diff --git a/inventory/group_vars/os-proxies b/inventory/group_vars/os-proxies
index d03d1d933f..a4b8e7a335 100644
--- a/inventory/group_vars/os-proxies
+++ b/inventory/group_vars/os-proxies
@@ -9,16 +9,10 @@ tcp_ports: [
     # For os routers
     80,
     443,
+    # For haproxy status
+    8080,
     # For ks8 api
     6443,
     # For machinectl api
     22623,
-    # 9941 is closed generally, is for the inbound fedmsg and is covered in
-    # custom_rules
-]
-
-custom_rules: [
-    # Needed for keepalived
-    '-A INPUT -d 224.0.0.0/8 -j ACCEPT',
-    '-A INPUT -p vrrp -j ACCEPT',
 ]
diff --git a/playbooks/groups/os-proxies.yml b/playbooks/groups/os-proxies.yml
index ca32ce08b0..96bbe693bf 100644
--- a/playbooks/groups/os-proxies.yml
+++ b/playbooks/groups/os-proxies.yml
@@ -18,12 +18,12 @@
 
   roles:
   - base
+  - basessh
   - fas_client
   - rkhunter
   - nagios_client
   - collectd/base
   - sudo
-  - keepalived
 
   tasks:
   - import_tasks: "{{ tasks_path }}/2fa_client.yml"