diff --git a/templates/haproxy_cfg b/templates/haproxy_cfg
index 53436cd7adc3903a405a85794c5515579ff01d93..fbe3247d3bc45e8f105f9bf2ad86ba802987694b 100644
--- a/templates/haproxy_cfg
+++ b/templates/haproxy_cfg
@@ -46,6 +46,10 @@ frontend http-in
   bind *:80
   acl blockedip src  -i -f /etc/haproxy/blacklist
   http-request deny if blockedip
+{% if varnish_host|default(false) %}
+  acl static_content path_end .jpg .jpeg .gif .png .ico .swf .css .js .htm .html
+  use_backend backend_varnish if static_content
+{% endif %}
 {% for host in groups['all'] %}
 {% for redirect in hostvars[host].proxy_redirect|default([]) %}
   redirect prefix http://{{redirect.to}} if { hdr_dom(host) -i {{redirect.from}} }
@@ -67,6 +71,10 @@ frontend https-in-{{ cert.ip }}
   bind {{ cert.ip }}:443 ssl crt /etc/haproxy/certs/{{ cert.file }} no-sslv3
   acl blockedip src  -i -f /etc/haproxy/blacklist
   http-request deny if blockedip
+{% if varnish_host|default(false) %}
+  acl static_content path_end .jpg .jpeg .gif .png .ico .swf .css .js .htm .html
+  use_backend backend_varnish if static_content
+{% endif %}
 {% for host in groups['all'] %}
 {% for redirect in hostvars[host].proxy_redirect|default([]) %}
   redirect prefix https://{{redirect.to}} if { hdr_dom(host) -i {{redirect.from}} }
@@ -83,12 +91,16 @@ frontend https-in-{{ cert.ip }}
 {% endif %}
 {% endfor %}
 {% endfor %}
-
 {% for host in groups['all'] %}
+
 backend backend_{{host}}
   server server_{{host}} {{hostvars[host]['static_ipv4']|default(hostvars[host]['ansible_default_ipv4']['address'])}}:80 maxconn 32
-
 {% endfor %}
+{% if varnish_host|default(false) %}
+
+backend backend_varnish
+  server varnish {{ varnish_host }}:6081 maxconn 32
+{% endif %}
 
 backend backend_redirect_ssl
   redirect scheme https if TRUE