diff --git a/roles/native-nginx-docker-proxy/templates/proxy_pass.conf.j2 b/roles/native-nginx-docker-proxy/templates/proxy_pass.conf.j2
index eed3a560..6c42dba6 100644
--- a/roles/native-nginx-docker-proxy/templates/proxy_pass.conf.j2
+++ b/roles/native-nginx-docker-proxy/templates/proxy_pass.conf.j2
@@ -5,6 +5,7 @@ location /
   {% else %}
     proxy_pass http://127.0.0.1:{{http_port}}/;
   {% endif %}
+
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
@@ -12,7 +13,22 @@ location /
   proxy_send_timeout          300;
   proxy_read_timeout          300;
   send_timeout                300;
-  location ~* \.(html|css|jpg|gif|ico|js)$ {
+
+  # cache images
+  location ~* \.(gif|ico|jpg|jpeg|png|svg)$ {
+    proxy_cache          cache;
+    proxy_cache_key      $host$uri$is_args$args;
+    proxy_cache_valid    200 301 302 365dm;
+    expires 365d;
+    {% if https_port is defined %}
+      proxy_pass https://127.0.0.1:{{https_port}};
+    {% else %}
+      proxy_pass http://127.0.0.1:{{http_port}};
+    {% endif %}
+  }
+
+  # cache content
+  location ~* \.(html|css|js)$ {
     proxy_cache          cache;
     proxy_cache_key      $host$uri$is_args$args;
     proxy_cache_valid    200 301 302 30m;
diff --git a/roles/native-nginx/readme.md b/roles/native-nginx/readme.md
index 2b6eeb4a..6f308cd9 100644
--- a/roles/native-nginx/readme.md
+++ b/roles/native-nginx/readme.md
@@ -5,3 +5,4 @@
 - https://davidwalsh.name/enable-gzip
 - https://www.nginx.com/blog/performance-tuning-tips-tricks/
 - https://medium.com/pixelpoint/best-practices-for-cache-control-settings-for-your-website-ff262b38c5a2
+- https://www.nginx.com/blog/nginx-caching-guide/
diff --git a/roles/native-nginx/templates/nginx.conf.j2 b/roles/native-nginx/templates/nginx.conf.j2
index 011c5fb8..7f22da12 100644
--- a/roles/native-nginx/templates/nginx.conf.j2
+++ b/roles/native-nginx/templates/nginx.conf.j2
@@ -7,11 +7,16 @@ events
 
 http
 {
-  proxy_cache_path /tmp/cache levels=1:2 keys_zone=cache:60m max_size=1G;
   include mime.types;
   default_type text/html;
+
+  # caching
+  proxy_cache_path /tmp/cache levels=1:2 keys_zone=cache:10m max_size=10g inactive=7d use_temp_path=off;
+
+  # logs
   access_log syslog:server=unix:/dev/log;
   error_log syslog:server=unix:/dev/log;
+
   sendfile on;
   keepalive_timeout 65;