diff --git a/modules/server/nginx/default.nix b/modules/server/nginx/default.nix
index 71e2c98..715832a 100644
--- a/modules/server/nginx/default.nix
+++ b/modules/server/nginx/default.nix
@@ -80,9 +80,11 @@ in {
           
           locations = {
             "/" = {
+              recommendedProxySettings = true;
+              proxyWebsockets = true;
+              proxyPass= "http://helcel.net";
+
               extraConfig = ''
-                proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
-                proxy_set_header X-Original-URI $scheme://$http_host$request_uri;
                 auth_request     /outpost.goauthentik.io/auth/nginx;
                 error_page       401 = @goauthentik_proxy_signin;
                 auth_request_set $auth_cookie $upstream_http_set_cookie;
@@ -101,16 +103,13 @@ in {
                 proxy_set_header X-authentik-email $authentik_email;
                 proxy_set_header X-authentik-name $authentik_name;
                 proxy_set_header X-authentik-uid $authentik_uid;
-                proxy_pass http://helcel.net;
               '';
             };
 
             "/outpost.goauthentik.io" = {
               proxyPass = "http://${config.syscfg.server.containers.authentik.ip}:${toString config.syscfg.server.containers.authentik.port}/outpost.goauthentik.io";
               extraConfig = ''
-                proxy_set_header        Host $host;
                 proxy_set_header        X-Original-URL $scheme://$http_host$request_uri;
-                proxy_set_header        X-Original-URI $scheme://$http_host$request_uri;
                 add_header              Set-Cookie $auth_cookie;
                 auth_request_set        $auth_cookie $upstream_http_set_cookie;
                 proxy_pass_request_body off;