diff --git a/host_vars/revproxy.as208772.net/revproxy b/host_vars/revproxy.as208772.net/revproxy
index 1c3fb33474f3fbac421dbd209ba985865d1fc413..776f2201712367d556cf0b000a334b2c931ba975 100644
--- a/host_vars/revproxy.as208772.net/revproxy
+++ b/host_vars/revproxy.as208772.net/revproxy
@@ -1,6 +1,9 @@
 ---
 letsencrypt_account_email: "hostmaster@freifunk-stuttgart.de"
 letsencrypt_acme_directory: "https://acme-v02.api.letsencrypt.org/directory"
+revproxy_http_ports:
+  - 80
+  - 8080
 vhosts:
   - domain: grafana.freifunk-stuttgart.de
     backend: "http://10.0.3.237/"
@@ -86,3 +89,8 @@ vhosts:
     backend: "http://10.0.3.164/"
     type: proxy
     max_body_size: 2G
+  - domain: unifi.freifunk-stuttgart.de
+    backend: "http://10.0.3.222:8080/"
+    type: proxy
+    force_https: False
+    http_port: 8080
diff --git a/roles/revproxy/templates/default.conf b/roles/revproxy/templates/default.conf
index 43b087f46cf11b34cab15360f9642cbe8d963c9e..580ae09df0d824a6e9350bd6c82251065147b226 100644
--- a/roles/revproxy/templates/default.conf
+++ b/roles/revproxy/templates/default.conf
@@ -1,5 +1,7 @@
 server {
-    listen [::]:80 ipv6only=off;
+    {% for port in revproxy_http_ports|default([80]) %}
+	    listen [::]:{{port}} ipv6only=off;
+    {% endfor %}
     listen [::]:443 ssl default_server ipv6only=off;
     server_name _;
 
diff --git a/roles/revproxy/templates/vhost-location.conf b/roles/revproxy/templates/vhost-location.conf
new file mode 100644
index 0000000000000000000000000000000000000000..fb03d073feffa83f15b92d2ea014561d2dcda0fa
--- /dev/null
+++ b/roles/revproxy/templates/vhost-location.conf
@@ -0,0 +1,15 @@
+location / {
+	{% if vhost.maintenance is defined and vhost.maintenance.enabled -%}
+	if ($maintenance_{{ vhost.domain | sha1 }}) {
+		return 503 "{{ vhost.maintenance.message }}";
+		add_header Content-Type text/plain always;
+	}
+	{% endif %}
+	{% if vhost.type == "proxy" %}
+		{% include 'vhost-proxy.conf' %}
+	{% elif vhost.type == "redirect" %}
+		{% include 'vhost-redirect.conf' %}
+	{% elif vhost.type == "static" %}
+		{% include 'vhost-static.conf' %}
+	{% endif %}
+}
diff --git a/roles/revproxy/templates/vhost.conf b/roles/revproxy/templates/vhost.conf
index f2bacab26dd371a79be40c39514e16a0d4247003..718fb075fcfa594ebecd3a71d539086f8ce0505e 100644
--- a/roles/revproxy/templates/vhost.conf
+++ b/roles/revproxy/templates/vhost.conf
@@ -21,34 +21,24 @@ server {
 
 	{% include 'vhost-serve-letsencrypt.conf' %}
 
-	location / {
-		{% if vhost.maintenance is defined and vhost.maintenance.enabled -%}
-		if ($maintenance_{{ vhost.domain | sha1 }}) {
-			return 503 "{{ vhost.maintenance.message }}";
-			add_header Content-Type text/plain always;
-		}
-		{% endif %}
-		{% if vhost.type == "proxy" %}
-			{% include 'vhost-proxy.conf' %}
-		{% elif vhost.type == "redirect" %}
-			{% include 'vhost-redirect.conf' %}
-		{% elif vhost.type == "static" %}
-			{% include 'vhost-static.conf' %}
-		{% endif %}
-	}
+	{% include 'vhost-location.conf' %}
 }
 
 server {
-	listen [::]:80;
+	listen [::]:{{ vhost.http_port|default(80) }};
 
 	server_name {{ vhost.domain}};
-	location / {
-		{% if vhost.type in ["proxy", "static"] %}
-		return 301 https://{{ vhost.domain }}$request_uri;
-		{% elif vhost.type == "redirect" %}
-		return 301 {{ vhost.redirect }}$request_uri;
-		{% endif %}
-	}
+	{% if vhost.force_https|default(True) %}
+		location / {
+			{% if vhost.type in ["proxy", "static"] %}
+			return 301 https://{{ vhost.domain }}$request_uri;
+			{% elif vhost.type == "redirect" %}
+			return 301 {{ vhost.redirect }}$request_uri;
+			{% endif %}
+		}
+	{% else %}
+		{% include 'vhost-location.conf' %}
+	{% endif %}
 
 	{% include 'vhost-serve-letsencrypt.conf' %}
 }