diff --git a/hosts/pluto/configuration.nix b/hosts/pluto/configuration.nix
index f86ed9e..2fb2d58 100644
--- a/hosts/pluto/configuration.nix
+++ b/hosts/pluto/configuration.nix
@@ -84,20 +84,6 @@
     };
   };
 
-  services.nginx = {
-    enable = true;
-    package = pkgs.nginxStable.override {openssl = pkgs.libressl;};
-    virtualHosts = {
-      "search.zackmyers.io" = {
-        forceSSL = true;
-        enableACME = true;
-        locations."/" = {
-          proxyPass = "http://localhost:8080";
-        };
-      };
-    };
-  };
-
   security.acme = {
     acceptTerms = true;
     defaults.email = "zach@zacharymyers.com";
diff --git a/hosts/pluto/services/searxng.nix b/hosts/pluto/services/searxng.nix
index e814c4e..6daf0e7 100644
--- a/hosts/pluto/services/searxng.nix
+++ b/hosts/pluto/services/searxng.nix
@@ -15,8 +15,21 @@
   services.nginx.virtualHosts."search.zackmyers.io" = {
     forceSSL = true;
     enableACME = true;
-    locations."/searx" = {
-      uwsgiPass = "unix://run/searx/searx.sock";
-    };
+    locations."/searx".extraConfig = ''
+      uwsgi_pass unix:///run/searx/searx.sock;
+
+      include uwsgi_params;
+
+      uwsgi_param    HTTP_HOST             $host;
+      uwsgi_param    HTTP_CONNECTION       $http_connection;
+
+      # see flaskfix.py
+      uwsgi_param    HTTP_X_SCHEME         $scheme;
+      uwsgi_param    HTTP_X_SCRIPT_NAME    /searxng;
+
+      # see limiter.py
+      uwsgi_param    HTTP_X_REAL_IP        $remote_addr;
+      uwsgi_param    HTTP_X_FORWARDED_FOR  $proxy_add_x_forwarded_for;
+    '';
   };
 }