diff --git a/manifests/varnish/vhost.pp b/manifests/varnish/vhost.pp
index 89fbbe6..27ddc3a 100644
--- a/manifests/varnish/vhost.pp
+++ b/manifests/varnish/vhost.pp
@@ -1,15 +1,15 @@
 # Virtual host definition for varnish
 
 define profile::varnish::vhost (
   String $servername = $title,
   String $order = '50',
   Array[String] $aliases = [],
-  String $extra_recv_vcl = '',
-  String $extra_deliver_vcl = '',
-  String $hsts_max_age = undef,
+  Optional[String] $vcl_recv_extra = undef,
+  Optional[String] $vcl_deliver_extra = undef,
+  Optional[String] $hsts_max_age = undef,
 ) {
   ::profile::varnish::vcl_include {"vhost_${servername}":
     order   => $order,
     content => template('profile/varnish/vhost.vcl.erb'),
   }
 }
diff --git a/templates/varnish/vhost.vcl.erb b/templates/varnish/vhost.vcl.erb
index 246dbe3..8048373 100644
--- a/templates/varnish/vhost.vcl.erb
+++ b/templates/varnish/vhost.vcl.erb
@@ -1,40 +1,44 @@
 # vhost_<%= @servername %>.vcl
 #
 # Settings for the <%= @servername %> vhost
 #
 # File managed by puppet. All modifications will be lost.
 
 import std;
 
 sub vcl_recv {
     if (
 <% @aliases.each do |alias| %>
         req.http.host ~ "^(?i)<%= Regexp.escape(alias) %>$" ||
 <% end %>
         req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>$"
     ) {
         if (std.port(server.ip) != <%= scope['::profile::varnish::http_port'] %>) {
             set req.http.x-redir = "https://" + req.http.host + req.url;
             return(synth(850, "Moved permanently"));
         }
-        <%= @extra_recv_vcl %>
+<% if @vcl_recv_extra %>
+        <%= @vcl_recv_extra %>
+<% end %>
     }
 }
 
-<% if @hsts_max_age or @extra_deliver_vcl %>
+<% if @hsts_max_age or @vcl_deliver_extra %>
 sub vcl_deliver {
     if (
 <% @aliases.each do |alias| %>
         req.http.host ~ "^(?i)<%= Regexp.escape(alias) %>$" ||
 <% end %>
         req.http.host ~ "^(?i)<%= Regexp.escape(@servername) %>$"
     ) {
 <% if @hsts_max_age %>
         if (std.port(server.ip) != <%= scope['::profile::varnish::http_port'] %>) {
             set resp.http.Strict-Transport-Security = "max-age=<%= @hsts_max_age %>;";
         }
 <% end %>
-        <%= @extra_deliver_vcl %>
+<% if @vcl_deliver_extra %>
+        <%= @vcl_deliver_extra %>
+<% end %>
     }
 }
 <% end %>