diff --git a/salt/base/config/realip-nginx.jinja.conf b/salt/base/config/realip-nginx.jinja.conf
new file mode 100644
index 00000000..39e86227
--- /dev/null
+++ b/salt/base/config/realip-nginx.jinja.conf
@@ -0,0 +1,18 @@
+server {
+  listen 9001 ssl;
+
+  ssl_certificate /etc/ssl/private/salt.psf.io.pem;
+  ssl_certificate_key /etc/ssl/private/salt.psf.io.pem;
+
+  server_name salt-public.psf.io;
+
+  # Real IP Configuration
+  set_real_ip_from {{ pillar["psf_internal_network"] }};
+  set_real_ip_from 127.0.0.1;
+  real_ip_header X-Forwarded-For;
+
+  location / {
+      root /srv/public;
+      try_files $uri =404;
+  }
+}
diff --git a/salt/base/salt.sls b/salt/base/salt.sls
index c5dc6970..b65be307 100644
--- a/salt/base/salt.sls
+++ b/salt/base/salt.sls
@@ -126,6 +126,16 @@ salt-master:
     - group: root
     - mode: "0644"
 
+/etc/nginx/sites.d/realip.conf:
+  file.managed:
+    - source: salt://base/config/realip-nginx.jinja.conf
+    - template: jinja
+    - user: root
+    - group: root
+    - mode: "0644"
+    - require:
+       - file: /etc/nginx/sites.d/
+
 /etc/nginx/sites.d/publish-files.conf:
   file.managed:
     - source: salt://base/config/publish-files-nginx.conf