diff --git a/roles/nginx_site/templates/gw.home.foo.sh.conf.j2 b/roles/nginx_site/templates/gw.home.foo.sh.conf.j2
index 72a9bc3..51b7052 100644
--- a/roles/nginx_site/templates/gw.home.foo.sh.conf.j2
+++ b/roles/nginx_site/templates/gw.home.foo.sh.conf.j2
@@ -1,6 +1,3 @@
-    ssl_client_certificate {{ tls_certs }}/ca.crt;
-    ssl_verify_client on;
-
 {% for host in ssh_proxy_hosts %}
     location /{{ host | hash('sha1') }}/ {
         proxy_pass http://127.0.0.1:6000?token={{ host | hash('sha1') }};
diff --git a/roles/nginx_site/templates/site.conf.j2 b/roles/nginx_site/templates/site.conf.j2
index d55fe5c..386f023 100644
--- a/roles/nginx_site/templates/site.conf.j2
+++ b/roles/nginx_site/templates/site.conf.j2
@@ -29,7 +29,11 @@ server {
     ssl_certificate {{ tls_certs }}/{{ nginx_site_name }}-fullchain.crt;
     ssl_certificate_key {{ tls_private }}/{{ nginx_site_name }}.key;
 
-{% include "./{}.conf.j2".format(nginx_site_name) ignore missing %}
+{% if nginx_site_port is defined %}
+{%   include "./{}:{}.conf.j2".format(nginx_site_name, nginx_site_port) ignore missing %}
+{% else %}
+{%   include "./{}.conf.j2".format(nginx_site_name) ignore missing %}
+{% endif %}
 {% if nginx_site_redirect is defined %}
     return 301 {{ nginx_site_redirect }};
 {% elif nginx_site_proxy is defined %}