diff --git a/scripts/approve-user.sh b/scripts/approve-user.sh
index ec441d25c1722e6ae47999cc90143b7dd2c743f0..6eb3497fbecc55ef1f8e3d317fe10c95887e1fa7 100755
--- a/scripts/approve-user.sh
+++ b/scripts/approve-user.sh
@@ -27,5 +27,5 @@ sed s/%HOSTNAME%/$1/g /data/infrastructure/templates/haproxy-frontend.part >> /d
 
 sed s/%HOSTNAME%/$1/g /data/infrastructure/templates/haproxy-backend.part | sed s/%IP%/$IP/g >> /data/server-wide/haproxy/backends.part
 
-cat /data/server-wide/haproxy/haproxy-1.part /data/server-wide/haproxy/certs.part /data/server-wide/haproxy/haproxy-2.part /data/server-wide/haproxy/frontends.part /data/server-wide/haproxy/backends.part > /data/server-wide/haproxy/haproxy.cfg
+cat /data/server-wide/haproxy/haproxy-1.part /data/server-wide/haproxy/hostname.part /data/server-wide/haproxy/haproxy-2.part /data/server-wide/haproxy/certs.part /data/server-wide/haproxy/haproxy-3.part /data/server-wide/haproxy/frontends.part /data/server-wide/haproxy/backends.part > /data/server-wide/haproxy/haproxy.cfg
 systemctl reload haproxy.service
diff --git a/scripts/setup.sh b/scripts/setup.sh
index 339dbfdf1784c546038f950a801dc3988f4f0fa7..3a71a0b7a13deb2042b8382e93116b7d388f0f76 100755
--- a/scripts/setup.sh
+++ b/scripts/setup.sh
@@ -19,6 +19,7 @@ rm /data/server-wide/haproxy/*.part
 touch /data/server-wide/haproxy/certs.part
 touch /data/server-wide/haproxy/frontends.part
 touch /data/server-wide/haproxy/backends.part
+hostname > /data/server-wide/haproxy/hostname.part
 cp /data/infrastructure/templates/haproxy-*.part /data/server-wide/haproxy/
 systemctl enable haproxy.service
 systemctl start  haproxy.service
diff --git a/templates/haproxy-1.part b/templates/haproxy-1.part
index 9493145a2261fa5c05f26888b4705f044c010210..98656d8e7feb58d8a2aaf90bc4a210ba6aa65375 100644
--- a/templates/haproxy-1.part
+++ b/templates/haproxy-1.part
@@ -17,7 +17,4 @@ defaults
 
 frontend https-in
 mode http
- bind *:443 ssl crt-list /haproxy-override/certs/list.txt crt /haproxy-override/approved-certs/coreos.dev/combined.pem
- reqadd X-Forwarded-Proto:\ https
-
-
+ bind *:443 ssl crt-list /haproxy-override/certs/list.txt crt /haproxy-override/approved-certs/
diff --git a/templates/haproxy-2.part b/templates/haproxy-2.part
index 45f44d9b6a82908ef7747c8924ee680a1928b758..84d9fb6cc9885c8c43d93f0b7d6dec87087e4bf9 100644
--- a/templates/haproxy-2.part
+++ b/templates/haproxy-2.part
@@ -1,6 +1,4 @@
+/combined.pem
+ reqadd X-Forwarded-Proto:\ https
 
 
-default_backend coreos.dev
-    
-frontend http-in
-    bind *:80
diff --git a/templates/haproxy-3.part b/templates/haproxy-3.part
new file mode 100644
index 0000000000000000000000000000000000000000..45f44d9b6a82908ef7747c8924ee680a1928b758
--- /dev/null
+++ b/templates/haproxy-3.part
@@ -0,0 +1,6 @@
+
+
+default_backend coreos.dev
+    
+frontend http-in
+    bind *:80