diff --git a/defaults/main.yml b/defaults/main.yml
index 65cf893..ac0afc0 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -35,4 +35,4 @@ nextcloud_php_version: 7.3
 
 nextcloud_reset_lib_directory: true
 
-nextcloud_webserver: nginx
+nextcloud_webserver: apache2
diff --git a/templates/nginx-vhost.conf.j2 b/templates/nginx-vhost.conf.j2
index c9adc95..4e88853 100644
--- a/templates/nginx-vhost.conf.j2
+++ b/templates/nginx-vhost.conf.j2
@@ -8,6 +8,11 @@ server {
     listen 80;
     listen [::]:80;
     server_name {{nextcloud_server_names|join(' ')}};
+    
+    location /.well-known/acme-challenge {
+      default_type "text/plain";
+      root /var/www/default;
+    }
 
     # enforce https
     return 301 https://$server_name:443$request_uri;
@@ -18,9 +23,6 @@ server {
     listen [::]:443 ssl http2;
     server_name {{nextcloud_server_names|join(' ')}};
 
-    # Use Mozilla's guidelines for SSL/TLS settings
-    # https://mozilla.github.io/server-side-tls/ssl-config-generator/
-    # NOTE: some settings below might be redundant
     ssl_certificate /etc/ssl/certs/{{nextcloud_server_names|first}}.fullchain.pem;
     ssl_certificate_key /etc/ssl/private/{{nextcloud_server_names|first}}.key.pem;