diff --git a/roles/debian/nginx/defaults/main.yml b/roles/debian/nginx/defaults/main.yml
index 3a73d33a3..22f2e136c 100644
--- a/roles/debian/nginx/defaults/main.yml
+++ b/roles/debian/nginx/defaults/main.yml
@@ -117,6 +117,8 @@ nginx:
     cache_behavior_public: "add_header Cache-Control \"public, max-age=604800\""
     proxy_host: localhost
     proxy_port: 8443
+    # Set a custom port for Let's Encrypt to bind to during the initial certificate run
+    # vhost_letsencrypt_port: []
     # You can inject custom directives into the main nginx.conf file here by providing them as a list of strings.
     #custom_directives: []
   # Group prefix. Useful for grouping by environments.
diff --git a/roles/debian/nginx/templates/vhost_letsencrypt.j2 b/roles/debian/nginx/templates/vhost_letsencrypt.j2
index 342041489..b66b35b02 100644
--- a/roles/debian/nginx/templates/vhost_letsencrypt.j2
+++ b/roles/debian/nginx/templates/vhost_letsencrypt.j2
@@ -1,7 +1,11 @@
 ### {{ ansible_managed }}
 
 server {
+    {% if nginx.vhost_letsencrypt_port is defined %}
+    listen {{ nginx.vhost_letsencrypt_port }};
+    {% else %}
     listen 80;
+    {% endif %}
     server_name {{ domain.server_name }};
     error_log {{ domain.error_log }} {{ domain.error_log_level }};
     access_log {{ domain.access_log }} {{ domain.access_log_format | default('main') }};