diff --git a/src/client-link/entrypoint.sh b/src/client-link/entrypoint.sh
index 13ee3da..3be694b 100755
--- a/src/client-link/entrypoint.sh
+++ b/src/client-link/entrypoint.sh
@@ -13,12 +13,7 @@ ip link set link0 up
 ip link set link0 mtu $LINK_MTU
 
 wg set link0 peer $GATEWAY_LINK_WG_PUBKEY allowed-ips 10.0.0.1/32 persistent-keepalive 30 endpoint $GATEWAY_ENDPOINT
-EXPOSE=$(cat <<-END
-$EXPOSE {
-         header_up X-Forwarded-Proto {scheme}
-       }
-END
-)
+
 if [ -z ${FORWARD_ONLY+x} ]; then
 
     echo "Using caddy with SSL termination to forward traffic to app."
@@ -33,6 +28,7 @@ $EXPOSE {
             tls_insecure_skip_verify
             read_buffer 8192
          }
+         header_up X-Forwarded-Proto {scheme}
        }
 END
 )
@@ -44,10 +40,18 @@ $EXPOSE {
             tls
             read_buffer 8192
          }
+         header_up X-Forwarded-Proto {scheme}
        }
 END
 )
         fi
+        else
+         EXPOSE=$(cat <<-END
+$EXPOSE {
+         header_up X-Forwarded-Proto {scheme}
+       }
+END
+)
     fi
 
     CADDYFILE='/etc/Caddyfile'