diff --git a/CHANGELOG.md b/CHANGELOG.md
index 85c5a32..141fdac 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog
 
+## 21137-RC3 (2019/11/28)
+
+* Add env vars to set proxy settings (#21)
+* Unset sensitive vars
+
 ## 21137-RC2 (2019/11/17)
 
 * Allow to set custom `PUID`/`PGID`
diff --git a/README.md b/README.md
index d123bad..da3df5b 100644
--- a/README.md
+++ b/README.md
@@ -49,6 +49,11 @@ Image: crazymax/jetbrains-license-server:latest
 * `PGID`: Process GID (default `1000`)
 * `JLS_VIRTUAL_HOSTS`: [Virtual hosts](https://www.jetbrains.com/help/license_server/setting_host_and_port.html#d1010e63) where license server will be available (comma delimited for several hosts)
 * `JLS_CONTEXT`:  [Context path](https://www.jetbrains.com/help/license_server/setting_host_and_port.html#d1010e63) used by the license server (default `/`)
+* `JLS_PROXY_TYPE`: Type of [proxy](https://www.jetbrains.com/help/license_server/configuring_proxy_settings.html) to use. Can be `http` or `https` (default `https`)
+* `JLS_PROXY_HOST`: The host name of your proxy server
+* `JLS_PROXY_PORT`: The port number that the proxy server listens to
+* `JLS_PROXY_USER`: Username to connect to the proxy server (no auth if empty)
+* `JLS_PROXY_PASSWORD`: Password to connect to the proxy server (no auth if empty)
 * `JLS_ACCESS_CONFIG`: JSON file to configure [user restrictions](https://www.jetbrains.com/help/license_server/configuring_user_restrictions.html) (default `/data/access-config.json`)
 * `JLS_STATS_RECIPIENTS`: [Reports recipients](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e40) email addresses for stats (comma delimited)
 * `JLS_REPORT_OUT_OF_LICENSE`: [Warn about lack of licenses](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e40) every hour following the percentage threshold (default `0`)
diff --git a/entrypoint.sh b/entrypoint.sh
index 647582a..32cc823 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -5,6 +5,7 @@ JLS_LISTEN_ADDRESS="0.0.0.0"
 JLS_PORT=8000
 JLS_CONTEXT=${JLS_CONTEXT:-/}
 JLS_ACCESS_CONFIG=${JLS_ACCESS_CONFIG:-/data/access-config.json}
+JLS_PROXY_TYPE=${JLS_PROXY_TYPE:-http}
 
 if [ -n "${PGID}" ] && [ "${PGID}" != "$(id -g jls)" ]; then
   echo "Switching to PGID ${PGID}..."
@@ -25,7 +26,7 @@ echo "Configuring Jetbrains License Server..."
 su-exec jls:jls license-server configure --listen ${JLS_LISTEN_ADDRESS} --port ${JLS_PORT} --context ${JLS_CONTEXT}
 
 # https://www.jetbrains.com/help/license_server/setting_host_and_port.html
-if [ ! -z "$JLS_VIRTUAL_HOSTS" ] ; then
+if [ ! -z "$JLS_VIRTUAL_HOSTS" ]; then
   echo "Following virtual hosts will be used:"
   for JLS_VIRTUAL_HOST in $(echo ${JLS_VIRTUAL_HOSTS} | tr "," "\n"); do
     echo "-> ${JLS_VIRTUAL_HOST}"
@@ -33,6 +34,23 @@ if [ ! -z "$JLS_VIRTUAL_HOSTS" ] ; then
   su-exec jls:jls license-server configure --jetty.virtualHosts.names=${JLS_VIRTUAL_HOSTS}
 fi
 
+# https://www.jetbrains.com/help/license_server/configuring_proxy_settings.html
+if [ ! -z "$JLS_PROXY_HOST" -a ! -z "$JLS_PROXY_PORT" ]; then
+  echo "Setting ${JLS_PROXY_TYPE} proxy to $JLS_PROXY_HOST:$JLS_PROXY_PORT..."
+  su-exec jls:jls license-server configure \
+    -J-D${JLS_PROXY_TYPE}.proxyHost=${JLS_PROXY_HOST} \
+    -J-D${JLS_PROXY_TYPE}.proxyPort=${JLS_PROXY_PORT}
+
+  if [ ! -z "$JLS_PROXY_USER" -a ! -z "$JLS_PROXY_PASSWORD" ]; then
+    echo "Setting ${JLS_PROXY_TYPE} proxy credentials..."
+    su-exec jls:jls license-server configure \
+      -J-D${JLS_PROXY_TYPE}.proxyUser=${JLS_PROXY_USER} \
+      -J-D${JLS_PROXY_TYPE}.proxyPassword=${JLS_PROXY_PASSWORD}
+    unset JLS_PROXY_USER
+    unset JLS_PROXY_PASSWORD
+  fi
+fi
+
 # https://www.jetbrains.com/help/license_server/configuring_user_restrictions.html
 if [ -s "$JLS_ACCESS_CONFIG" ]; then
   echo "Enabling user restrictions access from $JLS_ACCESS_CONFIG..."
@@ -40,18 +58,18 @@ if [ -s "$JLS_ACCESS_CONFIG" ]; then
 fi
 
 # https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html
-if [ ! -z "$JLS_SMTP_SERVER" -a ! -z "$JLS_STATS_RECIPIENTS" ] ; then
+if [ ! -z "$JLS_SMTP_SERVER" -a ! -z "$JLS_STATS_RECIPIENTS" ]; then
   JLS_SMTP_PORT=${JLS_SMTP_PORT:-25}
   echo "Enabling User Reporting via SMTP at $JLS_SMTP_SERVER:$JLS_SMTP_PORT..."
   su-exec jls:jls license-server configure --smtp.server ${JLS_SMTP_SERVER} --smtp.server.port ${JLS_SMTP_PORT}
 
-  if [ ! -z "$JLS_SMTP_USERNAME" -a ! -z "$JLS_SMTP_PASSWORD" ] ; then
+  if [ ! -z "$JLS_SMTP_USERNAME" -a ! -z "$JLS_SMTP_PASSWORD" ]; then
     echo "Using SMTP username $JLS_SMTP_USERNAME with password..."
     su-exec jls:jls license-server configure --smtp.server.username ${JLS_SMTP_USERNAME}
     su-exec jls:jls license-server configure --smtp.server.password ${JLS_SMTP_PASSWORD}
   fi
 
-  if [ ! -z "$JLS_STATS_FROM" ] ; then
+  if [ ! -z "$JLS_STATS_FROM" ]; then
     echo "Setting stats sender to $JLS_STATS_FROM..."
     su-exec jls:jls license-server configure --stats.from ${JLS_STATS_FROM}
   fi
@@ -66,10 +84,11 @@ if [ ! -z "$JLS_SMTP_SERVER" -a ! -z "$JLS_STATS_RECIPIENTS" ] ; then
 fi
 
 # https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html
-if [ ! -z "$JLS_STATS_TOKEN" ] ; then
+if [ ! -z "$JLS_STATS_TOKEN" ]; then
   echo "Enabling stats via API at /$JLS_STATS_TOKEN..."
   su-exec jls:jls license-server configure --reporting.token ${JLS_STATS_TOKEN}
 fi
+unset JLS_STATS_TOKEN
 
 echo "Fixing perms..."
 chown -R jls:jls /data "$JLS_PATH"