its the same code as production, but hey its worth a try, removed from both nginx and haproxy
original nginx server block
listen 443 ssl http2 default_server proxy_protocol;
listen 10.1.10.191:443 ssl http2; // this was placed here to access the server directly - commenting out for this test
but alas this second line that was causing 1/2 of the issue, i removed all proxy_protocol from nginx and send-proxy from haproxy and it worked, so i put back all send-proxy and proxy_protocol in haproxy and nginx respectively and all was fine and i’m getting the correct client address.
Ultimately it was a combination of SSL options in HAProxy and attempt to bypass proxy_protocol with that second configuration line (the one with direct ip and no proxy_protocol), which was causing the issue. Thanks again for your assistance, very much appreciate the second pair of eyes as i had started at this for too long.
Best,
Jeff