diff --git a/roles/nginx/templates/logrotate-nginx.j2 b/roles/nginx/templates/logrotate-nginx.j2
new file mode 100644
index 0000000..6de87dd
--- /dev/null
+++ b/roles/nginx/templates/logrotate-nginx.j2
@@ -0,0 +1,27 @@
+# Logrotate configuration for nginx
+# Managed by Ansible - DO NOT EDIT MANUALLY
+
+/var/log/nginx/*.log {
+    {{ nginx_logrotate_frequency }}
+    missingok
+    rotate {{ nginx_logrotate_rotate }}
+    {% if nginx_logrotate_compress %}
+    compress
+    delaycompress
+    {% endif %}
+    notifempty
+    create 0640 {{ nginx_user }} adm
+    sharedscripts
+    prerotate
+        if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+            run-parts /etc/logrotate.d/httpd-prerotate; \
+        fi
+    endscript
+    postrotate
+        # Test config before reload
+        nginx -t > /dev/null 2>&1
+        if [ $? -eq 0 ]; then
+            systemctl reload nginx > /dev/null 2>&1 || true
+        fi
+    endscript
+}
diff --git a/roles/nginx/vars/debian.yml b/roles/nginx/vars/debian.yml
new file mode 100644
index 0000000..77369aa
--- /dev/null
+++ b/roles/nginx/vars/debian.yml
@@ -0,0 +1,2 @@
+---
+nginx_user: www-data