diff --git a/defaults/main.yml b/defaults/main.yml
index 7b87005..6bec637 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -44,7 +44,7 @@ infra_use_graylog: true
 # Configure PiHole
 infra_use_pihole: true
 # Configure Unifi Controller
-infra_use_unifi: true
+infra_use_unifi: false
 # Configure wireguard
 infra_use_wireguard: true
 # Configure Vaultwarden
@@ -72,17 +72,22 @@ infra_unifi_version: latest
 infra_unifi_container_image: "ghcr.io/linuxserver/unifi-controller:{{ infra_unifi_version }}"
 # unifi container memory
 infra_unifi_container_memory: 4g
-# unifi container ports
-infra_unifi_container_ports:
-  admin: 8443
-  device_comms: 8080
-  guest_portal_https: 8843
-  guest_portal_http: 8880
-  throughput: 6789
-  stun: 3478
-  discovery: 10001
-  l2_discovery: 1900
-  syslog: 5514
+# Middleware for the Unifi container
+svc_traefik_extra_middlewares:
+  unifi-headers-mwr:
+    headers:
+      customRequestHeaders:
+        Authorization: ''
+        X-Forwarded-Proto: 'https'
+# Add a route to the Unifi admin portal (due to network_mode: host on the container)
+svc_traefik_extra_hosts:
+  - name: unifi
+    subdomain: "{{ infra_unifi_container_hostname }}"
+    shortname: "unifi"
+    middlewares: [unifi-headers-mwr, lan-mwr]
+    protocol: https
+    ip_addr: "{{ ansible_default_ipv4.address }}"
+    port: "{{ infra_unifi_container_ports.admin }}"
 
 ### Pihole ###
 # Directories for Pihole
diff --git a/tasks/deploy_unifi.yml b/tasks/deploy_unifi.yml
index f89f6f3..cb39222 100644
--- a/tasks/deploy_unifi.yml
+++ b/tasks/deploy_unifi.yml
@@ -26,15 +26,6 @@
       - "{{ infra_unifi_directories.log.path }}:/config/logs"
       - "{{ infra_unifi_directories.data.path }}:/config/data"
     network_mode: host
-    ports:
-      - "{{ infra_unifi_container_ports.admin | default('8443') }}:8443"
-      - "{{ infra_unifi_container_ports.device_comms | default('8080') }}:8080"
-      - "{{ infra_unifi_container_ports.guest_portal_https | default('8843') }}:8843"
-      - "{{ infra_unifi_container_ports.throughput | default('6789') }}:6789"
-      - "{{ infra_unifi_container_ports.stun | default('3478') }}:3478/udp"
-      - "{{ infra_unifi_container_ports.discovery | default('10001') }}:10001/udp"
-      - "{{ infra_unifi_container_ports.l2_discovery | default('1900') }}:1900/udp"
-      - "{{ infra_unifi_container_ports.syslog | default('5514') }}:5514/udp"
     healthcheck:
       test: ["CMD", "curl", "--fail", "http://localhost:{{ infra_unifi_container_ports.device_comms }}"]
       interval: 30s
diff --git a/vars/main.yml b/vars/main.yml
index 1815d95..736c004 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,9 +1,21 @@
 ---
 # Environment variables for the Unifi container
 infra_unifi_env_vars:
-  PUID: "{{ infra_user_uid }}"
-  PGID: "{{ infra_group_gid }}"
-  TZ: "{{ infra_tz | default('Etc/UTC') }}"
+  PUID: "{{ infra_user_uid | string }}"
+  PGID: "{{ infra_group_gid | string }}"
+  TZ: "{{ infra_tz | default('Etc/UTC') | string }}"
+
+# unifi container ports
+infra_unifi_container_ports:
+  admin: 8443
+  device_comms: 8080
+  guest_portal_https: 8843
+  guest_portal_http: 8880
+  throughput: 6789
+  stun: 3478
+  discovery: 10001
+  l2_discovery: 1900
+  syslog: 5514
 
 # Environment variables for the Pihole container
 infra_pihole_env_vars: