diff --git a/install-koji-farm.sh b/install-koji-farm.sh
index 2fcaad4..84b86ce 100644
--- a/install-koji-farm.sh
+++ b/install-koji-farm.sh
@@ -158,67 +158,7 @@ chmod o+x $SCRIPT_DIR/koji-parameters.sh
 koji-deploy-hub.sh $DEBUG
 
 # deploy the web koji components
-if [[ "$KOJI_WEB_FQDN" == "$KOJI_HUB_FQDN" ]] ; then
-    # deploy locally (default)
-    koji-deploy-web.sh $KOJI_WEB_FQDN $DEBUG
-else
-    # deploy remotely to $KOJI_WEB_FQDN
-    # check that I can conmnect
-    if [ ! $(nc -z $KOJI_WEB_FQDN 22 2>&1 | grep succeeded) ] ; then
-        echo "I cannot connect to $KOJI_WEB_FQDN! Is it online? "
-        echo "Options:"
-        echo "- turn on the server"
-        echo "- add this server into the /etc/hosts file on this server"
-        exit 1
-    fi    
-    # update hub config files to point at web server
-    sed -i 's,KojiWebURL.*,KojiWebURL = http://$KOJI_WEB_FQDN/koji,g' /etc/koji-hub/hub.conf
-    sed -i 's,weburl.*,weburl = http://$KOJI_WEB_FQDN/koji,g' /etc/koji.conf
-    # check if nfs has been installed on the hub (only need to install once) 
-    if [[ -z $(dnf list installed | grep nfs-server) ]] ; then
-        # add nfs share for koji files direcory to hub
-        curl $SILENT $SCRIPT_GIT/koji-deploy-nfs-server.sh > $SCRIPT_DIR/koji-deploy-nfs-server.sh
-        chmod o+x $SCRIPT_DIR/koji-deploy-nfs-server.sh
-        koji-deploy-nfs-server.sh $DEBUG
-    fi
-
-    # add web server to nfs exports line for /mnt/koji
-    sed -i '/^\/mnt\/koji/ s/$/ $KOJI_WEB_FQDN(ro,no_root_squash)/g' /etc/exports
-    # generate a hub ssh key if there isn't one already (for scp & ssh to web server)
-    if [ ! -f /root/.ssh/id-rsa ] ; then
-        # create a ssh key on build server
-        mkdir -p ~/.ssh
-        ssh-keygen -t rsa -f /root/.ssh/id_rsa -N ""
-    fi
-    # copy the server key into authorized keys on the web server
-    ssh-copy-id -i ~/.ssh/id_rsa.pub $KOJI_WEB_FQDN
-    # find the IP of the web server
-    WEB_IP=$(ssh root@$KOJI_WEB_FQDN "hostname -I")
-    # add web server into allowed access to db
-    cat >> "$POSTGRES_DIR"/data/pg_hba.conf <<- EOF
-host     koji        koji        $WEB_IP/32       scram-sha-256
-EOF
-    systemctl reload postgresql
-    # copy across the ssl keys
-    ssh $QUIET root@$KOJI_WEB_FQDN mkdir -p $KOJI_PKI_DIR/private
-    scp $QUIET $KOJI_PKI_DIR/kojiweb.pem root@$KOJI_WEB_FQDN:$KOJI_PKI_DIR/.
-    scp $QUIET $KOJI_PKI_DIR/kojihub.pem root@$KOJI_WEB_FQDN:$KOJI_PKI_DIR/.
-    scp $QUIET $KOJI_PKI_DIR/private/kojihub.key root@$KOJI_WEB_FQDN:$KOJI_PKI_DIR/private/.
-    scp $QUIET $KOJI_PKI_DIR/koji_ca_cert.crt root@$KOJI_WEB_FQDN:$KOJI_PKI_DIR/.
-    # copy across the parameter files (we built them on the hub)
-    ssh $QUIET root@$KOJI_WEB_FQDN mkdir -p $SCRIPT_DIR
-    scp $QUIET $SCRIPT_DIR/koji-parameters.sh root@$KOJI_WEB_FQDN:$SCRIPT_DIR/koji-parameters.sh
-    # pull down the required scripts
-    ssh $QUIET root@$KOJI_WEB_FQDN "curl $SILENT $SCRIPT_GIT/koji-deploy-nfs-client.sh > $SCRIPT_DIR/koji-deploy-nfs-client.sh"
-    ssh $QUIET root@$KOJI_WEB_FQDN "curl $SILENT $SCRIPT_GIT/koji-deploy-web.sh > $SCRIPT_DIR/koji-deploy-web.sh"
-    # make them executeable
-    ssh $QUIET root@$KOJI_WEB_FQDN "chmod o+x $SCRIPT_DIR/*"
-    
-    # connect to nfs share
-    ssh $QUIET root@$KOJI_WEB_FQDN $SCRIPT_DIR/koji-deploy-nfs-client.sh $DEBUG
-    # deploy koji builder
-    ssh $QUIET root@$KOJI_WEB_FQDN $SCRIPT_DIR/koji-deploy-web.sh $KOJI_WEB_FQDN $DEBUG
-fi
+koji-deploy-web.sh $KOJI_WEB_FQDN $DEBUG
 
 # add builders
 if [ -z $KOJI_BUILD_FQDNS ] ; then
diff --git a/koji-setup/koji-deploy-web.sh b/koji-setup/koji-deploy-web.sh
index 1e79bc1..15bb340 100644
--- a/koji-setup/koji-deploy-web.sh
+++ b/koji-setup/koji-deploy-web.sh
@@ -31,6 +31,71 @@ if [ ! -f "$SCRIPT_DIR"/koji-parameters.sh ] ; then
 fi
 source "$SCRIPT_DIR"/koji-parameters.sh
 
+if [[ "$KOJI_WEB_FQDN" != "$(hostname -f)" ]] ; then
+    if [[ $DEBUG ]] ; then echo "Deploying remotely to $KOJI_WEB_FQDN" ; fi
+    # deploy remotely to $KOJI_WEB_FQDN
+    # We make all the changes required on the hub and then re-run this script on $KOJI_WEB_FQDN
+
+    # check that I can conmnect
+    if [ ! $(nc -z $KOJI_WEB_FQDN 22 2>&1 | grep succeeded) ] ; then
+        echo "I cannot connect to $KOJI_WEB_FQDN! Is it online? "
+        echo "Options:"
+        echo "- turn on the server"
+        echo "- add this server into the /etc/hosts file on this server"
+        exit 1
+    fi    
+    # update hub config files to point at web server
+    sed -i 's,KojiWebURL.*,KojiWebURL = http://$KOJI_WEB_FQDN/koji,g' /etc/koji-hub/hub.conf
+    sed -i 's,weburl.*,weburl = http://$KOJI_WEB_FQDN/koji,g' /etc/koji.conf
+    # check if nfs has been installed on the hub (only need to install once) 
+    if [[ -z $(dnf list installed | grep nfs-server) ]] ; then
+        # add nfs share for koji files direcory to hub
+        curl $SILENT $SCRIPT_GIT/koji-deploy-nfs-server.sh > $SCRIPT_DIR/koji-deploy-nfs-server.sh
+        chmod o+x $SCRIPT_DIR/koji-deploy-nfs-server.sh
+        koji-deploy-nfs-server.sh $DEBUG
+    fi
+
+    # add web server to nfs exports line for /mnt/koji
+    sed -i '/^\/mnt\/koji/ s/$/ $KOJI_WEB_FQDN(ro,no_root_squash)/g' /etc/exports
+    # generate a hub ssh key if there isn't one already (for scp & ssh to web server)
+    if [ ! -f /root/.ssh/id-rsa ] ; then
+        # create a ssh key on build server
+        mkdir -p ~/.ssh
+        ssh-keygen -t rsa -f /root/.ssh/id_rsa -N ""
+    fi
+    # copy the server key into authorized keys on the web server
+    ssh-copy-id -i ~/.ssh/id_rsa.pub $KOJI_WEB_FQDN
+    # find the IP of the web server
+    WEB_IP=$(ssh root@$KOJI_WEB_FQDN "hostname -I")
+    # add web server into allowed access to db
+    cat >> "$POSTGRES_DIR"/data/pg_hba.conf <<- EOF
+host     koji        koji        $WEB_IP/32       scram-sha-256
+EOF
+    systemctl reload postgresql
+    # copy across the ssl keys
+    ssh $QUIET root@$KOJI_WEB_FQDN mkdir -p $KOJI_PKI_DIR/private
+    scp $QUIET $KOJI_PKI_DIR/kojiweb.pem root@$KOJI_WEB_FQDN:$KOJI_PKI_DIR/.
+    scp $QUIET $KOJI_PKI_DIR/kojihub.pem root@$KOJI_WEB_FQDN:$KOJI_PKI_DIR/.
+    scp $QUIET $KOJI_PKI_DIR/private/kojihub.key root@$KOJI_WEB_FQDN:$KOJI_PKI_DIR/private/.
+    scp $QUIET $KOJI_PKI_DIR/koji_ca_cert.crt root@$KOJI_WEB_FQDN:$KOJI_PKI_DIR/.
+    # copy across the parameter files (we built them on the hub)
+    ssh $QUIET root@$KOJI_WEB_FQDN mkdir -p $SCRIPT_DIR
+    scp $QUIET $SCRIPT_DIR/koji-parameters.sh root@$KOJI_WEB_FQDN:$SCRIPT_DIR/koji-parameters.sh
+    # pull down the required scripts
+    ssh $QUIET root@$KOJI_WEB_FQDN "curl $SILENT $SCRIPT_GIT/koji-deploy-nfs-client.sh > $SCRIPT_DIR/koji-deploy-nfs-client.sh"
+    ssh $QUIET root@$KOJI_WEB_FQDN "curl $SILENT $SCRIPT_GIT/koji-deploy-web.sh > $SCRIPT_DIR/koji-deploy-web.sh"
+    # make them executeable
+    ssh $QUIET root@$KOJI_WEB_FQDN "chmod o+x $SCRIPT_DIR/*"
+    
+    # connect to nfs share
+    ssh $QUIET root@$KOJI_WEB_FQDN $SCRIPT_DIR/koji-deploy-nfs-client.sh $DEBUG
+    # ssh into the new web server to do the local configuration
+    ssh $QUIET root@$KOJI_WEB_FQDN $SCRIPT_DIR/koji-deploy-web.sh $KOJI_WEB_FQDN $DEBUG
+    exit 0
+fi
+
+# This is the local deploy part
+if [[ $DEBUG ]] ; then echo "Deploying locally to $KOJI_WEB_FQDN" ; fi
 # Install all the required packages (some live in the epel repo, so we may need to install that too)
 if [[ -z $(dnf list installed | grep epel-release) ]] ; then
     dnf config-manager --set-enabled powertools $QUIET
@@ -75,7 +140,7 @@ EOF
 
 
 # if NOT on the hub, setup the standard httpd settings
-if [[ ! $KOJI_WEB_FQDN = $KOJI_HUB_FQDN ]] ; then
+if [[ $KOJI_WEB_FQDN != $KOJI_HUB_FQDN ]] ; then
 
     ## Apache ssl Configuration File
     cat > /etc/httpd/conf.d/ssl.conf <<- EOF