diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..72356ef
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,4 @@
+[submodule "plugin-nginx"]
+	path = plugin-nginx
+	url = https://gitlab.com/dometto/plugin-nginx.git
+	branch = molecule_compatibility
diff --git a/galaxysrv.yml b/galaxysrv.yml
index 23c5633..63c89a2 100644
--- a/galaxysrv.yml
+++ b/galaxysrv.yml
@@ -21,7 +21,6 @@
         state: present
 
     - name: Set Galaxy socket upstream definition
-      tags: molecule-notest
       block:
 
       - name: Find Galaxy socket upstream definition
@@ -64,7 +63,6 @@
         name: www-data
         groups: "{{ galaxy_user }}"
         append: true
-      tags: molecule-notest
       notify: restart nginx
 
     - name: Get Galaxy service Status
@@ -95,7 +93,6 @@
   
   roles:
     - role: nginx-reverse_proxy
-      tags: molecule-notest
       vars:
         nginx_reverse_proxy_locations: "{{ galaxy_nginx_vhost_config }}"
   
diff --git a/molecule/default/prepare.yml b/molecule/default/prepare.yml
index 0516acc..dec01ac 100644
--- a/molecule/default/prepare.yml
+++ b/molecule/default/prepare.yml
@@ -12,3 +12,14 @@
         name: ansible
         version: 9.4.0
         state: present
+
+- name: Run nginx component
+  ansible.builtin.import_playbook: ../../plugin-nginx/plugin-nginx.yml
+  vars:
+    rsc_nginx_authorization_endpoint: http://localhost
+    rsc_nginx_user_info_endpoint: http://localhost
+    rsc_nginx_service_url: http://localhost
+    nginx_enable_ssl: false
+    nginx_enable_auth: true
+    rsc_nginx_oauth2_application:
+      client_id: foo
diff --git a/plugin-nginx b/plugin-nginx
new file mode 160000
index 0000000..dd7ca31
--- /dev/null
+++ b/plugin-nginx
@@ -0,0 +1 @@
+Subproject commit dd7ca314d1bde2a8f1fc6d2cf8935d62a65294d2
diff --git a/tasks/set_config.yml b/tasks/set_config.yml
index 8f029c9..2f4b3a5 100644
--- a/tasks/set_config.yml
+++ b/tasks/set_config.yml
@@ -17,9 +17,12 @@
 
 - name: Load internal variables
   ansible.builtin.include_vars: vars/internal_vars.yml
-  
+
 - name: Load component variables
   ansible.builtin.include_vars: vars/src_galaxy_vars.yml
 
+- name: Load nginx variables
+  ansible.builtin.include_vars: vars/nginx_vars.yml
+
 - name: Load Galaxy role variables
   ansible.builtin.include_vars: vars/galaxy_vars.yml
diff --git a/vars/internal_vars.yml b/vars/internal_vars.yml
index 4a965b1..58da212 100644
--- a/vars/internal_vars.yml
+++ b/vars/internal_vars.yml
@@ -1,4 +1,5 @@
 # Internal variables that are not user configurable
+_molecule_active: "{{ true if 'molecule-notest' in ansible_skip_tags else false }}"
 _molecule_idempotence: "{{ true if 'molecule-idempotence-notest' in ansible_skip_tags else false }}"
 _galaxy_bootstrap_api_key: "{{ lookup('ansible.builtin.password', '/dev/null', chars=['ascii_lowercase', 'digits'], length=15) }}"
 _galaxy_remote_user_maildomain: "src.surf-hosted.nl"
diff --git a/vars/nginx_vars.yml b/vars/nginx_vars.yml
index a0fe341..a93e3ad 100644
--- a/vars/nginx_vars.yml
+++ b/vars/nginx_vars.yml
@@ -2,7 +2,7 @@ galaxy_nginx_vhost_config:
   - name: galaxy
     location: /
     backend: http://galaxy
-    auth: sram
+    auth: "{{ _molecule_active | ternary(None, 'sram') | default(omit, true) }}"
   - name: static
     location: /static
     alias: "{{ galaxy_server_dir }}/static"