diff --git a/roles/pbx/defaults/main.yml b/roles/pbx/defaults/main.yml
index 0271907a7..187a9a949 100644
--- a/roles/pbx/defaults/main.yml
+++ b/roles/pbx/defaults/main.yml
@@ -5,13 +5,16 @@
 # pbx_install: False
 # pbx_enabled: False
 
+# pbx_try_nginx: False    # 2021-08-07: PLEASE TRY NGINX INSTEAD OF APACHE,
+# # AFTER READING https://github.com/iiab/iiab/issues/2914 AND #2916, THX !
+
 # asterisk_chan_dongle: False
 
 # pbx_signaling_ports_chan_sip: 5160:5161
 # pbx_signaling_ports_chan_pjsip: 5060
 # pbx_data_ports: 10000:20000
 # pbx_http_port: 83
-#
+
 # All above are set in: github.com/iiab/iiab/blob/master/vars/default_vars.yml
 # If nec, change them by editing /etc/iiab/local_vars.yml prior to installing!
 
diff --git a/roles/pbx/tasks/asterisk.yml b/roles/pbx/tasks/asterisk.yml
index 909f5ef3b..1fd97d589 100644
--- a/roles/pbx/tasks/asterisk.yml
+++ b/roles/pbx/tasks/asterisk.yml
@@ -33,12 +33,12 @@
     path: "{{ asterisk_src_dir }}"    # /opt/iiab/asterisk
     state: directory
 
-- name: Asterisk - Extract to source dir (root:root)
+- name: Asterisk - Extract to source dir (root:root by default)
   unarchive:
     src: "{{ downloads_dir }}/{{ asterisk_src_file }}"
     dest: "{{ asterisk_src_dir }}"
-    owner: root
-    group: root
+    # owner: root
+    # group: root
     extra_opts: [--strip-components=1]
     creates: "{{ asterisk_src_dir }}/Makefile"
 
@@ -63,8 +63,8 @@
     chdir: "{{ asterisk_src_dir }}"
     creates: addons/mp3/mpg123.h
 
-- name: Asterisk - Run './configure --with-jansson-bundled'
-  command: ./configure --with-jansson-bundled
+- name: Asterisk - Run './configure --with-pjproject-bundled --with-jansson-bundled'
+  command: ./configure --with-pjproject-bundled --with-jansson-bundled
   args:
     chdir: "{{ asterisk_src_dir }}"
 
@@ -75,11 +75,13 @@
     creates: menuselect.makeopts
 
 - name: Asterisk - Do a bit of menuselect configuration
-  command: >
-    menuselect/menuselect --enable app_macro --enable format_mp3
-    --enable CORE-SOUNDS-EN-WAV --enable CORE-SOUNDS-EN-G722
-    --enable EXTRA-SOUNDS-EN-WAV --enable EXTRA-SOUNDS-EN-G722 --enable EXTRA-SOUNDS-EN-GSM
-    --disable-category MENUSELECT_MOH
+  command: menuselect/menuselect --enable app_macro --enable format_mp3 menuselect.makeopts
+  # 2021-08-06: Let's standardize (ABOVE) if 6 others (BELOW) aren't needed?
+  # command: >
+  #   menuselect/menuselect --enable app_macro --enable format_mp3
+  #   --enable CORE-SOUNDS-EN-WAV --enable CORE-SOUNDS-EN-G722
+  #   --enable EXTRA-SOUNDS-EN-WAV --enable EXTRA-SOUNDS-EN-G722 --enable EXTRA-SOUNDS-EN-GSM
+  #   --disable-category MENUSELECT_MOH
   args:
     chdir: "{{ asterisk_src_dir }}"
 
@@ -100,7 +102,7 @@
   args:
     chdir: "{{ asterisk_src_dir }}"
 
-- name: Asterisk - Run 'make samples'
+- name: Asterisk - Run 'make samples' - this creates /etc/asterisk/asterisk.conf used below
   command: make samples
   args:
     chdir: "{{ asterisk_src_dir }}"
@@ -110,28 +112,41 @@
   args:
     chdir: "{{ asterisk_src_dir }}"
 
+# 2021-08-06: Most install recipes do 'update-rc.d -f asterisk remove' here.
+# Can't hurt but we do that a bit later in freepbx.yml
 
-- name: Asterisk - Ensure group 'asterisk' exists
-  group:
-    name: asterisk
-    state: present
 
-- name: Asterisk - Ensure system user 'asterisk' has primary group 'asterisk', groups 'audio,dialout', home '/var/lib/asterisk'
+# 2021-08-06: Taken care of just below
+# - name: Asterisk - Ensure group 'asterisk' exists
+#   group:
+#     name: asterisk
+#     state: present
+
+#- name: Asterisk - Ensure system user 'asterisk' has primary group 'asterisk', groups 'audio,dialout', home '/var/lib/asterisk'
+- name: Asterisk - Create Linux user 'asterisk'
   user:
     name: asterisk
-    group: asterisk
-    groups: audio,dialout
-    home: /var/lib/asterisk
-    system: yes
+    # group: asterisk            # 2021-08-06: Implicit
+    # groups: audio,dialout      # 2021-08-06: No longer mainline
+    # home: /var/lib/asterisk    # 2021-08-06: No longer mainline
+    # system: yes                # 2021-08-06: No longer mainline (and does nothing to pre-existing users)
+    # append: yes                # 2021-08-06: Only relevant if adding groups later
+
+- name: Asterisk - Add user 'www-data' to group 'asterisk'
+  user:
+    name: www-data
+    groups: asterisk
+    # system: yes                # 2021-08-06: Does nothing to pre-existing users
     append: yes
 
-- name: Asterisk - Set ownership for 5 directories (asterisk:asterisk, recurse)
+- name: Asterisk - Set ownership for 6 directories (asterisk:asterisk, recurse)
   file:
     dest: "{{ item }}"
     owner: asterisk
     group: asterisk
     recurse: yes
   with_items:
+    - /var/run/asterisk
     - /etc/asterisk
     - /var/lib/asterisk
     - /var/log/asterisk
diff --git a/roles/pbx/tasks/enable-or-disable.yml b/roles/pbx/tasks/enable-or-disable.yml
index a83a0befb..ba88e76b1 100644
--- a/roles/pbx/tasks/enable-or-disable.yml
+++ b/roles/pbx/tasks/enable-or-disable.yml
@@ -15,33 +15,41 @@
   when: not pbx_enabled
 
 
-- name: Enable http://box:{{ pbx_http_port }}/freepbx via Apache, if pbx_enabled    # http://box:83/freepbx
-  command: a2ensite freepbx.conf
-  when: pbx_enabled
+- block:
 
-- name: Disable http://box:{{ pbx_http_port }}/freepbx via Apache, if not pbx_enabled
-  command: a2dissite freepbx.conf
-  when: not pbx_enabled
+  - name: Enable http://box:{{ pbx_http_port }}/freepbx via Apache, if pbx_enabled    # http://box:83/freepbx
+    command: a2ensite freepbx.conf
+    when: pbx_enabled
 
-- name: Restart Apache service ({{ apache_service }})
-  systemd:
-    name: "{{ apache_service }}"    # apache2
-    state: restarted
+  - name: Disable http://box:{{ pbx_http_port }}/freepbx via Apache, if not pbx_enabled
+    command: a2dissite freepbx.conf
+    when: not pbx_enabled
+
+  - name: Restart Apache service ({{ apache_service }})
+    systemd:
+      name: "{{ apache_service }}"    # apache2
+      state: restarted
+
+  when: not pbx_try_nginx
 
 
-# - name: Enable http://box/freepbx via NGINX, by installing {{ nginx_conf_dir }}/freepbx-nginx.conf from template
-#   template:
-#     src: freepbx-nginx.conf.j2
-#     dest: "{{ nginx_conf_dir }}/freepbx-nginx.conf"    # /etc/nginx/conf.d
-#   when: pbx_enabled
+- block:
 
-# - name: Disable http://box/freepbx via NGINX, by removing {{ nginx_conf_dir }}/freepbx-nginx.conf
-#   file:
-#     path: "{{ nginx_conf_dir }}/freepbx-nginx.conf"
-#     state: absent
-#   when: not pbx_enabled
+  - name: Enable http://box/freepbx via NGINX, by installing {{ nginx_conf_dir }}/freepbx-nginx.conf from template
+    template:
+      src: freepbx-nginx.conf.j2
+      dest: "{{ nginx_conf_dir }}/freepbx-nginx.conf"    # /etc/nginx/conf.d
+    when: pbx_enabled
 
-# - name: Restart 'nginx' systemd service
-#   systemd:
-#     name: nginx
-#     state: restarted
+  - name: Disable http://box/freepbx via NGINX, by removing {{ nginx_conf_dir }}/freepbx-nginx.conf
+    file:
+      path: "{{ nginx_conf_dir }}/freepbx-nginx.conf"
+      state: absent
+    when: not pbx_enabled
+
+  - name: Restart 'nginx' systemd service
+    systemd:
+      name: nginx
+      state: restarted
+
+  when: pbx_try_nginx
diff --git a/roles/pbx/tasks/freepbx.yml b/roles/pbx/tasks/freepbx.yml
index 9e673b187..6904a21b8 100644
--- a/roles/pbx/tasks/freepbx.yml
+++ b/roles/pbx/tasks/freepbx.yml
@@ -133,10 +133,33 @@
   with_items:
     - ./start_asterisk start
     - ./install -n --webroot {{ freepbx_install_dir }} --dbuser {{ asterisk_db_user }} --dbpass {{ asterisk_db_password }} --dbname {{ asterisk_db_dbname }} --cdrdbname {{ asterisk_db_cdrdbname }}
-    # - ./start_asterisk stop
-    # - killall -9 safe_asterisk    # 2021-08-05: These 2 lines from PR #2912 attempted a brute force (not enough!) workaround for the #2908 annoyance on 1st
-    # - killall -9 asterisk         # install, of 'systemctl status freepbx' showing "Unable to run Pre-Asterisk hooks, because Asterisk is already running"
-    # - /usr/sbin/asterisk -rx "core stop gracefully"
+
+- name: "Run 'fwconsole stop' to stop both Asterisk processes -- this avoids \"Unable to run Pre-Asterisk hooks, because Asterisk is already running\" in 'journalctl -u freepbx' logs"
+  command: fwconsole stop
+  # command: "{{ item }}"
+  # with_items:
+  #   # - ./start_asterisk stop
+  #   # - killall -9 safe_asterisk    # 2021-08-05: These 2 lines from PR #2912 brute force a workaround for #2908 #2913 #2915
+  #   # - killall -9 asterisk         # glitches on 1st install.  In the end, above 'fwconsole stop' does the job more gracefully.
+  #   # - /usr/sbin/asterisk -rx "core stop gracefully"
+  #   # - fwconsole reload
+  #   - fwconsole stop
+  #   # - fwconsole restart
+  #   # - fwconsole ma disablerepo commercial
+  #   # - fwconsole ma installall
+  #   # - fwconsole ma delete firewall
+  #   # - fwconsole reload
+  #   # - fwconsole restart
+
+# 2021-08-06: This stanza might be removed in future, if Asterix/FreePBX fix
+# this install glitch in a future release?  FYI #2908, #2912, #2913 attempts
+# didn't work.  This workaround helps: https://github.com/iiab/iiab/pull/2915
+# - name: FreePBX - Run 'systemctl restart freepbx' TWICE (THIS IS 1 OF 2) to get past 'systemctl status freepbx' glitch "Unable to run Pre-Asterisk hooks, because Asterisk is already running"
+#   systemd:
+#     daemon_reload: yes
+#     name: freepbx
+#     enabled: yes
+#     state: restarted
 
 # - name: 'FreePBX - fix file permissions for NGINX: /etc/freepbx.conf (0644), /var/log/asterisk/freepbx.log (0666)'
 #   file:
@@ -167,26 +190,30 @@
     src: freepbx.service
     dest: /etc/systemd/system/
 
-# 2021-08-06: This stanza might be removed in future, if Asterix/FreePBX fix
-# the install glitch in a future release.  FYI #2908, #2912, #2913 attempts
-# didn't work.   This one did: https://github.com/iiab/iiab/pull/2915
-- name: FreePBX - Run 'systemctl restart freepbx' TWICE (THIS IS 1 OF 2) to get past 'systemctl status freepbx' glitch "Unable to run Pre-Asterisk hooks, because Asterisk is already running"
-  systemd:
-    daemon_reload: yes
-    name: freepbx
-    enabled: yes
-    state: restarted
+# FreePBX's initial page (Admin user registration) tries to set up a cron job and
+# fails: "Exception: Trying to edit user asterisk, when I'm running as www-data"
+# DETAILS: https://github.com/iiab/iiab/pull/2916#issuecomment-894585322
+# FWIW hacking /etc/freepbx.conf in this way does not help in the end...
+# - name: "2021-08-06: Try \"$amp_conf['AMPASTERISKWEBUSER'] = 'www-data';\" in /etc/freepbx.conf for #2916 registration cron fix ?'"
+#   lineinfile:
+#     path: /etc/freepbx.conf
+#     insertafter: '^<\?php$'    # Match exact line '<?php'
+#     line: "$amp_conf['AMPASTERISKWEBUSER'] = 'www-data';"
 
 
-- name: FreePBX - Install /etc/apache2/sites-available/freepbx.conf from template ({{ apache_user }}:{{ apache_user }}, 0644 by default)
-  template:
-    src: freepbx.conf.j2
-    dest: /etc/apache2/sites-available/freepbx.conf
-    owner: "{{ apache_user }}"    # www-data
-    group: "{{ apache_user }}"
+block:
 
-- name: FreePBX - Add directive "Listen {{ pbx_http_port }}" to /etc/apache2/ports.conf
-  lineinfile:
-    path: /etc/apache2/ports.conf
-    line: "Listen {{ pbx_http_port }}"
-    # insertafter: Listen 80
+  - name: FreePBX - Install /etc/apache2/sites-available/freepbx.conf from template ({{ apache_user }}:{{ apache_user }}, 0644 by default)
+    template:
+      src: freepbx.conf.j2
+      dest: /etc/apache2/sites-available/freepbx.conf
+      owner: "{{ apache_user }}"    # www-data
+      group: "{{ apache_user }}"
+
+  - name: FreePBX - Add directive "Listen {{ pbx_http_port }}" to /etc/apache2/ports.conf
+    lineinfile:
+      path: /etc/apache2/ports.conf
+      line: "Listen {{ pbx_http_port }}"
+      # insertafter: Listen 80
+
+  when: not pbx_try_nginx
diff --git a/roles/pbx/tasks/freepbx_dependencies.yml b/roles/pbx/tasks/freepbx_dependencies.yml
index f2b6b6ef4..6b83aa7b0 100644
--- a/roles/pbx/tasks/freepbx_dependencies.yml
+++ b/roles/pbx/tasks/freepbx_dependencies.yml
@@ -1,4 +1,4 @@
-- name: FreePBX - Install dependencies (run 'php -m' or 'php -i' to verify PHP modules)
+- name: FreePBX - Install ~19 dependencies (run 'php -m' or 'php -i' to verify PHP modules)
   package:
     name:
       - wget
@@ -24,11 +24,16 @@
       - php{{ php_version }}-snmp
       - php{{ php_version }}-xml         # Likewise installed in mediawiki/tasks/install.yml, moodle/tasks/install.yml, nextcloud/tasks/install.yml, wordpress/tasks/install.yml -- AND REGARDLESS dragged in later by Admin Console's use of php-pear for roles/cmdsrv/tasks/main.yml -- run 'php -m | grep -i xml' which in the end shows {libxml, SimpleXML, xml, xmlreader, xmlwriter}
       - php{{ php_version }}-zip         # Likewise installed in moodle/tasks/install.yml, nextcloud/tasks/install.yml, wordpress/tasks/install.yml
-      - libapache2-mod-php
-      #- python-mysqldb       # https://github.com/Yannik/ansible-role-freepbx/blob/master/tasks/freepbx.yml#L33
-      - libapache2-mpm-itk    # To serve FreePBX through a VirtualHost as asterisk user
+      #- python-mysqldb        # https://github.com/Yannik/ansible-role-freepbx/blob/master/tasks/freepbx.yml#L33
     state: latest
 
+- name: "FreePBX - Install packages: libapache2-mod-php, libapache2-mpm-itk - if not pbx_try_nginx"
+  package:
+    name:
+      - libapache2-mod-php
+      - libapache2-mpm-itk    # To serve FreePBX through a VirtualHost as asterisk user
+  when: not pbx_try_nginx
+
 # For PHP >= 8.0: phpX.Y-json is baked into PHP itself.
 # For PHP <  8.0: phpX.Y-json auto-installed by phpX.Y-fpm AND phpX.Y-cli in 3-base-server's nginx/tasks/install.yml, as confirmed by: apt rdepends phpX.Y-json
 #
diff --git a/roles/pbx/tasks/install.yml b/roles/pbx/tasks/install.yml
index 36e0190fa..2d8a32f75 100644
--- a/roles/pbx/tasks/install.yml
+++ b/roles/pbx/tasks/install.yml
@@ -22,14 +22,18 @@
 #  when: nodejs_version != "12.x"
 
 
-- name: "Set 'apache_install: True' and 'apache_enabled: True'"
-  set_fact:
-    apache_install: True
-    apache_enabled: True
+block:
 
-- name: APACHE - run 'httpd' role
-  include_role:
-    name: httpd
+  - name: "Set 'apache_install: True' and 'apache_enabled: True'"
+    set_fact:
+      apache_install: True
+      apache_enabled: True
+
+  - name: APACHE - run 'httpd' role
+    include_role:
+      name: httpd
+
+  when: not pbx_try_nginx
 
 
 - name: Install Asterisk
diff --git a/roles/pbx/templates/freepbx-nginx.conf.j2 b/roles/pbx/templates/freepbx-nginx.conf.j2
new file mode 100644
index 000000000..44ae755b9
--- /dev/null
+++ b/roles/pbx/templates/freepbx-nginx.conf.j2
@@ -0,0 +1,31 @@
+location ~ ^/freepbx(|/.*)$ {    # '~' -> '~*' for case-insensitive regex
+
+    root /var/www/html;
+    # root {{ freepbx_install_dir }};    # /var/www/html/freepbx
+    # root {{ doc_root }};               # /library/www/html
+
+    # location ~ ^/freepbx {
+    #   root  {{ doc_root }};
+    # }
+
+    location ~ ^/freepbx(.*)\.php(.*)$ {
+        alias {{ freepbx_install_dir }}$1.php$2;
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_index index.php;
+        fastcgi_pass php;
+
+        include fastcgi_params;
+        fastcgi_param PATH_INFO $fastcgi_path_info;
+        fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
+        #fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
+        fastcgi_param HTACCESS on;    # disables FreePBX htaccess warning
+    }
+
+    # disallows the things that the FreePBX .htaccess files disallow
+    location ~ /freepbx(/\.ht|/\.git|\.ini$|/libraries|/helpers|/i18n|/node|/views/.+php$) {
+        deny all;
+    }
+
+    # from the api module .htaccess file
+    rewrite ^/freepbx/admin/api/([^/]*)/([^/]*)/?(.*)?$ /freepbx/admin/api/api.php?module=$1&command=$2&route=$3 last;
+}
diff --git a/vars/default_vars.yml b/vars/default_vars.yml
index 1de0209e5..39e151dfd 100644
--- a/vars/default_vars.yml
+++ b/vars/default_vars.yml
@@ -624,6 +624,8 @@ calibre_web_path: calibre  #NEEDS WORK: https://github.com/iiab/iiab/issues/529
 # If using PBX intensively, investigate nginx_high_php_limits further above.
 pbx_install: False
 pbx_enabled: False
+pbx_try_nginx: False    # 2021-08-07: PLEASE TRY NGINX INSTEAD OF APACHE,
+# AFTER READING https://github.com/iiab/iiab/issues/2914 AND #2916, THX !
 asterisk_chan_dongle: False
 pbx_signaling_ports_chan_sip: 5160:5161
 pbx_signaling_ports_chan_pjsip: 5060
diff --git a/vars/local_vars_big.yml b/vars/local_vars_big.yml
index c26d8d754..c0739f6d0 100644
--- a/vars/local_vars_big.yml
+++ b/vars/local_vars_big.yml
@@ -405,4 +405,6 @@ calibre_web_path: calibre  #NEEDS WORK: https://github.com/iiab/iiab/issues/529
 # If using PBX intensively, investigate nginx_high_php_limits further above.
 pbx_install: False
 pbx_enabled: False
+pbx_try_nginx: False    # 2021-08-07: PLEASE TRY NGINX INSTEAD OF APACHE,
+# AFTER READING https://github.com/iiab/iiab/issues/2914 AND #2916, THX !
 asterisk_chan_dongle: False
diff --git a/vars/local_vars_medium.yml b/vars/local_vars_medium.yml
index aac2ea348..d153accdf 100644
--- a/vars/local_vars_medium.yml
+++ b/vars/local_vars_medium.yml
@@ -405,4 +405,6 @@ calibre_web_path: calibre  #NEEDS WORK: https://github.com/iiab/iiab/issues/529
 # If using PBX intensively, investigate nginx_high_php_limits further above.
 pbx_install: False
 pbx_enabled: False
+pbx_try_nginx: False    # 2021-08-07: PLEASE TRY NGINX INSTEAD OF APACHE,
+# AFTER READING https://github.com/iiab/iiab/issues/2914 AND #2916, THX !
 asterisk_chan_dongle: False
diff --git a/vars/local_vars_min.yml b/vars/local_vars_min.yml
index 44393e84e..1ff1c213d 100644
--- a/vars/local_vars_min.yml
+++ b/vars/local_vars_min.yml
@@ -405,4 +405,6 @@ calibre_web_path: calibre  #NEEDS WORK: https://github.com/iiab/iiab/issues/529
 # If using PBX intensively, investigate nginx_high_php_limits further above.
 pbx_install: False
 pbx_enabled: False
+pbx_try_nginx: False    # 2021-08-07: PLEASE TRY NGINX INSTEAD OF APACHE,
+# AFTER READING https://github.com/iiab/iiab/issues/2914 AND #2916, THX !
 asterisk_chan_dongle: False