diff --git a/roles/apps/tasks/extra_tasks/nginx.yml b/roles/apps/tasks/extra_tasks/nginx.yml
index 6d36e58..ed94d29 100644
--- a/roles/apps/tasks/extra_tasks/nginx.yml
+++ b/roles/apps/tasks/extra_tasks/nginx.yml
@@ -1,19 +1,19 @@
 # vim: ft=yaml.ansible
 # code: language=ansible
 ---
-- name: Create subdirectory for nginx config files
+- name: Create subdirectory for NGINX config files
   ansible.builtin.file:
     path: "{{ apps_data_root }}/nginx/data/conf.d"
     owner: root
     mode: u=rwx,g=rx,o=rx
     state: directory
 
-- name: Copy nginx configs
+- name: Copy NGINX configs
   ansible.builtin.template:
-    src: nginx/conf.d/{{ app }}.conf.j2
-    dest: "{{ apps_data_root }}/nginx/data/conf.d/{{ app }}.conf"
+    src: nginx/conf.d/{{ config }}.conf.j2
+    dest: "{{ apps_data_root }}/nginx/data/conf.d/{{ config }}.conf"
     owner: root
     mode: u=rw,g=r,o=r
-  loop: "{{ apps_proxied }}"
+  loop: "{{ ['http', apps_proxied] | flatten }}"
   loop_control:
-    loop_var: app
+    loop_var: config
diff --git a/roles/apps/templates/nginx/conf.d/http.conf.j2 b/roles/apps/templates/nginx/conf.d/http.conf.j2
new file mode 100644
index 0000000..490452b
--- /dev/null
+++ b/roles/apps/templates/nginx/conf.d/http.conf.j2
@@ -0,0 +1,11 @@
+{# code: language=ansible-jinja #}
+# THIS FILE IS MANAGED BY ANSIBLE
+
+set_real_ip_from {{ proxy_host }};
+real_ip_header X-Forwarded-For;
+real_ip_recursive on;
+
+map $http_upgrade $connection_upgrade {  
+    default upgrade;
+    ''      close;
+}
diff --git a/roles/apps/templates/nginx/conf.d/ipfs.conf.j2 b/roles/apps/templates/nginx/conf.d/ipfs.conf.j2
index e91fe1e..daa144a 100644
--- a/roles/apps/templates/nginx/conf.d/ipfs.conf.j2
+++ b/roles/apps/templates/nginx/conf.d/ipfs.conf.j2
@@ -12,6 +12,7 @@ server {
 
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto "https";
+        proxy_set_header X-Real-IP $remote_addr;
     }
 }
 
@@ -23,7 +24,9 @@ server {
         resolver 127.0.0.11 valid=30s;
         set $upstream http://ipfs:8080;
         proxy_pass $upstream;
+
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto "https";
+        proxy_set_header X-Real-IP $remote_addr;
     }
 }
diff --git a/roles/apps/templates/nginx/conf.d/monerod.conf.j2 b/roles/apps/templates/nginx/conf.d/monerod.conf.j2
index 081f00a..996ab4e 100644
--- a/roles/apps/templates/nginx/conf.d/monerod.conf.j2
+++ b/roles/apps/templates/nginx/conf.d/monerod.conf.j2
@@ -12,5 +12,6 @@ server {
 
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto "https";
+        proxy_set_header X-Real-IP $remote_addr;
     }
 }
diff --git a/roles/apps/templates/nginx/conf.d/nextcloud.conf.j2 b/roles/apps/templates/nginx/conf.d/nextcloud.conf.j2
index 03e1542..e1cb0c8 100644
--- a/roles/apps/templates/nginx/conf.d/nextcloud.conf.j2
+++ b/roles/apps/templates/nginx/conf.d/nextcloud.conf.j2
@@ -12,6 +12,7 @@ server {
 
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto "https";
+        proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection $connection_upgrade;