diff --git a/nginx/README.md b/nginx/README.md
index ffdde09..4ab2929 100644
--- a/nginx/README.md
+++ b/nginx/README.md
@@ -1,6 +1,17 @@
+<!-- omit from toc -->
 # Nginx scripts
 
-Lightning Payable VPS services:
+- [Lightning Payable VPS services](#lightning-payable-vps-services)
+- [Add a custom subdomain](#add-a-custom-subdomain)
+- [Snippets for NIP5, LNaddress and LNURLpay](#snippets-for-nip5-lnaddress-and-lnurlpay)
+- [CORS headers for ln-address](#cors-headers-for-ln-address)
+- [Add a subdomain for a Mempool instance](#add-a-subdomain-for-a-mempool-instance)
+- [Add subdomain for an Electrum Server](#add-subdomain-for-an-electrum-server)
+- [Set up SSL access for the Ride The Lightning web UI on the RaspiBlitz](#set-up-ssl-access-for-the-ride-the-lightning-web-ui-on-the-raspiblitz)
+- [Resources](#resources)
+
+
+## Lightning Payable VPS services
 * [host4coins.net](https://host4coins.net) - from $8/month - only email address is required
 * A long list of providers: <https://bitcoin-vps.com/#VPS-Europe>
 
@@ -17,6 +28,25 @@ cat custom_website_subdomain.sh
 bash custom_website_subdomain.sh
 ```
 
+## Snippets for NIP5, LNaddress and LNURLpay
+* [snippets](/nginx/nostr_lnaddress_snippets.conf)
+
+## CORS headers for ln-address
+
+* allow the `GET` `request_method` with these lines in `location / { }`
+```
+location / {
+
+    if ($request_method != 'GET') {
+        return 403;
+    }
+    add_header 'Access-Control-Allow-Origin' '*';
+
+}
+```
+
+* More info from https://enable-cors.org/server_nginx.html
+
 ## Add a subdomain for a Mempool instance
 
 In this example configuration a redirect is added to a Mempool instance on the LAN (or VPN).  
diff --git a/nginx/nostr_lnaddress_snippets.conf b/nginx/nostr_lnaddress_snippets.conf
new file mode 100644
index 0000000..c2dec57
--- /dev/null
+++ b/nginx/nostr_lnaddress_snippets.conf
@@ -0,0 +1,36 @@
+# nginx snippets for NIP5, LNaddress and LNURLpay
+
+  #for NIP5 fill in the file /var/www/html/.well-known/nostr.json
+  location /.well-known/nostr.json {
+    add_header 'Access-Control-Allow-Origin' '*';
+    alias /var/www/html/.well-known/nostr.json;
+  }
+
+  #for the LN address fill in the PREFIX_BTCPAY_PORT
+  location /.well-known/lnurlp {
+    proxy_pass      $PREFIX_BTCPAY_PORT;
+    proxy_redirect off;
+
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto https;
+    proxy_read_timeout 600;
+    proxy_connect_timeout 600;
+    proxy_send_timeout 600;
+  }
+
+  #for the LNURLpay callback fill in the PREFIX_BTCPAY_PORT
+  location /BTC/UILNURL/pay/i {
+    add_header 'Access-Control-Allow-Origin' '*';
+    proxy_pass      $PREFIX_BTCPAY_PORT;
+    proxy_redirect off;
+
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto https;
+    proxy_read_timeout 600;
+    proxy_connect_timeout 600;
+    proxy_send_timeout 600;
+  }