diff --git a/config/c3d2.nix b/config/c3d2.nix
index 747ee1f0..536caa7b 100644
--- a/config/c3d2.nix
+++ b/config/c3d2.nix
@@ -232,6 +232,12 @@ in {
       vim.defaultEditor = true;
     };
 
+    services.nginx = lib.mkIf config.services.nginx.enable {
+      recommendedGzipSettings = true;
+      recommendedOptimisation = true;
+      recommendedProxySettings = true;
+      recommendedTlsSettings = true;
+    };
 
     time.timeZone = lib.mkDefault "Europe/Berlin";
 
diff --git a/hosts/containers/direkthilfe/default.nix b/hosts/containers/direkthilfe/default.nix
index d1e827b3..89674680 100644
--- a/hosts/containers/direkthilfe/default.nix
+++ b/hosts/containers/direkthilfe/default.nix
@@ -64,7 +64,6 @@ in {
   services.phpfpm.phpPackage = pkgs.php74;
   services.nginx = {
     enable = true;
-    recommendedProxySettings = true;
     virtualHosts."${domain}" = {
       default = true;
       forceSSL = true;
diff --git a/hosts/containers/freifunk/default.nix b/hosts/containers/freifunk/default.nix
index 1e8ef304..abe5be6c 100644
--- a/hosts/containers/freifunk/default.nix
+++ b/hosts/containers/freifunk/default.nix
@@ -437,8 +437,6 @@ in {
   # HTTP Reverse Proxy to provide services into Freifunk
   services.nginx = {
     enable = true;
-    recommendedOptimisation = true;
-    recommendedGzipSettings = true;
     appendHttpConfig = ''
       proxy_buffering off;
     '';
diff --git a/hosts/containers/grafana/default.nix b/hosts/containers/grafana/default.nix
index ad242a81..2f456940 100644
--- a/hosts/containers/grafana/default.nix
+++ b/hosts/containers/grafana/default.nix
@@ -23,7 +23,6 @@ in {
 
   services.nginx = {
     enable = true;
-    recommendedProxySettings = true;
     virtualHosts = {
       "grafana.hq.c3d2.de" = {
         default = true;
diff --git a/hosts/containers/hedgedoc/default.nix b/hosts/containers/hedgedoc/default.nix
index 4b58fb4c..e52e2fba 100644
--- a/hosts/containers/hedgedoc/default.nix
+++ b/hosts/containers/hedgedoc/default.nix
@@ -36,9 +36,9 @@
         useSSL = true;
       };
     };
+
     nginx = {
       enable = true;
-      recommendedProxySettings = true;
       virtualHosts."codimd.c3d2.de" = {
         default = true;
         forceSSL = true;
@@ -57,6 +57,7 @@
         };
       };
     };
+
     postgresql = {
       enable = true;
       ensureDatabases = [
diff --git a/hosts/containers/kibana/default.nix b/hosts/containers/kibana/default.nix
index e1a78949..9f679bd6 100644
--- a/hosts/containers/kibana/default.nix
+++ b/hosts/containers/kibana/default.nix
@@ -40,8 +40,6 @@
     };
   in {
     enable = true;
-    recommendedGzipSettings = true;
-    recommendedProxySettings = true;
     clientMaxBodySize = "100m";
     virtualHosts = {
       "kibana.hq.c3d2.de" =
diff --git a/hosts/containers/matemat/default.nix b/hosts/containers/matemat/default.nix
index b21e1152..9a46b454 100644
--- a/hosts/containers/matemat/default.nix
+++ b/hosts/containers/matemat/default.nix
@@ -20,7 +20,6 @@
   services = {
     nginx = {
       enable = true;
-      recommendedProxySettings = true;
       virtualHosts."matemat.hq.c3d2.de" = {
         default = true;
         forceSSL = true;
diff --git a/hosts/containers/mobilizon/default.nix b/hosts/containers/mobilizon/default.nix
index 7d934adb..b996ad0c 100644
--- a/hosts/containers/mobilizon/default.nix
+++ b/hosts/containers/mobilizon/default.nix
@@ -41,7 +41,6 @@
 
   services.nginx = {
     enable = true;
-    recommendedProxySettings = true;
     virtualHosts."mobilizon.c3d2.de" = {
       default = true;
       forceSSL = true;
diff --git a/hosts/containers/scrape/default.nix b/hosts/containers/scrape/default.nix
index fabdec15..c0eb3398 100644
--- a/hosts/containers/scrape/default.nix
+++ b/hosts/containers/scrape/default.nix
@@ -30,7 +30,6 @@ in {
 
   services.nginx = {
     enable = true;
-    recommendedProxySettings = true;
     virtualHosts."scrape.hq.c3d2.de" = {
       default = true;
       forceSSL = true;
diff --git a/hosts/containers/sdrweb/default.nix b/hosts/containers/sdrweb/default.nix
index 969bcbd6..207bce13 100644
--- a/hosts/containers/sdrweb/default.nix
+++ b/hosts/containers/sdrweb/default.nix
@@ -19,7 +19,6 @@
 
   services.nginx = {
     enable = true;
-    recommendedProxySettings = true;
     virtualHosts."sdr.hq.c3d2.de" = {
       default = true;
       forceSSL = true;
diff --git a/hosts/containers/stream/default.nix b/hosts/containers/stream/default.nix
index 4ba022c3..e2f8b8cc 100644
--- a/hosts/containers/stream/default.nix
+++ b/hosts/containers/stream/default.nix
@@ -39,7 +39,6 @@ in
 
   services.nginx = {
     enable = true;
-    recommendedProxySettings = true;
     virtualHosts."stream.hq.c3d2.de" = {
       default = true;
       enableACME = true;
diff --git a/hosts/hydra/hydra.nix b/hosts/hydra/hydra.nix
index e8c9b5b7..c8fa7b59 100644
--- a/hosts/hydra/hydra.nix
+++ b/hosts/hydra/hydra.nix
@@ -70,8 +70,6 @@ in {
       };
     in {
       enable = true;
-      recommendedProxySettings = true;
-      recommendedGzipSettings = true;
       virtualHosts = {
         "hydra.hq.c3d2.de" = hydraVhost // {
           default = true;
diff --git a/hosts/pulsebert/default.nix b/hosts/pulsebert/default.nix
index a5422e13..d70c04fe 100644
--- a/hosts/pulsebert/default.nix
+++ b/hosts/pulsebert/default.nix
@@ -111,8 +111,6 @@ in
 
     nginx = {
       enable = true;
-      #recommendedGzipSettings = true;
-      recommendedProxySettings = true;
       virtualHosts = {
         "drkkr.hq.c3d2.de" = {
           default = true;