diff --git a/.gitmodules b/.gitmodules
index 6b4baba72..3b435ee38 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -39,7 +39,7 @@
 	url = https://github.com/packstack/puppetlabs-xinetd.git
 [submodule "packstack/puppet/modules/apache"]
 	path = packstack/puppet/modules/apache
-	url = https://github.com/packstack/puppetlabs-apache.git
+	url = https://github.com/puppetlabs/puppetlabs-apache.git
 [submodule "packstack/puppet/modules/firewall"]
 	path = packstack/puppet/modules/firewall
 	url = https://github.com/puppetlabs/puppetlabs-firewall.git
diff --git a/packstack/puppet/modules/apache b/packstack/puppet/modules/apache
index a2d8e839c..a9017af01 160000
--- a/packstack/puppet/modules/apache
+++ b/packstack/puppet/modules/apache
@@ -1 +1 @@
-Subproject commit a2d8e839c4c9c1cdd9ea9f733658dc83aa23c765
+Subproject commit a9017af0190bbfaf56cffbac042ca2a081198e89
diff --git a/packstack/puppet/templates/horizon.pp b/packstack/puppet/templates/horizon.pp
index 9a6ac04c0..861923180 100644
--- a/packstack/puppet/templates/horizon.pp
+++ b/packstack/puppet/templates/horizon.pp
@@ -1,4 +1,7 @@
 $horizon_packages = ["python-memcached", "python-netaddr"]
+
+include concat::setup
+
 package {$horizon_packages:
     notify => Class["horizon"],
     ensure => present,
@@ -20,14 +23,10 @@ class {'horizon':
 }
 
 class {'memcached':}
-if '%(CONFIG_NAGIOS_INSTALL)s' == 'y' {
-  class {'apache::mod::php': }
-  # The apache module purges files it doesn't know about
-  # avoid this be referencing them here
-  file { '/etc/httpd/conf.d/nagios.conf':}
-}
 
-firewall { '001 horizon incoming':
+$firewall_port = %(CONFIG_HORIZON_PORT)s
+
+firewall { '001 horizon ${firewall_port}  incoming':
     proto    => 'tcp',
     dport    => [%(CONFIG_HORIZON_PORT)s],
     action   => 'accept',
diff --git a/packstack/puppet/templates/https.pp b/packstack/puppet/templates/https.pp
index d7c8c29d7..171eae27d 100644
--- a/packstack/puppet/templates/https.pp
+++ b/packstack/puppet/templates/https.pp
@@ -29,37 +29,45 @@ file_line{'nohttp_ip':
     require =>  Class['horizon']
 }
 
-
 # if the mod_ssl apache puppet module does not install
 # this file, we ensure it haves the minimum
 # requirements for SSL to work
-file {'/etc/httpd/conf.d/ssl.conf':
-    path => '/etc/httpd/conf.d/ssl.conf',
-    ensure => file,
-    mode => '0644'
-} -> file_line{'ssl_port':
-    path  => '/etc/httpd/conf.d/ssl.conf',
-    match => 'Listen .+',
-    line  => 'Listen 443',
-    require =>  Class['apache::mod::ssl']
-} -> file_line{'ssl_engine':
-    path => '/etc/httpd/conf.d/ssl.conf',
-    match => 'SSLEngine .+',
-    line => 'SSLEngine on',
-    require =>  Class['apache::mod::ssl']
+$ssl_lines = {
+    'ssl_port' => {
+        path  => '/etc/httpd/conf.d/ssl.conf',
+        match => 'Listen .+',
+        line  => 'Listen 443',
+        require =>  Class['apache::mod::ssl']
+    },
+    'start_vhost_ssl' => {
+        path => '/etc/httpd/conf.d/ssl.conf',
+        line => '<VirtualHost *:443>',
+        require => File_line['ssl_port'],
+     },
+    'ssl_engine' => {
+        path => '/etc/httpd/conf.d/ssl.conf',
+        match => 'SSLEngine .+',
+        line => 'SSLEngine on',
+        require =>   File_line['start_vhost_ssl'],
+     },
+    # set the name of the ssl cert and key file
+    'sslcert' => {
+        path => '/etc/httpd/conf.d/ssl.conf',
+        match => '^SSLCertificateFile ',
+        line => 'SSLCertificateFile /etc/pki/tls/certs/ssl_ps_server.crt',
+        require => File_line['ssl_engine'],
+    },
+    'sslkey' => {
+        path => '/etc/httpd/conf.d/ssl.conf',
+        match => '^SSLCertificateKeyFile ',
+        line => 'SSLCertificateKeyFile /etc/pki/tls/private/ssl_ps_server.key',
+        require =>  File_line['sslcert'],
+    },
+    'end_vhost_ssl' => {
+        path => '/etc/httpd/conf.d/ssl.conf',
+        line => '</VirtualHost>',
+        require => File_line['sslkey'],
+     },
 }
 
-# set the name of the ssl cert and key file
-file_line{'sslcert':
-    path => '/etc/httpd/conf.d/ssl.conf',
-    match => '^SSLCertificateFile ',
-    line => 'SSLCertificateFile /etc/pki/tls/certs/ssl_ps_server.crt',
-    require =>  Class['apache::mod::ssl']
-}
-
-file_line{'sslkey':
-    path => '/etc/httpd/conf.d/ssl.conf',
-    match => '^SSLCertificateKeyFile ',
-    line => 'SSLCertificateKeyFile /etc/pki/tls/private/ssl_ps_server.key',
-    require =>  Class['apache::mod::ssl']
-}
+create_resources(file_line, $ssl_lines)
diff --git a/packstack/puppet/templates/nagios_server.pp b/packstack/puppet/templates/nagios_server.pp
index 84362544d..24c7376db 100644
--- a/packstack/puppet/templates/nagios_server.pp
+++ b/packstack/puppet/templates/nagios_server.pp
@@ -55,14 +55,12 @@ class{'nagios_configs':
     notify => [Service['nagios'], Service['httpd']],
 }
 
-class {'apache': }
+include concat::setup
+
+class {'apache':
+    purge_configs => false,
+}
 class {'apache::mod::php': }
-class {'apache::mod::wsgi':}
-# The apache module purges files it doesn't know about
-# avoid this be referencing them here
-file { '/etc/httpd/conf.d/openstack-dashboard.conf':}
-file { '/etc/httpd/conf.d/rootredirect.conf':}
-file { '/etc/httpd/conf.d/nagios.conf':}
 
 service{['nagios']:
     ensure => running,