diff --git a/hosts/containers/public-access-proxy/configuration.nix b/hosts/containers/public-access-proxy/configuration.nix
index ccb1e9a8..c087034d 100644
--- a/hosts/containers/public-access-proxy/configuration.nix
+++ b/hosts/containers/public-access-proxy/configuration.nix
@@ -13,6 +13,9 @@
     ];
 
   networking.hostName = "public-access-proxy";
+  networking.useNetworkd = true;
+  networking.defaultGateway = "172.22.99.4";
+  networking.useDHCP = lib.mkForce true;
 
   my.services.proxy = {
     enable = true;
@@ -23,7 +26,7 @@
       }
       {
         hostNames = [ "cloud.bombenverleih.de" "arkom.men" "kl.arkom.men" "cloud.arkom.men" ];
-        proxyTo = { host = "fe80::461e:a1ff:fe59:2ee8"; httpPort = 80; httpsPort = 443; };
+        proxyTo = { host = "172.22.99.192"; httpPort = 80; httpsPort = 443; };
       }
     ];
   };
diff --git a/hosts/containers/public-access-proxy/proxy.nix b/hosts/containers/public-access-proxy/proxy.nix
index 239ca4fd..5d7d24bc 100644
--- a/hosts/containers/public-access-proxy/proxy.nix
+++ b/hosts/containers/public-access-proxy/proxy.nix
@@ -76,24 +76,26 @@ in {
     services.haproxy = {
       enable = true;
       config = ''
-        resolvers dns
-          nameserver quad9 9.9.9.9:53
-          hold valid 1s
-
         frontend http-in
           bind :::80 v4v6
           timeout client 30000
+          option http-tunnel
           default_backend proxy-backend-http
   
         backend proxy-backend-http
           timeout connect 5000
           timeout check 5000
           timeout server 30000
+          mode http
+          option http-server-close
+          option forwardfor
+          reqadd X-Forwarded-Proto:\ http
+          reqadd X-Forwarded-Port:\ 80
           ${concatMapStringsSep "\n" (proxyHost:
             optionalString (proxyHost.hostNames != [] && proxyHost.proxyTo.host != null) (
               concatMapStringsSep "\n" (hostname: ''
                 use-server ${hostname}-http if { req.hdr(host) -i ${hostname} }
-                server ${hostname}-http ${proxyHost.proxyTo.host}:${toString proxyHost.proxyTo.httpPort} resolvers dns check inter 1000
+                server ${hostname}-http ${proxyHost.proxyTo.host}:${toString proxyHost.proxyTo.httpPort}
               ''
               ) (proxyHost.hostNames)
             )
@@ -109,11 +111,14 @@ in {
           timeout connect 5000
           timeout check 5000
           timeout server 30000
+          option http-server-close
+          reqadd X-Forwarded-Proto:\ https
+          reqadd X-Forwarded-Port:\ 443
           ${concatMapStringsSep "\n" (proxyHost:
             optionalString (proxyHost.hostNames != [] && proxyHost.proxyTo.host != null) (
               concatMapStringsSep "\n" (hostname: ''
                 use-server ${hostname}-https if { req.ssl_sni -i ${hostname} }
-                server ${hostname}-https ${proxyHost.proxyTo.host}:${toString proxyHost.proxyTo.httpsPort} resolvers dns check inter 1000
+                server ${hostname}-https ${proxyHost.proxyTo.host}:${toString proxyHost.proxyTo.httpsPort}
               ''
               ) (proxyHost.hostNames)
             )