diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 0494caf6b326bdfddf88a4464728051f94bf7659..ed9c3d5d22c732d0aba188c7bf6632493d621154 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -28,7 +28,7 @@ build:web:
   tags:
     - generic_privileged
   before_script:
-    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+    - echo $CI_JOB_TOKEN | docker login -u gitlab-ci-token --password-stdin $CI_REGISTRY
   script:
     - docker build -t $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG .
     - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
@@ -62,13 +62,14 @@ test:unit:
     - echo "$SSH_KNOWN_HOSTS" > $HOME/.ssh/known_hosts
     - chmod 600 ~/.ssh/id_ed25519
     - chmod 644 ~/.ssh/known_hosts ~/.ssh/id_ed25519.pub
-    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY
+    - echo $CI_JOB_TOKEN | docker login -u gitlab-ci-token --password-stdin $CI_REGISTRY
   script:
     - echo "Deploying to ($SSH_USER@$BACKEND_HOST)"
     - ssh $SSH_USER@$BACKEND_HOST "cd $DEPLOYMENT_PATH && git stash && git fetch && git fetch --tags -f && git checkout $SPOT_COMMIT && git reset --hard && mv docker-compose.prod.yml docker-compose.yml"
     - scp $ENV_FILE $SSH_USER@$BACKEND_HOST:$DEPLOYMENT_PATH/.env
     - ssh $SSH_USER@$BACKEND_HOST "cd $DEPLOYMENT_PATH
       && sed -i 's/SPOT_DOCKER_TAG=master/SPOT_DOCKER_TAG=$SPOT_DOCKER_TAG/g' .env
+      && sed -i "s/GATEWAY_WG_IP/$GATEWAY_WG_IP/g" etc/nginx/nginx.conf
       && docker-compose pull && sleep 2 && docker-compose up -d --remove-orphans && docker-compose restart spot-nginx"
 
 deploy:spot.murenatest.io.backend1:
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index 98daf2a76f7869025c9da1d9b261498026937e96..aaac165a0ef8bf4e3d3ce356d34080f27483c0bc 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -51,6 +51,7 @@ services:
       - ./etc/nginx/nginx.conf:/etc/nginx/nginx.conf
       - ./etc/nginx/proxy_spot_params:/etc/nginx/proxy_spot_params
       - ./searx/static:/var/www/spot/static
+      - ${LOG_DIRECTORY}:/var/log/nginx/
     labels:
       - "com.centurylinklabs.watchtower.scope=staging-spot"
 
diff --git a/etc/nginx/nginx.conf b/etc/nginx/nginx.conf
index 9621f159f9f41818672018fc4c4d2f4b413eb118..a930fd6739fee2304fad9a9daf4b899da55bf437 100644
--- a/etc/nginx/nginx.conf
+++ b/etc/nginx/nginx.conf
@@ -14,12 +14,12 @@ http {
     include       /etc/nginx/mime.types;
     default_type  application/octet-stream;
 
-    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
-                      '$status $body_bytes_sent "$http_referer" '
-                      '"$http_user_agent" "$remote_addr"';
-    
-    error_log  stderr warn;
-    access_log  /dev/stdout main;
+    set_real_ip_from GATEWAY_WG_IP;
+    real_ip_header X-Forwarded-For;
+    real_ip_recursive on;
+
+    error_log  /var/log/nginx/spot-error.log warn;
+    access_log  /var/log/nginx/spot-access.log;
 
     sendfile        on;
     #tcp_nopush     on;