diff --git a/doc/deployment-docker.md b/doc/deployment-docker.md
index 1811ed8..e1cbb4c 100644
--- a/doc/deployment-docker.md
+++ b/doc/deployment-docker.md
@@ -185,27 +185,18 @@ sudo chmod 644 config/jwt/private.pem config/jwt/public.pem
 mkdir -p uploads
 ```
 
-### 8. Configurer Nginx systeme
+### 8. Configurer Nginx systeme (reverse proxy + maintenance)
 
-Creer `/etc/nginx/sites-available/coltura.conf` :
+Copier la config reverse proxy depuis le repo :
 
-```nginx
-server {
-    listen 80;
-    server_name coltura.malio-dev.fr;
-
-    client_max_body_size 55m;
-
-    location / {
-        proxy_pass http://127.0.0.1:8083;
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-    }
-}
+```bash
+sudo cp infra/prod/nginx-proxy.conf /etc/nginx/sites-available/coltura.conf
 ```
 
+Ou creer `/etc/nginx/sites-available/coltura.conf` manuellement (voir `infra/prod/nginx-proxy.conf`).
+
+La config inclut le **mode maintenance** : si le fichier `/var/www/coltura/maintenance.on` existe, Nginx renvoie une 503 avec `maintenance.html`.
+
 Activer le site :
 
 ```bash
@@ -213,6 +204,18 @@ sudo ln -sf /etc/nginx/sites-available/coltura.conf /etc/nginx/sites-enabled/col
 sudo nginx -t && sudo systemctl reload nginx
 ```
 
+### Mode maintenance
+
+```bash
+# Activer la maintenance
+touch /var/www/coltura/maintenance.on
+
+# Desactiver la maintenance
+rm /var/www/coltura/maintenance.on
+```
+
+Optionnel : creer une page `/var/www/coltura/public/maintenance.html` personnalisee.
+
 ### 9. Deployer
 
 ```bash
diff --git a/infra/prod/nginx-proxy.conf b/infra/prod/nginx-proxy.conf
new file mode 100644
index 0000000..40355fb
--- /dev/null
+++ b/infra/prod/nginx-proxy.conf
@@ -0,0 +1,31 @@
+server {
+    listen 80;
+    listen [::]:80;
+    server_name coltura.malio-dev.fr;
+
+    root /var/www/coltura/public;
+
+    # Maintenance mode
+    if (-f /var/www/coltura/maintenance.on) {
+        return 503;
+    }
+
+    error_page 503 @maintenance;
+
+    location @maintenance {
+        rewrite ^(.*)$ /maintenance.html break;
+    }
+
+    location = /maintenance.html {
+        internal;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8083;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        client_max_body_size 55m;
+    }
+}