diff --git a/ansible/nuc.yaml b/ansible/nuc.yaml
index 0313d4a..12eb585 100644
--- a/ansible/nuc.yaml
+++ b/ansible/nuc.yaml
@@ -6,5 +6,6 @@
       tags:
         - setup
         - nomad
+        - proxy
       ansible.builtin.include_role:
         name: local-server-head
diff --git a/ansible/roles/local-server-head/files/host-file b/ansible/roles/local-server-head/files/host-file
new file mode 100644
index 0000000..da8489e
--- /dev/null
+++ b/ansible/roles/local-server-head/files/host-file
@@ -0,0 +1,14 @@
+127.0.0.1 localhost
+127.0.1.1 nigel
+
+# Our own dns stuff
+127.0.1.1 nigel.local
+127.0.1.1 nomad.nigel.local
+127.0.1.1 sanity.nigel.local
+
+# The following lines are desirable for IPv6 capable hosts
+::1     ip6-localhost ip6-loopback
+fe00::0 ip6-localnet
+ff00::0 ip6-mcastprefix
+ff02::1 ip6-allnodes
+ff02::2 ip6-allrouters
\ No newline at end of file
diff --git a/ansible/roles/local-server-head/files/nomad.conf b/ansible/roles/local-server-head/files/nomad.conf
new file mode 100644
index 0000000..a9818ba
--- /dev/null
+++ b/ansible/roles/local-server-head/files/nomad.conf
@@ -0,0 +1,8 @@
+server {
+    server_name nomad.nigel.local;
+    location / {
+        proxy_pass http://localhost:4646;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+}
+
diff --git a/ansible/roles/local-server-head/files/sanity.conf b/ansible/roles/local-server-head/files/sanity.conf
new file mode 100644
index 0000000..a081a69
--- /dev/null
+++ b/ansible/roles/local-server-head/files/sanity.conf
@@ -0,0 +1,7 @@
+server {
+    server_name sanity.nigel.local;
+    location / {
+        proxy_pass http://localhost:8000;
+    }
+}
+
diff --git a/ansible/roles/local-server-head/tasks/main.yaml b/ansible/roles/local-server-head/tasks/main.yaml
index d7e9ec0..d2898f0 100644
--- a/ansible/roles/local-server-head/tasks/main.yaml
+++ b/ansible/roles/local-server-head/tasks/main.yaml
@@ -9,6 +9,8 @@
         - setup
 - name: Ensure nigel can use sudo without password
   become: true
+  tags:
+    - setup
   ansible.builtin.lineinfile:
     path: /etc/sudoers
     state: present
@@ -20,4 +22,12 @@
     apply:
       become: true
       tags:
-        - nomad
\ No newline at end of file
+        - nomad
+- name: Setup the reverse proxy outside of nomad
+  tags: proxy
+  ansible.builtin.include_tasks:
+    file: reverse_proxy.yaml
+    apply:
+      become: true
+      tags:
+        - proxy
\ No newline at end of file
diff --git a/ansible/roles/local-server-head/tasks/reverse_proxy.yaml b/ansible/roles/local-server-head/tasks/reverse_proxy.yaml
new file mode 100644
index 0000000..3011061
--- /dev/null
+++ b/ansible/roles/local-server-head/tasks/reverse_proxy.yaml
@@ -0,0 +1,29 @@
+- name: Keep /etc/hosts up to date
+  ansible.builtin.copy:
+    dest: /etc/hosts
+    src: host-file
+    mode: "0644"
+- name: Ensure nginx is setup as latest
+  ansible.builtin.apt:
+    name: nginx
+- name: Copy the nomad.conf to available configurations
+  ansible.builtin.copy:
+    src: "{{ item }}"
+    dest: "/etc/nginx/sites-available/{{ item }}"
+    mode: "0644"
+  loop:
+    - nomad.conf
+    - sanity.conf
+- name: Link the nomad.conf to sites-enabled
+  ansible.builtin.file:
+    path: "/etc/nginx/sites-enabled/{{ item }}"
+    state: link
+    src: "/etc/nginx/sites-available/{{ item }}"
+    mode: "0644"
+  loop:
+    - nomad.conf
+    - sanity.conf
+- name: Restart nginx
+  ansible.builtin.systemd_service:
+    name: nginx
+    state: restarted
\ No newline at end of file