diff --git a/pillar/gnuviechadmin/gvaweb.sls b/pillar/gnuviechadmin/gvaweb.sls
new file mode 100644
index 0000000..cb7f085
--- /dev/null
+++ b/pillar/gnuviechadmin/gvaweb.sls
@@ -0,0 +1,9 @@
+include:
+  - gnuviechadmin
+  - gnuviechadmin.queues.common
+  - gnuviechadmin.queues.gvaweb
+
+gnuviechadmin:
+  component:
+    name: gvaweb
+    amqp_user: web
diff --git a/states/gnuviechadmin/gvaweb.sls b/states/gnuviechadmin/gvaweb.sls
new file mode 100644
index 0000000..4910ce0
--- /dev/null
+++ b/states/gnuviechadmin/gvaweb.sls
@@ -0,0 +1,14 @@
+include:
+  - gnuviechadmin.base
+  - gnuviechadmin.celery
+
+sudo:
+  pkg.installed
+
+/etc/sudoers.d/gvaweb:
+  file.managed:
+    - user: root
+    - group: root
+    - source: salt://gnuviechadmin/gvaweb/sudoers
+    - require:
+      - pkg: sudo
diff --git a/states/gnuviechadmin/gvaweb/run_celery.sh b/states/gnuviechadmin/gvaweb/run_celery.sh
new file mode 100644
index 0000000..085dd5c
--- /dev/null
+++ b/states/gnuviechadmin/gvaweb/run_celery.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+
+set -ex
+
+. {{ home }}/gvasettings.sh
+
+unset LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY \
+    LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT \
+    LC_IDENTIFICATION LC_ALL
+
+cd {{ appdir }}
+{{ virtualenv }}/bin/celery worker -A gvaweb -Q web --loglevel=INFO
diff --git a/states/gnuviechadmin/gvaweb/settings.sh b/states/gnuviechadmin/gvaweb/settings.sh
new file mode 100644
index 0000000..9b90cc9
--- /dev/null
+++ b/states/gnuviechadmin/gvaweb/settings.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+export GVAWEB_BROKER_URL='{{ broker_url }}'
+export GVAWEB_RESULTS_REDIS_URL="redis://:{{ salt['pillar.get']('gnuviechadmin:redis_password') }}@{{ salt['pillar.get']('gnuviechadmin:redis_host') }}/0"
+export GVAWEB_NGINX_SITES_AVAILABLE="{{ salt['pillar.get']('gnuviechadmin:nginx_sites_available', '/etc/nginx/sites-available') }}"
+export GVAWEB_NGINX_SITES_ENABLED="{{ salt['pillar.get']('gnuviechadmin:nginx_sites_enabled', '/etc/nginx/sites-enabled') }}"
+export GVAWEB_PHPFPM_POOL="{{ salt['pillar.get']('gnuviechadmin:phpfpm_pool', '/etc/php5/fpm/pool.d') }}"
+export GVAWEB_WWWUSER_MOUNT="{{ salt['pillar.get']('gnuviechadmin:wwwuser_mount', '/srv/wwwfiles') }}"
diff --git a/states/gnuviechadmin/gvaweb/sudoers b/states/gnuviechadmin/gvaweb/sudoers
new file mode 100644
index 0000000..d0adbb6
--- /dev/null
+++ b/states/gnuviechadmin/gvaweb/sudoers
@@ -0,0 +1,3 @@
+Cmnd_Alias GVAWEB_CMDS = /usr/bin/install, /bin/rm, /bin/ln, /usr/sbin/service
+
+gvaweb  ALL = (root) NOPASSWD: GVAWEB_CMDS
diff --git a/states/webserver/init.sls b/states/webserver/init.sls
index 5d287ae..4b0dd00 100644
--- a/states/webserver/init.sls
+++ b/states/webserver/init.sls
@@ -19,6 +19,8 @@ generate-dhparam-nginx:
     - name: openssl dhparam -out {{ ssldir }}/dhparams.pem 2048
     - umask: 022
     - runas: root
+    - timeout: 300
+    - output_loglevel: debug
     - creates: {{ ssldir }}/dhparams.pem
     - require_in:
       - file: /etc/nginx/conf.d/ssl.conf