diff --git a/salt/nginx/etc/nginx.conf b/salt/nginx/etc/nginx.conf
index 6cb2d0691..dcc89f13d 100644
--- a/salt/nginx/etc/nginx.conf
+++ b/salt/nginx/etc/nginx.conf
@@ -1,10 +1,10 @@
 {%- set role = grains.id.split('_') | last %}
 {%- if role == 'fleet' %}
-	{% set MAININT = salt['pillar.get']('host:mainint') %}
-	{% set MAINIP = salt['grains.get']('ip_interfaces').get(MAININT)[0] %}
+	{% set main_int = salt['pillar.get']('host:main_int') %}
+	{% set main_ip = salt['grains.get']('ip_interfaces').get(main_int)[0] %}
 {%- endif %}
 
-{%- set managerip = salt['pillar.get']('manager:mainip', '') %}
+{%- set manager_ip = salt['pillar.get']('manager:main_ip', '') %}
 {%- set url_base = salt['pillar.get']('global:url_base') %}
 
 {%- set fleet_manager = salt['pillar.get']('global:fleet_manager') %}
@@ -58,9 +58,9 @@ http {
 
 		location ~ ^/kolide.agent.Api/(RequestEnrollment|RequestConfig|RequestQueries|PublishLogs|PublishResults|CheckHealth)$ {
 			{%- if role == 'fleet' %}
-			grpc_pass  grpcs://{{ MAINIP }}:8080;
+			grpc_pass  grpcs://{{ main_ip }}:8080;
 			{%- else %}
-			grpc_pass  grpcs://{{ managerip }}:8080;
+			grpc_pass  grpcs://{{ manager_ip }}:8080;
 			{%- endif %}
 			grpc_set_header Host $host;
 			grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -108,7 +108,7 @@ http {
 		ssl_prefer_server_ciphers on;
 
 		location /fleet/ {
-			proxy_pass https://{{ MAINIP }}:8080;
+			proxy_pass https://{{ main_ip }}:8080;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -155,7 +155,7 @@ http {
 
 
 		location ~* (^/login/|^/js/.*|^/css/.*|^/images/.*) {
-			proxy_pass            http://{{ managerip }}:9822;
+			proxy_pass            http://{{ manager_ip }}:9822;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -169,7 +169,7 @@ http {
 
 		location / {
 			auth_request          /auth/sessions/whoami;
-			proxy_pass            http://{{ managerip }}:9822/;
+			proxy_pass            http://{{ manager_ip }}:9822/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -183,7 +183,7 @@ http {
 
 		location ~ ^/auth/.*?(whoami|login|logout|settings) {
 			rewrite               /auth/(.*) /$1 break;
-			proxy_pass            http://{{ managerip }}:4433;
+			proxy_pass            http://{{ manager_ip }}:4433;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -242,7 +242,7 @@ http {
 		location /grafana/ {
 			auth_request          /auth/sessions/whoami;
 			rewrite               /grafana/(.*) /$1 break;
-			proxy_pass            http://{{ managerip }}:3000/;
+			proxy_pass            http://{{ manager_ip }}:3000/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -255,7 +255,7 @@ http {
 		location /kibana/ {
 			auth_request          /auth/sessions/whoami;
 			rewrite               /kibana/(.*) /$1 break;
-			proxy_pass            http://{{ managerip }}:5601/;
+			proxy_pass            http://{{ manager_ip }}:5601/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -266,7 +266,7 @@ http {
 		}
 
 		location /nodered/ {
-			proxy_pass http://{{ managerip }}:1880/;
+			proxy_pass http://{{ manager_ip }}:1880/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -279,7 +279,7 @@ http {
 		}
 		
 		location /playbook/ {
-			proxy_pass            http://{{ managerip }}:3200/playbook/;
+			proxy_pass            http://{{ manager_ip }}:3200/playbook/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -298,7 +298,7 @@ http {
 		{%- else %}
 
 		location /fleet/ {
-			proxy_pass https://{{ managerip }}:8080;
+			proxy_pass https://{{ manager_ip }}:8080;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -311,7 +311,7 @@ http {
 		{%- endif %}
 
 		location /thehive/ {
-			proxy_pass            http://{{ managerip }}:9000/thehive/;
+			proxy_pass            http://{{ manager_ip }}:9000/thehive/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_http_version    1.1; # this is essential for chunked responses to work
@@ -323,7 +323,7 @@ http {
 		}
 
 		location /cortex/ {
-			proxy_pass            http://{{ managerip }}:9001/cortex/;
+			proxy_pass            http://{{ manager_ip }}:9001/cortex/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_http_version    1.1; # this is essential for chunked responses to work
@@ -335,7 +335,7 @@ http {
 		}
 		
 		location /soctopus/ {
-			proxy_pass            http://{{ managerip }}:7000/;
+			proxy_pass            http://{{ manager_ip }}:7000/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;
@@ -361,7 +361,7 @@ http {
 			if ($http_authorization = "") {
 				return 403;
 			}
-			proxy_pass            http://{{ managerip }}:9822/;
+			proxy_pass            http://{{ manager_ip }}:9822/;
 			proxy_read_timeout    90;
 			proxy_connect_timeout 90;
 			proxy_set_header      Host $host;