diff --git a/doc/_index.html b/doc/_index.html
index 6b8c1d8..000fb3b 100644
--- a/doc/_index.html
+++ b/doc/_index.html
@@ -103,6 +103,16 @@
       
             </li>
     
+            <li>
+      <span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Apuppetdb_3A_3Adirs.html" title="puppet_classes::puppet_cd::puppetdb::dirs (puppet_class)">puppet_cd::puppetdb::dirs</a></span>
+      
+            </li>
+    
+            <li>
+      <span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Apuppetdb_3A_3Afiles.html" title="puppet_classes::puppet_cd::puppetdb::files (puppet_class)">puppet_cd::puppetdb::files</a></span>
+      
+            </li>
+    
             <li>
       <span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Ar10k_3A_3Ainstall.html" title="puppet_classes::puppet_cd::r10k::install (puppet_class)">puppet_cd::r10k::install</a></span>
       
diff --git a/doc/puppet_class_list.html b/doc/puppet_class_list.html
index 1549083..50e835a 100644
--- a/doc/puppet_class_list.html
+++ b/doc/puppet_class_list.html
@@ -85,6 +85,20 @@
     </li>
     
 
+    <li id="object_puppet_classes::puppet_cd::puppetdb::dirs" class="even">
+      <div class="item">
+        <span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Apuppetdb_3A_3Adirs.html" title="puppet_classes::puppet_cd::puppetdb::dirs (puppet_class)">puppet_cd::puppetdb::dirs</a></span>
+      </div>
+    </li>
+    
+
+    <li id="object_puppet_classes::puppet_cd::puppetdb::files" class="odd">
+      <div class="item">
+        <span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Apuppetdb_3A_3Afiles.html" title="puppet_classes::puppet_cd::puppetdb::files (puppet_class)">puppet_cd::puppetdb::files</a></span>
+      </div>
+    </li>
+    
+
     <li id="object_puppet_classes::puppet_cd::r10k::install" class="even">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Ar10k_3A_3Ainstall.html" title="puppet_classes::puppet_cd::r10k::install (puppet_class)">puppet_cd::r10k::install</a></span>
diff --git a/doc/puppet_classes/puppet_cd_3A_3Aparams.html b/doc/puppet_classes/puppet_cd_3A_3Aparams.html
index f0bae5f..a853cb2 100644
--- a/doc/puppet_classes/puppet_cd_3A_3Aparams.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Aparams.html
@@ -77,6 +77,10 @@
       
       <span class='object_link'><a href="puppet_cd_3A_3Ar10k_3A_3Ainstall.html" title="puppet_classes::puppet_cd::r10k::install (puppet_class)">puppet_cd::r10k::install</a></span><br/>
       
+      <span class='object_link'><a href="puppet_cd_3A_3Apuppetdb_3A_3Adirs.html" title="puppet_classes::puppet_cd::puppetdb::dirs (puppet_class)">puppet_cd::puppetdb::dirs</a></span><br/>
+      
+      <span class='object_link'><a href="puppet_cd_3A_3Apuppetdb_3A_3Afiles.html" title="puppet_classes::puppet_cd::puppetdb::files (puppet_class)">puppet_cd::puppetdb::files</a></span><br/>
+      
       <span class='object_link'><a href="puppet_cd_3A_3Aserver_3A_3Aservice.html" title="puppet_classes::puppet_cd::server::service (puppet_class)">puppet_cd::server::service</a></span><br/>
       
       <span class='object_link'><a href="puppet_cd_3A_3Afirewall_3A_3Aiptables.html" title="puppet_classes::puppet_cd::firewall::iptables (puppet_class)">puppet_cd::firewall::iptables</a></span><br/>
@@ -1231,7 +1235,27 @@
 181
 182
 183
-184</pre>
+184
+185
+186
+187
+188
+189
+190
+191
+192
+193
+194
+195
+196
+197
+198
+199
+200
+201
+202
+203
+204</pre>
       </td>
       <td>
         <pre class="code"><span class="info file"># File 'manifests/params.pp', line 64</span>
@@ -1307,10 +1331,10 @@ class puppet_cd::params (
 
 ) {
 # facts
-  $fqdn                   = $facts[&#39;networking&#39;][&#39;fqdn&#39;]
-  $domain                 = $facts[&#39;networking&#39;][&#39;domain&#39;]
-  $os_name                = $facts[&#39;os&#39;][&#39;name&#39;]
-  $os_release             = $facts[&#39;os&#39;][&#39;release&#39;][&#39;major&#39;]
+  $fqdn                             = $facts[&#39;networking&#39;][&#39;fqdn&#39;]
+  $domain                           = $facts[&#39;networking&#39;][&#39;domain&#39;]
+  $os_name                          = $facts[&#39;os&#39;][&#39;name&#39;]
+  $os_release                       = $facts[&#39;os&#39;][&#39;release&#39;][&#39;major&#39;]
 
 # directories
 ## puppet
@@ -1324,10 +1348,12 @@ class puppet_cd::params (
   $pt_rundir_master                 = &#39;/var/run/puppetlabs/puppetserver&#39;
   $pt_vardir                        = &#39;/opt/puppetlabs/puppet/cache&#39;
   $pt_vardir_master                 = &#39;/opt/puppetlabs/server/data/puppetserver&#39;
-
 ## r10k
   $pt_r10k_dir                      = &quot;${pt_main_dir}/r10k&quot;
   $pt_r10k_webhook_dir              = &#39;/etc/r10k-webhook&#39;
+## puppetdb
+  $pt_puppetdb_dir                  = &#39;/etc/puppetlabs/puppetdb&#39;
+  $pt_puppetdb_conf_dir             = &quot;${pt_puppetdb_dir}/conf.d&quot;
 
 # files
 ## puppet
@@ -1340,13 +1366,31 @@ class puppet_cd::params (
   $pt_routes_erb                    = &#39;puppet_cd/puppetdb/routes.yaml.erb&#39;
   $pt_node_rb_file                  = &quot;${pt_puppetdir}/node.rb&quot;
   $pt_node_rb_erb                   = &#39;puppet_cd/puppetdb/node.rb.erb&#39;
-
 ## r10k
   $pt_r10k_file                     = &quot;${pt_r10k_dir}/r10k.yaml&quot;
   $pt_r10k_erb                      = &#39;puppet_cd/r10k/r10k.yaml.erb&#39;
   $pt_webhook_link                  = &#39;ln -sf  /usr/local/share/gems/gems/r10k_gitlab_webhook-0.1.3/bin/r10k_gitlab_webhook /usr/bin/&#39;
   $pt_webhook_service_file          = &#39;/etc/systemd/system/r10k_gitlab_webhook.service&#39;
   $pt_webhook_service_erb           = &#39;puppet_cd/r10k/r10k_webhook_service.erb&#39;
+## puppetdb
+  $pt_bootstrap_conf_file   = &quot;${pt_puppetdb_dir}/bootstrap.cfg&quot;
+  $pt_bootstrap_conf_erb    = &#39;puppet_cd/puppetdb/bootstrap.cfg.erb&#39;
+  $pt_logback_conf_file     = &quot;${pt_puppetdb_dir}/logback.xml&quot;
+  $pt_logback_conf_erb      = &#39;puppet_cd/puppetdb/logback.xml.erb&#39;
+  $pt_logging_conf_file     = &quot;${pt_puppetdb_dir}/request-logging.xml&quot;
+  $pt_logging_conf_erb      = &#39;puppet_cd/puppetdb/request_logging.xml.erb&#39;
+  $pt_auth_conf_file        = &quot;${pt_puppetdb_conf_dir}/auth.conf&quot;
+  $pt_auth_conf_erb         = &#39;puppet_cd/puppetdb/auth.conf.erb&#39;
+  $pt_config_ini_file       = &quot;${pt_puppetdb_conf_dir}/config.ini&quot;
+  $pt_config_ini_erb        = &#39;puppet_cd/puppetdb/config.ini.erb&#39;
+  $pt_db_ini_file           = &quot;${pt_puppetdb_conf_dir}/database.ini&quot;
+  $pt_db_ini_erb            = &#39;puppet_cd/puppetdb/database.ini.erb&#39;
+  $pt_jetty_ini_file        = &quot;${pt_puppetdb_conf_dir}/jetty.ini&quot;
+  $pt_jetty_ini_erb         = &#39;puppet_cd/puppetdb/jetty.ini.erb&#39;
+  $pt_repl_ini_file         = &quot;${pt_puppetdb_conf_dir}/repl.ini&quot;
+  $pt_repl_ini_erb          = &#39;puppet_cd/puppetdb/repl.ini.erb&#39;
+  $pt_service_conf_file     = &#39;/usr/lib/systemd/system/puppetdb.service&#39;
+  $pt_service_conf_erb      = &#39;puppet_cd/puppetdb/service.conf.erb&#39;
 
 # service
   $pt_server_service                = &#39;puppetserver&#39;
diff --git a/doc/puppet_classes/puppet_cd_3A_3Apuppetdb_3A_3Adirs.html b/doc/puppet_classes/puppet_cd_3A_3Apuppetdb_3A_3Adirs.html
index 8b56273..31a2ebd 100644
--- a/doc/puppet_classes/puppet_cd_3A_3Apuppetdb_3A_3Adirs.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Apuppetdb_3A_3Adirs.html
@@ -77,7 +77,7 @@
 </div>
 
   <h2>Summary</h2>
-  Class manages puppetdb directories
+  Class manages directories for the puppetdb section
 
 <h2>Overview</h2>
 <div class="docstring">
@@ -129,37 +129,7 @@
 31
 32
 33
-34
-35
-36
-37
-38
-39
-40
-41
-42
-43
-44
-45
-46
-47
-48
-49
-50
-51
-52
-53
-54
-55
-56
-57
-58
-59
-60
-61
-62
-63
-64</pre>
+34</pre>
       </td>
       <td>
         <pre class="code"><span class="info file"># File 'manifests/puppetdb/dirs.pp', line 6</span>
@@ -167,58 +137,28 @@
 class puppet_cd::puppetdb::dirs (
 
 ) inherits puppet_cd::params {
-  if ($fqdn == $pt_db_fqdn) and ($pt_use_puppetdb == true) {
+  if ($pt_use_puppetdb == true) and ($pt_puppetdb_fqdn == $fqdn) {
     require puppet_cd::main::install
 
-    # main directory
-    file { $pt_puppetdb_main:
+    file { $pt_puppetdb_dir:
       ensure   =&gt; directory,
-      path     =&gt; $pt_puppetdb_main,
-      owner    =&gt; $pt_db_user,
-      group    =&gt; $pt_db_user,
+      owner    =&gt; &#39;puppetdb&#39;,
+      group    =&gt; &#39;puppetdb&#39;,
       mode     =&gt; &#39;0750&#39;,
       selrange =&gt; s0,
       selrole  =&gt; object_r,
-      seltype  =&gt; etc_t,
+      seltype  =&gt; puppet_etc_t,
       seluser  =&gt; system_u,
     }
 
-    # conf.d directory
-    file { $pt_puppetdb_conf_d:
+    file { $pt_puppetdb_conf_dir:
       ensure   =&gt; directory,
-      path     =&gt; $pt_puppetdb_conf_d,
-      owner    =&gt; $pt_db_user,
-      group    =&gt; $pt_db_user,
-      mode     =&gt; &#39;0750&#39;,
+      owner    =&gt; &#39;root&#39;,
+      group    =&gt; &#39;root&#39;,
+      mode     =&gt; &#39;0755&#39;,
       selrange =&gt; s0,
       selrole  =&gt; object_r,
-      seltype  =&gt; etc_t,
-      seluser  =&gt; system_u,
-    }
-
-    # ssl directory
-    file { $pt_puppetdb_ssl:
-      ensure   =&gt; directory,
-      path     =&gt; $pt_puppetdb_ssl,
-      owner    =&gt; $pt_db_user,
-      group    =&gt; $pt_db_user,
-      mode     =&gt; &#39;0750&#39;,
-      selrange =&gt; s0,
-      selrole  =&gt; object_r,
-      seltype  =&gt; etc_t,
-      seluser  =&gt; system_u,
-    }
-
-    # log dir
-    file { $pt_puppetdb_log:
-      ensure   =&gt; directory,
-      path     =&gt; $pt_puppetdb_log,
-      owner    =&gt; $pt_db_user,
-      group    =&gt; $pt_db_user,
-      mode     =&gt; &#39;0700&#39;,
-      selrange =&gt; s0,
-      selrole  =&gt; object_r,
-      seltype  =&gt; var_log_t,
+      seltype  =&gt; puppet_etc_t,
       seluser  =&gt; system_u,
     }
   }
diff --git a/doc/puppet_classes/puppet_cd_3A_3Apuppetdb_3A_3Afiles.html b/doc/puppet_classes/puppet_cd_3A_3Apuppetdb_3A_3Afiles.html
index cbb07c9..e2cd136 100644
--- a/doc/puppet_classes/puppet_cd_3A_3Apuppetdb_3A_3Afiles.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Apuppetdb_3A_3Afiles.html
@@ -77,7 +77,7 @@
 </div>
 
   <h2>Summary</h2>
-  Class manages puppetdb files
+  Class manages config files for the puppetdb section
 
 <h2>Overview</h2>
 <div class="docstring">
@@ -212,7 +212,21 @@
 114
 115
 116
-117</pre>
+117
+118
+119
+120
+121
+122
+123
+124
+125
+126
+127
+128
+129
+130
+131</pre>
       </td>
       <td>
         <pre class="code"><span class="info file"># File 'manifests/puppetdb/files.pp', line 6</span>
@@ -220,13 +234,12 @@
 class puppet_cd::puppetdb::files (
 
 ) inherits puppet_cd::params {
-  if ($fqdn == $pt_db_fqdn) and ($pt_use_puppetdb == true) {
+  if ($pt_use_puppetdb == true) and ($pt_puppetdb_fqdn == $fqdn) {
     require puppet_cd::puppetdb::dirs
 
     # bootstrap.cfg
-    file { $pt_bootstrap_conf:
+    file { $pt_bootstrap_conf_file:
       ensure   =&gt; file,
-      path     =&gt; $pt_bootstrap_conf,
       owner    =&gt; &#39;root&#39;,
       group    =&gt; &#39;root&#39;,
       mode     =&gt; &#39;0644&#39;,
@@ -234,29 +247,12 @@ class puppet_cd::puppetdb::files (
       selrole  =&gt; object_r,
       seltype  =&gt; puppet_etc_t,
       seluser  =&gt; system_u,
-      content  =&gt; template($pt_bootstrap_erb),
+      content  =&gt; template($pt_bootstrap_conf_erb),
       notify   =&gt; Service[$pt_db_service],
     }
-
-    # requestlogging.xml
-    file { $pt_request_logging_conf:
-      ensure   =&gt; file,
-      path     =&gt; $pt_request_logging_conf,
-      owner    =&gt; &#39;root&#39;,
-      group    =&gt; &#39;root&#39;,
-      mode     =&gt; &#39;0644&#39;,
-      selrange =&gt; s0,
-      selrole  =&gt; object_r,
-      seltype  =&gt; puppet_etc_t,
-      seluser  =&gt; system_u,
-      content  =&gt; template($pt_request_logging_erb),
-      notify   =&gt; Service[$pt_db_service],
-    }
-
     # logback.xml
-    file { $pt_logback_conf:
+    file { $pt_logback_conf_file:
       ensure   =&gt; file,
-      path     =&gt; $pt_logback_conf,
       owner    =&gt; &#39;root&#39;,
       group    =&gt; &#39;root&#39;,
       mode     =&gt; &#39;0644&#39;,
@@ -264,14 +260,52 @@ class puppet_cd::puppetdb::files (
       selrole  =&gt; object_r,
       seltype  =&gt; puppet_etc_t,
       seluser  =&gt; system_u,
-      content  =&gt; template($pt_logback_erb),
+      content  =&gt; template($pt_logback_conf_erb),
+      notify   =&gt; Service[$pt_db_service],
+    }
+    # request-logging.xml
+    file { $pt_logging_conf_file:
+      ensure   =&gt; file,
+      owner    =&gt; &#39;root&#39;,
+      group    =&gt; &#39;root&#39;,
+      mode     =&gt; &#39;0644&#39;,
+      selrange =&gt; s0,
+      selrole  =&gt; object_r,
+      seltype  =&gt; puppet_etc_t,
+      seluser  =&gt; system_u,
+      content  =&gt; template($pt_logging_conf_erb),
+      notify   =&gt; Service[$pt_db_service],
+    }
+    # service config
+    file { $pt_service_conf_file:
+      ensure   =&gt; file,
+      owner    =&gt; &#39;root&#39;,
+      group    =&gt; &#39;root&#39;,
+      mode     =&gt; &#39;0644&#39;,
+      selrange =&gt; s0,
+      selrole  =&gt; object_r,
+      seltype  =&gt; systemd_unit_file_t,
+      seluser  =&gt; system_u,
+      content  =&gt; template($pt_service_conf_erb),
+      notify   =&gt; Service[$pt_db_service],
+    }
+    # conf.d files
+    ## auth.conf
+    file { $pt_auth_conf_file:
+      ensure   =&gt; file,
+      owner    =&gt; &#39;root&#39;,
+      group    =&gt; &#39;root&#39;,
+      mode     =&gt; &#39;0644&#39;,
+      selrange =&gt; s0,
+      selrole  =&gt; object_r,
+      seltype  =&gt; puppet_etc_t,
+      seluser  =&gt; system_u,
+      content  =&gt; template($pt_auth_conf_erb),
       notify   =&gt; Service[$pt_db_service],
     }
-
     # config.ini
-    file { $pt_puppetdb_config_ini:
+    file { $pt_config_ini_file:
       ensure   =&gt; file,
-      path     =&gt; $pt_puppetdb_config_ini,
       owner    =&gt; &#39;root&#39;,
       group    =&gt; &#39;root&#39;,
       mode     =&gt; &#39;0644&#39;,
@@ -279,14 +313,12 @@ class puppet_cd::puppetdb::files (
       selrole  =&gt; object_r,
       seltype  =&gt; puppet_etc_t,
       seluser  =&gt; system_u,
-      content  =&gt; template($pt_puppetdb_config_erb),
+      content  =&gt; template($pt_config_ini_erb),
       notify   =&gt; Service[$pt_db_service],
     }
-
     # database.ini
-    file { $pt_puppetdb_database_ini:
+    file { $pt_db_ini_file:
       ensure   =&gt; file,
-      path     =&gt; $pt_puppetdb_database_ini,
       owner    =&gt; &#39;root&#39;,
       group    =&gt; &#39;root&#39;,
       mode     =&gt; &#39;0644&#39;,
@@ -294,14 +326,12 @@ class puppet_cd::puppetdb::files (
       selrole  =&gt; object_r,
       seltype  =&gt; puppet_etc_t,
       seluser  =&gt; system_u,
-      content  =&gt; template($pt_puppetdb_database_erb),
+      content  =&gt; template($pt_db_ini_erb),
       notify   =&gt; Service[$pt_db_service],
     }
-
     # jetty.ini
-    file { $pt_puppetdb_jetty_ini :
+    file { $pt_jetty_ini_file:
       ensure   =&gt; file,
-      path     =&gt; $pt_puppetdb_jetty_ini ,
       owner    =&gt; &#39;root&#39;,
       group    =&gt; &#39;root&#39;,
       mode     =&gt; &#39;0644&#39;,
@@ -309,14 +339,12 @@ class puppet_cd::puppetdb::files (
       selrole  =&gt; object_r,
       seltype  =&gt; puppet_etc_t,
       seluser  =&gt; system_u,
-      content  =&gt; template($pt_puppetdb_jetty_erb),
+      content  =&gt; template($pt_jetty_ini_erb),
       notify   =&gt; Service[$pt_db_service],
     }
-
     # repl.ini
-    file { $pt_puppetdb_repl_ini:
+    file { $pt_repl_ini_file:
       ensure   =&gt; file,
-      path     =&gt; $pt_puppetdb_repl_ini,
       owner    =&gt; &#39;root&#39;,
       group    =&gt; &#39;root&#39;,
       mode     =&gt; &#39;0644&#39;,
@@ -324,7 +352,7 @@ class puppet_cd::puppetdb::files (
       selrole  =&gt; object_r,
       seltype  =&gt; puppet_etc_t,
       seluser  =&gt; system_u,
-      content  =&gt; template($pt_puppetdb_repl_erb),
+      content  =&gt; template($pt_repl_ini_erb),
       notify   =&gt; Service[$pt_db_service],
     }
   }
diff --git a/doc/puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html b/doc/puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html
index c1af0f2..7b90692 100644
--- a/doc/puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html
@@ -147,7 +147,8 @@
 49
 50
 51
-52</pre>
+52
+53</pre>
       </td>
       <td>
         <pre class="code"><span class="info file"># File 'manifests/server/service.pp', line 6</span>
@@ -190,6 +191,7 @@ class puppet_cd::server::service (
 
   if ($pt_use_puppetdb == true) and ($pt_puppetdb_fqdn == $fqdn) {
     require puppet_cd::firewall::iptables
+    require puppet_cd::puppetdb::files
 
     service { $pt_db_service:
       ensure     =&gt; running,
