diff --git a/infrastructure/ingress-nginx/release.yaml b/infrastructure/ingress-nginx/release.yaml
index 98306bd5fe6ada2afc3524834f0d3679e096df6f..0bf79679c2bd2e699ef80d6e156119facd57701a 100644
--- a/infrastructure/ingress-nginx/release.yaml
+++ b/infrastructure/ingress-nginx/release.yaml
@@ -189,8 +189,8 @@ spec:
         #   tcp:
         #     8080: 32808
         nodePorts:
-          http: 80
-          https: 443
+          http: 32080
+          https: 32443
           tcp: {}
           udp: {}
 
diff --git a/terraform/firewall.tf b/terraform/firewall.tf
index c9c141521937f5a10b552b30a844acde1b9b2d7f..d156b903ac8a7d517b621a4646239b0eb6f841a5 100644
--- a/terraform/firewall.tf
+++ b/terraform/firewall.tf
@@ -155,14 +155,14 @@ resource "hcloud_firewall" "k8s-ingress" {
       description     = "Public HTTP"
       direction       = "in"
       protocol        = "tcp"
-      port            = "80"
+      port            = "32080"
       source_ips      = [for s in [hcloud_load_balancer.lb.ipv4] : "${s}/32"]
   }
   rule {
       description     = "Public HTTPS"
       direction       = "in"
       protocol        = "tcp"
-      port            = "443"
+      port            = "32443"
       source_ips      = [for s in [hcloud_load_balancer.lb.ipv4] : "${s}/32"]
   }
 }
diff --git a/terraform/loadbalancer.tf b/terraform/loadbalancer.tf
index 93881fa4b3aae344a6114654780f2545d57665f3..4fbb95169686dac7110ec60864cad4a366647049 100644
--- a/terraform/loadbalancer.tf
+++ b/terraform/loadbalancer.tf
@@ -36,7 +36,7 @@ resource "hcloud_load_balancer_service" "lb_ingress_http" {
   load_balancer_id = hcloud_load_balancer.lb.id
   protocol         = "tcp"
   listen_port      = 80
-  destination_port = 80
+  destination_port = 32080
 
   health_check {
     protocol = "tcp"
@@ -51,7 +51,7 @@ resource "hcloud_load_balancer_service" "lb_ingress_https" {
   load_balancer_id = hcloud_load_balancer.lb.id
   protocol         = "tcp"
   listen_port      = 443
-  destination_port = 443
+  destination_port = 32443
 
   health_check {
     protocol = "tcp"
diff --git a/terraform/main.tf b/terraform/main.tf
index 0049bbcf2f774b0bfff8420857aaa49b82049352..6b0fbf68b107dd5352faad865dbeaa45ab04bd65 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -16,7 +16,8 @@ module "nodes" {
   image          = var.image
   labels          = {
     "k8s.io/node" = "true",
-    "k8s.io/master" = "true"
+    "k8s.io/master" = "true",
+    "k8s.io/ingress" = "true",
   }
   placement_group_id = hcloud_placement_group.k8s.id
   ssh_keys       = data.hcloud_ssh_keys.all_keys.ssh_keys.*.name