diff --git a/defaults/main.yml b/defaults/main.yml
index a89ac23..fdb15fc 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -3,6 +3,9 @@ resolver:
   - 8.8.4.4
 
 nginx:
+  real_ip_from:
+    "127.0.0.1": {}
+    "::1": {}
   monitoring: true
   serverpki: true
   php: false
diff --git a/tasks/main.yml b/tasks/main.yml
index 5e058bd..31f247d 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -18,7 +18,7 @@
 
 - name: execute ssl template
   template:
-    src: ssl_files.j2
+    src: ssl_files.conf.j2
     dest: /etc/nginx/conf.d/ssl_files.conf
   notify:
   - restart nginx
@@ -37,10 +37,17 @@
   notify:
   - restart nginx
 
+- name: execute proxy template
+  template:
+    src: proxy.conf.j2
+    dest: /etc/nginx/conf.d/proxy.conf
+  notify:
+  - restart nginx
+
 - name: create nginx vhosts
   template:
+    src: vhost.conf.j2
     dest: "/etc/nginx/sites-available/{{ item.key }}"
-    src: vhost.j2
   with_dict: "{{ nginx.vhosts }}"
   notify:
   - restart nginx
diff --git a/templates/proxy.conf.j2 b/templates/proxy.conf.j2
new file mode 100644
index 0000000..f688027
--- /dev/null
+++ b/templates/proxy.conf.j2
@@ -0,0 +1,4 @@
+{% for ip in nginx.real_ip_from %}
+set_real_ip_from    {{ ip }};
+{% endfor %}
+real_ip_header      X-Forwarded-For;
diff --git a/templates/ssl_files.j2 b/templates/ssl_files.conf.j2
similarity index 100%
rename from templates/ssl_files.j2
rename to templates/ssl_files.conf.j2
diff --git a/templates/vhost.j2 b/templates/vhost.conf.j2
similarity index 100%
rename from templates/vhost.j2
rename to templates/vhost.conf.j2