diff --git a/ansible/requirements/requirements.yml b/ansible/requirements/requirements.yml
index a0d4e1f8..3382d813 100644
--- a/ansible/requirements/requirements.yml
+++ b/ansible/requirements/requirements.yml
@@ -2,8 +2,8 @@
   version: v2.0.0
 - name: robertdebock.python_pip
   version: 3.3.0
-- name: geerlingguy.nginx
-  version: 2.8.0
+- name: nginxinc.nginx
+  version: 0.14.0
 - name: geerlingguy.php
   version: 4.4.0
 - name: geerlingguy.php-versions
diff --git a/ansible/roles/stackhead_setup/tasks/setup-nginx.yml b/ansible/roles/stackhead_setup/tasks/setup-nginx.yml
index 96ce373c..c8e3bf3f 100644
--- a/ansible/roles/stackhead_setup/tasks/setup-nginx.yml
+++ b/ansible/roles/stackhead_setup/tasks/setup-nginx.yml
@@ -5,13 +5,28 @@
     dest: /etc/nginx
 - name: Setup Nginx
   vars:
-    nginx_ppa_use: true
-    nginx_conf_template: "{{ stackhead__templates }}/nginx.conf.j2"
-    nginx_vhosts: []
-    __nginx_user: "stackhead"
-    root_group: "stackhead"
+    nginx_main_template_enable: 1
+    nginx_html_demo_template_enable: 1
+    nginx_main_template:
+      user: "stackhead"
+      http_custom_options:
+        # Add X-XSS-Protection for HTML documents. /etc/nginx/h5bp/security/x-xss-protection.conf
+        - "map $sent_http_content_type $x_xss_protection {\n      ~*text/html \"1; mode=block\";\n     }"
+        # Add X-Frame-Options for HTML documents. /etc/nginx/h5bp/security/x-frame-options.conf
+        - "map $sent_http_content_type $x_frame_options {\n       ~*text/html DENY;\n     }"
+        # Add Content-Security-Policy for HTML documents. /etc/nginx/h5bp/security/content-security-policy.conf
+        - "map $sent_http_content_type $content_security_policy {\n       ~*text/html \"default-src 'self'; base-uri 'none'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests\";\n     }"
+        # Add Referrer-Policy for HTML documents. /etc/nginx/h5bp/security/referrer-policy.conf.conf
+        - "map $sent_http_content_type $referrer_policy {\n       ~*text/html \"strict-origin-when-cross-origin\";\n     }"
+        # Add X-UA-Compatible for HTML documents. /etc/nginx/h5bp/internet_explorer/x-ua-compatible.conf
+        - "map $sent_http_content_type $x_ua_compatible {\n       ~*text/html \"IE=edge\";\n     }"
+        # Add Access-Control-Allow-Origin. /etc/nginx/h5bp/cross-origin/requests.conf
+        - "map $sent_http_content_type $cors {\n       ~*image/ \"*\";\n       ~*font/ \"*\";\n       ~*application/vnd.ms-fontobject \"*\";\n       ~*application/x-font-ttf \"*\";\n       ~*application/font-woff \"*\";\n       ~*application/x-font-woff \"*\";\n       ~*application/font-woff2 \"*\";\n     }"
+      http_custom_includes:
+        - /etc/nginx/h5bp/web_performance/compression.conf
+        - /etc/nginx/h5bp/web_performance/cache_expiration.conf
   include_role:
-    name: geerlingguy.nginx
+    name: nginxinc.nginx
 - name: adjust owner of /var/www directories
   file:
     path: /var/www
diff --git a/ansible/templates/nginx.conf.j2 b/ansible/templates/nginx.conf.j2
deleted file mode 100644
index d0985f8a..00000000
--- a/ansible/templates/nginx.conf.j2
+++ /dev/null
@@ -1,139 +0,0 @@
-{# This templates sets includes and maps from vendor/server-configs-nginx/nginx.conf #}
-{# This is the same as roles/geerlingguy.nginx/templates/nginx.conf.j2 but extending that did not work #}
-{# the only change is that block http_begin is provided #}
-
-user  {{ nginx_user }};
-
-error_log  {{ nginx_error_log }};
-pid        {{ nginx_pidfile }};
-
-{% block worker %}
-worker_processes  {{ nginx_worker_processes }};
-{% endblock %}
-
-{% if nginx_extra_conf_options %}
-{{ nginx_extra_conf_options }}
-{% endif %}
-
-{% block events %}
-events {
-    worker_connections  {{ nginx_worker_connections }};
-    multi_accept {{ nginx_multi_accept }};
-}
-{% endblock %}
-
-http {
-{% block http_begin %}
-  # Enable gzip compression.
-  include /etc/nginx/h5bp/web_performance/compression.conf;
-
-  # Specify file cache expiration.
-  include /etc/nginx/h5bp/web_performance/cache_expiration.conf;
-
-  # Add X-XSS-Protection for HTML documents.
-  # /etc/nginx/h5bp/security/x-xss-protection.conf
-  map $sent_http_content_type $x_xss_protection {
-    #           (1)    (2)
-    ~*text/html "1; mode=block";
-  }
-
-  # Add X-Frame-Options for HTML documents.
-  # /etc/nginx/h5bp/security/x-frame-options.conf
-  map $sent_http_content_type $x_frame_options {
-    ~*text/html DENY;
-  }
-
-  # Add Content-Security-Policy for HTML documents.
-  # /etc/nginx/h5bp/security/content-security-policy.conf
-  map $sent_http_content_type $content_security_policy {
-    ~*text/html "default-src 'self'; base-uri 'none'; form-action 'self'; frame-ancestors 'none'; upgrade-insecure-requests";
-  }
-
-  # Add Referrer-Policy for HTML documents.
-  # /etc/nginx/h5bp/security/referrer-policy.conf.conf
-  map $sent_http_content_type $referrer_policy {
-    ~*text/html "strict-origin-when-cross-origin";
-  }
-
-  # Add X-UA-Compatible for HTML documents.
-  # /etc/nginx/h5bp/internet_explorer/x-ua-compatible.conf
-  map $sent_http_content_type $x_ua_compatible {
-    ~*text/html "IE=edge";
-  }
-
-  # Add Access-Control-Allow-Origin.
-  # /etc/nginx/h5bp/cross-origin/requests.conf
-  map $sent_http_content_type $cors {
-    # Images
-    ~*image/ "*";
-
-    # Web fonts
-    ~*font/                         "*";
-    ~*application/vnd.ms-fontobject "*";
-    ~*application/x-font-ttf        "*";
-    ~*application/font-woff         "*";
-    ~*application/x-font-woff       "*";
-    ~*application/font-woff2        "*";
-  }
-{% endblock %}
-
-{% block http_basic %}
-    include       {{ nginx_mime_file_path }};
-    default_type  application/octet-stream;
-
-    server_names_hash_bucket_size {{ nginx_server_names_hash_bucket_size }};
-
-    client_max_body_size {{ nginx_client_max_body_size }};
-
-    log_format  main  {{ nginx_log_format|indent(23) }};
-
-    access_log  {{ nginx_access_log }};
-
-    sendfile        {{ nginx_sendfile }};
-    tcp_nopush      {{ nginx_tcp_nopush }};
-    tcp_nodelay     {{ nginx_tcp_nodelay }};
-
-    keepalive_timeout  {{ nginx_keepalive_timeout }};
-    keepalive_requests {{ nginx_keepalive_requests }};
-
-    server_tokens {{ nginx_server_tokens }};
-{% if nginx_proxy_cache_path %}
-    proxy_cache_path {{ nginx_proxy_cache_path }};
-{% endif %}
-{% endblock %}
-
-{% block http_gzip %}
-    # gzip on;
-{% endblock %}
-
-{% if nginx_extra_http_options %}
-    {{ nginx_extra_http_options|indent(4, False) }}
-{% endif %}
-
-{% block http_upstream %}
-{% for upstream in nginx_upstreams %}
-    upstream {{ upstream.name }} {
-{% if upstream.strategy is defined %}
-        {{ upstream.strategy }};
-{% endif %}
-{% for server in upstream.servers %}
-        server {{ server }};
-{% endfor %}
-{% if upstream.keepalive is defined %}
-        keepalive {{ upstream.keepalive }};
-{% endif %}
-    }
-{% endfor %}
-{% endblock %}
-
-{% block http_includes %}
-    include {{ nginx_conf_path }}/*.conf;
-{% if nginx_conf_path != nginx_vhost_path %}
-    include {{ nginx_vhost_path }}/*;
-{% endif %}
-{% endblock %}
-
-    {% block http_end %}{% endblock %}
-}
-
-