diff --git a/config/haproxy.cfg b/config/haproxy.cfg
index b10e26e..5857367 100644
--- a/config/haproxy.cfg
+++ b/config/haproxy.cfg
@@ -20,15 +20,21 @@ frontend stats
 
 frontend k8s-api
     bind *:6443
-    bind 127.0.0.1:6443
     mode tcp
     option tcplog
     option forwardfor
     default_backend k8s-api
 
+frontend ingress-80
+    bind *:80
+    default_backend ingress-80
+
+frontend ingress-443
+    bind *:443
+    default_backend ingress-443
+
 backend k8s-api
     mode tcp
-    option tcplog
     option ssl-hello-chk
     option log-health-checks
     default-server inter 10s fall 2
@@ -36,3 +42,23 @@ backend k8s-api
     server node-2-lxc  192.168.7.52:6443 check
     server node-3-lxc  192.168.7.53:6443 check
 
+backend ingress-80
+    option log-health-checks
+    server node-1-rpi4 192.168.7.51:80 check
+    server node-2-lxc  192.168.7.52:80 check
+    server node-3-lxc  192.168.7.53:80 check
+    server node-4-lxc  192.168.7.54:80 check
+    server node-5-rpi4 192.168.7.55:80 check
+    server node-6-rpi4 192.168.7.56:80 check
+    server node-7-rpi4 192.168.7.57:80 check
+
+backend ingress-443
+    option log-health-checks
+    server node-1-rpi4 192.168.7.51:443 check
+    server node-2-lxc  192.168.7.52:443 check
+    server node-3-lxc  192.168.7.53:443 check
+    server node-4-lxc  192.168.7.54:443 check
+    server node-5-rpi4 192.168.7.55:443 check
+    server node-6-rpi4 192.168.7.56:443 check
+    server node-7-rpi4 192.168.7.57:443 check
+
diff --git a/docker-compose.yml b/docker-compose.yml
index e644af6..acac2b3 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -14,6 +14,8 @@ services:
       - TZ=America/Toronto
     restart: unless-stopped
     ports:
+        - "80:80"
+        - "443:443"
         - "6443:6443"
         - "8404:8404"
 
diff --git a/haproxy.cfg b/haproxy.cfg
new file mode 100644
index 0000000..11828fd
--- /dev/null
+++ b/haproxy.cfg
@@ -0,0 +1,65 @@
+global
+  stats socket /var/run/api.sock user haproxy group haproxy mode 660 level admin expose-fd listeners
+  log stdout format raw local0 info
+
+defaults
+  log global
+  mode http
+  option  httplog
+  option  dontlognull
+  timeout client 10s
+  timeout connect 5s
+  timeout server 10s
+  timeout http-request 10s
+
+frontend stats
+  bind *:8404
+  stats enable
+  stats uri /
+  stats refresh 10s
+
+frontend k8s-api
+    bind *:6443
+    mode tcp
+    option tcplog
+    option forwardfor
+    default_backend k8s-api
+
+frontend ingress-80
+    bind *:80
+    default_backend ingress-80
+
+frontend ingress-443
+    bind *:443
+    default_backend ingress-443
+
+backend k8s-api
+    mode tcp
+    option ssl-hello-chk
+    option log-health-checks
+    default-server inter 10s fall 2
+    server node-1-rpi4 192.168.7.51:6443 check
+    server node-2-lxc  192.168.7.52:6443 check
+    server node-3-lxc  192.168.7.53:6443 check
+
+backend ingress-80
+    option log-health-checks
+    server node-1-rpi4 192.168.7.51:80 check
+    server node-2-lxc  192.168.7.52:80 check
+    server node-3-lxc  192.168.7.53:80 check
+    server node-4-lxc  192.168.7.54:80 check
+    server node-5-rpi4 192.168.7.55:80 check
+    server node-6-rpi4 192.168.7.56:80 check
+    server node-7-rpi4 192.168.7.57:80 check
+
+backend ingress-443
+    option log-health-checks
+    server node-1-rpi4 192.168.7.51:443 check
+    server node-2-lxc  192.168.7.52:443 check
+    server node-3-lxc  192.168.7.53:443 check
+    server node-4-lxc  192.168.7.54:443 check
+    server node-5-rpi4 192.168.7.55:443 check
+    server node-6-rpi4 192.168.7.56:443 check
+    server node-7-rpi4 192.168.7.57:443 check
+    
+