_CERT}
-mkdir -p /etc/nginx/conf.d
-mkdir -p /etc/nginx/ssl
-
-#copy /etc/nginx/service.conf if mounted
-if [ -f /etc/nginx/service.conf ]; then
-    cp -fv /etc/nginx/service.conf /etc/nginx/conf.d/service.conf
-fi
-
-#replace SSL_KEY and SSL_CERT by actual keys
-sed -i "s|SSL_KEY|${SSL_KEY}|g" /etc/nginx/conf.d/*.conf
-sed -i "s|SSL_CERT|${SSL_CERT}|g" /etc/nginx/conf.d/*.conf
-
-#generate dhparams.pem
-if [ ! -f /etc/nginx/ssl/dhparams.pem ]; then
-    echo "make dhparams"
-    cd /etc/nginx/ssl
-    openssl dhparam -out dhparams.pem 2048
-    chmod 600 dhparams.pem
-fi
-
-#disable ssl configuration and let it run without SSL
-mv -v /etc/nginx/conf.d /etc/nginx/conf.d.disabled
-
-(
- sleep 5 #give nginx time to start
- echo "start letsencrypt updater"
- while :
- do
-	echo "trying to update letsencrypt ..."
-    /le.sh
-    rm -f /etc/nginx/conf.d/default.conf 2>/dev/null #remove default config, conflicting on 80
-    mv -v /etc/nginx/conf.d.disabled /etc/nginx/conf.d #enable
-    echo "reload nginx with ssl"
-    nginx -s reload
-    sleep 60d
- done
-) &
-
-nginx -g "daemon off;"
diff --git a/cmd/nginx/le.sh b/cmd/nginx/le.sh
deleted file mode 100644
index ec1ff8a..0000000
--- a/cmd/nginx/le.sh
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/sh
-
-if [ "$LETSENCRYPT" = "true" ]; then
-    certbot certonly -t -n --agree-tos --renew-by-default --email "${LE_EMAIL}" --webroot -w /usr/share/nginx/html -d $LE_FQDN
-    FIRST_FQDN=$(echo "$LE_FQDN" | cut -d"," -f1)
-    cp -fv /etc/letsencrypt/live/$FIRST_FQDN/privkey.pem /etc/nginx/ssl/le-key.pem
-    cp -fv /etc/letsencrypt/live/$FIRST_FQDN/fullchain.pem /etc/nginx/ssl/le-crt.pem
-else
-    echo "letsencrypt disabled"
-fi
diff --git a/cmd/nginx/nginx.conf b/cmd/nginx/nginx.conf
deleted file mode 100644
index 6b2fd8c..0000000
--- a/cmd/nginx/nginx.conf
+++ /dev/null
@@ -1,45 +0,0 @@
-user                nginx;
-worker_processes    1;
-
-error_log           /var/log/nginx/error.log warn;
-pid                 /var/run/nginx.pid;
-
-events {
-    worker_connections  1024;
-}
-
-http {
-    include       /etc/nginx/mime.types;
-    default_type  application/octet-stream;
-
-    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
-                      '$status $body_bytes_sent "$http_referer" '
-                      '"$http_user_agent" "$http_x_forwarded_for"';
-
-    access_log          /var/log/nginx/access.log  main;
-
-    sendfile            on;
-    keepalive_timeout   65;
-
-    gzip            on;
-    server_tokens   off;
-
-    limit_conn_zone $binary_remote_addr zone=perip:10m;
-    limit_conn_zone $server_name zone=perserver:10m;
-
-    client_body_buffer_size     4K;
-    client_header_buffer_size   4k;
-    client_max_body_size        4k;
-    large_client_header_buffers 2 4k;
-
-    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # omit SSLv3 because of POODLE (CVE-2014-3566)
-    ssl_dhparam /etc/nginx/ssl/dhparams.pem;
-    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DES-CBC3-SHA';
-    ssl_prefer_server_ciphers on;
-    ssl_stapling on;
-    ssl_session_cache shared:SSL:50m;
-    ssl_stapling_verify on;
-    ssl_ecdh_curve secp384r1;
-
-    include /etc/nginx/conf.d/*.conf;
-}