diff --git a/group_vars/bastions.yml b/group_vars/bastions.yml
index 8e415da..f67f075 100644
--- a/group_vars/bastions.yml
+++ b/group_vars/bastions.yml
@@ -7,15 +7,19 @@ haproxy:
           - drone.badjware.dev
           - grafana.badjware.dev
         dst:
-          - 192.168.20.20
-          - 192.168.20.21
-          - 192.168.20.22
-          - 192.168.20.23
-          - 192.168.20.24
+          - server: 192.168.20.20
+          - server: 192.168.20.21
+            extra_param: backup
+          - server: 192.168.20.22
+            extra_param: backup
+          - server: 192.168.20.23
+            extra_param: backup
+          - server: 192.168.20.24
+            extra_param: backup
       - src:
           - s3.badjware.dev
         dst:
-          - 192.168.20.30:9000
+          - server: 192.168.20.30:9000
         ssl: false
       # - src:
       #     - kubernetes-dashboard.badjnet.home
@@ -31,11 +35,15 @@ haproxy:
     tcp:
       - src: "30022"
         dst:
-          - 192.168.20.20:30022
-          - 192.168.20.21:30022
-          - 192.168.20.22:30022
-          - 192.168.20.23:30022
-          - 192.168.20.24:30022
+          - server: 192.168.20.20:30022
+          - server: 192.168.20.21:30022
+            extra_param: backup
+          - server: 192.168.20.22:30022
+            extra_param: backup
+          - server: 192.168.20.23:30022
+            extra_param: backup
+          - server: 192.168.20.24:30022
+            extra_param: backup
 
 letsencrypt:
   domains:
diff --git a/hosts b/hosts
index 879b7ce..b770dad 100644
--- a/hosts
+++ b/hosts
@@ -65,7 +65,7 @@ all:
     debian:
       hosts:
         ubiquiti:
-          ansible_host: 192.168.10.3
+          ansible_host: 192.168.10.2
         pihole:
           ansible_host: 192.168.20.2
       children:
diff --git a/roles/haproxy/templates/haproxy.cfg b/roles/haproxy/templates/haproxy.cfg
index 4a9287c..19de3f5 100644
--- a/roles/haproxy/templates/haproxy.cfg
+++ b/roles/haproxy/templates/haproxy.cfg
@@ -84,7 +84,7 @@ backend https_{{ http_route.src[0]|replace('.','_') }}
     mode http
     balance roundrobin
 {% for dst in http_route.dst %}
-    server {{ dst }} {{ dst }}{% if ':' not in dst %}:443{% endif %} check {% if http_route.ssl|default(true) %}ssl verify none alpn h2{% endif %}
+    server {{ dst.server }} {{ dst.server }}{% if ':' not in dst.server %}:443{% endif %} check {% if http_route.ssl|default(true) %}ssl verify none alpn h2{% endif %} {{ dst.extra_param|default('') }}
 
 {% endfor %}
 
@@ -100,6 +100,6 @@ frontend tcp_{{ tcp_route.src }}
 backend tcp_{{ tcp_route.src }}
     mode tcp
 {% for dst in tcp_route.dst %}
-    server {{ dst }} {{ dst }} check
+    server {{ dst.server }} {{ dst.server }} check {{ dst.extra_param|default('') }}
 {% endfor %}
 {% endfor %}