diff --git a/doc/_index.html b/doc/_index.html
index 3fb5c45..5f95f08 100644
--- a/doc/_index.html
+++ b/doc/_index.html
@@ -98,6 +98,11 @@
       
             </li>
     
+            <li>
+      <span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Amain_3A_3Auser.html" title="puppet_classes::puppet_cd::main::user (puppet_class)">puppet_cd::main::user</a></span>
+      
+            </li>
+    
             <li>
       <span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Amain_3A_3Ayumrepo.html" title="puppet_classes::puppet_cd::main::yumrepo (puppet_class)">puppet_cd::main::yumrepo</a></span>
       
diff --git a/doc/file.README.html b/doc/file.README.html
index 109ffba..931e926 100644
--- a/doc/file.README.html
+++ b/doc/file.README.html
@@ -93,6 +93,10 @@ fqdn, db fqdn or none (agent).</p>
 <p>open firewall ports depending on fqdn choices</p>
 </li><li>
 <p>start services as required</p>
+</li><li>
+<p>manage directories</p>
+</li><li>
+<p>manage user settings (optional)</p>
 </li></ul>
 
 <h2 id="label-Support">Support</h2>
diff --git a/doc/index.html b/doc/index.html
index 8e69ee2..f674b1f 100644
--- a/doc/index.html
+++ b/doc/index.html
@@ -93,6 +93,10 @@ fqdn, db fqdn or none (agent).</p>
 <p>open firewall ports depending on fqdn choices</p>
 </li><li>
 <p>start services as required</p>
+</li><li>
+<p>manage directories</p>
+</li><li>
+<p>manage user settings (optional)</p>
 </li></ul>
 
 <h2 id="label-Support">Support</h2>
diff --git a/doc/puppet_class_list.html b/doc/puppet_class_list.html
index 0f78fc0..3b1ec3d 100644
--- a/doc/puppet_class_list.html
+++ b/doc/puppet_class_list.html
@@ -78,21 +78,28 @@
     </li>
     
 
-    <li id="object_puppet_classes::puppet_cd::main::yumrepo" class="odd">
+    <li id="object_puppet_classes::puppet_cd::main::user" class="odd">
+      <div class="item">
+        <span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Amain_3A_3Auser.html" title="puppet_classes::puppet_cd::main::user (puppet_class)">puppet_cd::main::user</a></span>
+      </div>
+    </li>
+    
+
+    <li id="object_puppet_classes::puppet_cd::main::yumrepo" class="even">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Amain_3A_3Ayumrepo.html" title="puppet_classes::puppet_cd::main::yumrepo (puppet_class)">puppet_cd::main::yumrepo</a></span>
       </div>
     </li>
     
 
-    <li id="object_puppet_classes::puppet_cd::params" class="even">
+    <li id="object_puppet_classes::puppet_cd::params" class="odd">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Aparams.html" title="puppet_classes::puppet_cd::params (puppet_class)">puppet_cd::params</a></span>
       </div>
     </li>
     
 
-    <li id="object_puppet_classes::puppet_cd::server::service" class="odd">
+    <li id="object_puppet_classes::puppet_cd::server::service" class="even">
       <div class="item">
         <span class='object_link'><a href="puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html" title="puppet_classes::puppet_cd::server::service (puppet_class)">puppet_cd::server::service</a></span>
       </div>
diff --git a/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Aconfig.html b/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Aconfig.html
index 50aeb95..bd9b6f5 100644
--- a/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Aconfig.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Aconfig.html
@@ -77,7 +77,7 @@
 </div>
 
   <h2>Summary</h2>
-  Class manages parameters for the puppet_cd module.
+  Class manages main logic for the puppet_cd module.
 
 <h2>Overview</h2>
 <div class="docstring">
diff --git a/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Adirs.html b/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Adirs.html
index 11cb183..2669f2e 100644
--- a/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Adirs.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Adirs.html
@@ -132,7 +132,7 @@ class puppet_cd::main::dirs (
     path     =&gt; $pt_main_dir,
     owner    =&gt; &#39;root&#39;,
     group    =&gt; &#39;root&#39;,
-    mode     =&gt; &#39;0750&#39;,
+    mode     =&gt; &#39;0755&#39;,
     selrange =&gt; s0,
     selrole  =&gt; object_r,
     seltype  =&gt; puppet_etc_t,
diff --git a/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Auser.html b/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Auser.html
new file mode 100644
index 0000000..9a9f006
--- /dev/null
+++ b/doc/puppet_classes/puppet_cd_3A_3Amain_3A_3Auser.html
@@ -0,0 +1,202 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>
+  Puppet Class: puppet_cd::main::user
+  
+    &mdash; Documentation by YARD 0.9.26
+  
+</title>
+
+  <link rel="stylesheet" href="../css/style.css" type="text/css" />
+
+  <link rel="stylesheet" href="../css/common.css" type="text/css" />
+
+<script type="text/javascript">
+  pathId = "puppet_classes::puppet_cd::main::user";
+  relpath = '../';
+</script>
+
+
+  <script type="text/javascript" charset="utf-8" src="../js/jquery.js"></script>
+
+  <script type="text/javascript" charset="utf-8" src="../js/app.js"></script>
+
+
+  </head>
+  <body>
+    <div class="nav_wrap">
+      <iframe id="nav" src="../puppet_class_list.html?1"></iframe>
+      <div id="resizer"></div>
+    </div>
+
+    <div id="main" tabindex="-1">
+      <div id="header">
+        <div id="menu">
+  
+    <a href="../_index.html">Index (p)</a> &raquo;
+    <span class='title'><span class='object_link'>Puppet Classes</span></span>
+     &raquo; 
+    <span class="title">puppet_cd::main::user</span>
+  
+</div>
+
+        <div id="search">
+  
+    <a class="full_list_link" id="puppet_class_list_link"
+        href="../puppet_class_list.html">
+
+        <svg width="24" height="24">
+          <rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
+          <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
+        </svg>
+    </a>
+  
+</div>
+        <div class="clear"></div>
+      </div>
+
+      <div id="content"><h1>Puppet Class: puppet_cd::main::user</h1>
+<div class="box_info">
+  
+  <dl>
+    <dt>Inherits:</dt>
+    <dd><span class='object_link'><a href="puppet_cd_3A_3Aparams.html" title="puppet_classes::puppet_cd::params (puppet_class)">puppet_cd::params</a></span></dd>
+  </dl>
+  
+  
+  <dl>
+    <dt>Defined in:</dt>
+    <dd>
+      manifests/main/user.pp
+    </dd>
+  </dl>
+</div>
+
+  <h2>Summary</h2>
+  Class manages user settings for the puppet_cd module.
+
+<h2>Overview</h2>
+<div class="docstring">
+  <div class="discussion">
+    
+<p>puppet_cd::main::user.pp Module name: puppet_cd Author: Arne Teuke
+(arne_teuke@confdroid)</p>
+
+  </div>
+</div>
+
+
+<div class="tags">
+  
+
+
+</div><div class="method_details_list">
+  <table class="source_code">
+    <tr>
+      <td>
+        <pre class="lines">
+
+
+6
+7
+8
+9
+10
+11
+12
+13
+14
+15
+16
+17
+18
+19
+20
+21
+22
+23
+24
+25
+26
+27
+28
+29
+30
+31
+32
+33
+34
+35
+36
+37
+38
+39
+40
+41
+42
+43
+44
+45
+46</pre>
+      </td>
+      <td>
+        <pre class="code"><span class="info file"># File 'manifests/main/user.pp', line 6</span>
+
+class puppet_cd::main::user (
+
+) inherits puppet_cd::params {
+  if ($fqdn == $pt_pm_fqdn) and ($pt_manage_user == true) {
+    user { $pt_user:
+      ensure     =&gt; present,
+      name       =&gt; $pt_user,
+      allowdupe  =&gt; false,
+      comment    =&gt; $pt_user_comment,
+      gid        =&gt; $pt_user,
+      managehome =&gt; true,
+      home       =&gt; $pt_user_home,
+      shell      =&gt; $pt_user_shell,
+    }
+
+    group { $pt_user:
+      ensure    =&gt; present,
+      name      =&gt; $pt_user,
+      allowdupe =&gt; false,
+    }
+  }
+
+  if ($fqdn == $pt_db_fqdn) and ($pt_manage_db_user == true) {
+    user { $pt_db_user:
+      ensure     =&gt; present,
+      name       =&gt; $pt_db_user,
+      allowdupe  =&gt; false,
+      comment    =&gt; $pt_db_user_comment,
+      gid        =&gt; $pt_db_user,
+      managehome =&gt; true,
+      home       =&gt; $pt_db_user_home,
+      shell      =&gt; $pt_db_user_shell,
+    }
+
+    group { $pt_db_user:
+      ensure    =&gt; present,
+      name      =&gt; $pt_db_user,
+      allowdupe =&gt; false,
+    }
+  }
+}</pre>
+      </td>
+    </tr>
+  </table>
+</div>
+</div>
+
+      <div id="footer">
+     Generated by <a href="http://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>.
+</div>
+
+    </div>
+  </body>
+</html>
\ No newline at end of file
diff --git a/doc/puppet_classes/puppet_cd_3A_3Aparams.html b/doc/puppet_classes/puppet_cd_3A_3Aparams.html
index 1696b04..3254a4c 100644
--- a/doc/puppet_classes/puppet_cd_3A_3Aparams.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Aparams.html
@@ -69,6 +69,8 @@
       
       <span class='object_link'><a href="puppet_cd_3A_3Amain_3A_3Adirs.html" title="puppet_classes::puppet_cd::main::dirs (puppet_class)">puppet_cd::main::dirs</a></span><br/>
       
+      <span class='object_link'><a href="puppet_cd_3A_3Amain_3A_3Auser.html" title="puppet_classes::puppet_cd::main::user (puppet_class)">puppet_cd::main::user</a></span><br/>
+      
       <span class='object_link'><a href="puppet_cd_3A_3Amain_3A_3Afiles.html" title="puppet_classes::puppet_cd::main::files (puppet_class)">puppet_cd::main::files</a></span><br/>
       
       <span class='object_link'><a href="puppet_cd_3A_3Amain_3A_3Aconfig.html" title="puppet_classes::puppet_cd::main::config (puppet_class)">puppet_cd::main::config</a></span><br/>
@@ -305,6 +307,204 @@ considered a puppet agent.</p>
         &mdash;
         <div class='inline'>
 <p>whether to use ssl only.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_manage_user</span>
+      
+      
+        <span class='type'>(<tt>Boolean</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>true</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>whether to manage the puppet user</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_user</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;puppet&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>the puppet user</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_user_comment</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;puppetserver daemon&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>the user comment</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_user_home</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;/opt/puppetlabs/server/data/puppetserver&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>the user home</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_user_shell</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;/sbin/nologin&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>the user shell</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_manage_db_user</span>
+      
+      
+        <span class='type'>(<tt>Boolean</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>true</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>whether to manage the user for puppetdb</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_db_user</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;puppetdb&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>the puppetdb user</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_db_user_comment</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;PuppetDB daemon&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>the user comment for puppetdb user</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_db_user_home</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;/opt/puppetlabs/server/data/puppetdb&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>the user home for the puppetdb user</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_db_user_shell</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;/sbin/nologin&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>the shell for the puppetdb user</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>pt_use_puppetdb</span>
+      
+      
+        <span class='type'>(<tt>Boolean</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>false</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>whether to use puppetdb on host</p>
 </div>
       
     </li>
@@ -320,17 +520,6 @@ considered a puppet agent.</p>
         <pre class="lines">
 
 
-18
-19
-20
-21
-22
-23
-24
-25
-26
-27
-28
 29
 30
 31
@@ -360,47 +549,86 @@ considered a puppet agent.</p>
 55
 56
 57
-58</pre>
+58
+59
+60
+61
+62
+63
+64
+65
+66
+67
+68
+69
+70
+71
+72
+73
+74
+75
+76
+77
+78
+79
+80
+81
+82
+83</pre>
       </td>
       <td>
-        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 18</span>
+        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 29</span>
 
 class puppet_cd::params (
 
-  Boolean $pt_manage_fw     = true,
-  String $pt_pm_fqdn        = &#39;puppetmaster.example.net&#39;,
-  String $pt_db_fqdn        = &#39;puppetdb.example.net&#39;,
+  Boolean $pt_manage_fw       = true,
+  String $pt_pm_fqdn          = &#39;puppetmaster.example.net&#39;,
+  String $pt_db_fqdn          = &#39;puppetdb.example.net&#39;,
 
   # installation
-  String $pt_package_url    = &#39;https://yum.puppet.com/puppet8-release-el-9.noarch.rpm&#39;,
-  String $pt_pkg_ensure     = &#39;present&#39;,
-  String $pt_agent_pkg      = &#39;puppet-agent&#39;,
-  String $pt_server_pkg     = &#39;puppetserver&#39;,
-  Array $pt_db_pkg          = [&#39;puppetdb&#39;,&#39;puppetdb-termini&#39;],
-
-  String $pt_no_ssl_port    = &#39;8080&#39;,
-  String $pt_ssl_port       = &#39;8081&#39;,
-  Boolean $pt_use_ssl_only  = true,
+  String $pt_package_url      = &#39;https://yum.puppet.com/puppet8-release-el-9.noarch.rpm&#39;,
+  String $pt_pkg_ensure       = &#39;present&#39;,
+  String $pt_agent_pkg        = &#39;puppet-agent&#39;,
+  String $pt_server_pkg       = &#39;puppetserver&#39;,
+  Array $pt_db_pkg            = [&#39;puppetdb&#39;,&#39;puppetdb-termini&#39;],
+  # puppetdb
+  Boolean $pt_use_puppetdb    = false,
+  String $pt_no_ssl_port      = &#39;8080&#39;,
+  String $pt_ssl_port         = &#39;8081&#39;,
+  Boolean $pt_use_ssl_only    = true,
+  # user settings
+  ## puppet user
+  Boolean $pt_manage_user     = true,
+  String $pt_user             = &#39;puppet&#39;,
+  String $pt_user_comment     = &#39;puppetserver daemon&#39;,
+  String $pt_user_home        = &#39;/opt/puppetlabs/server/data/puppetserver&#39;,
+  String $pt_user_shell       = &#39;/sbin/nologin&#39;,
+  ## puppetdb user
+  Boolean $pt_manage_db_user  = true,
+  String $pt_db_user          = &#39;puppetdb&#39;,
+  String $pt_db_user_comment  = &#39;PuppetDB daemon&#39;,
+  String $pt_db_user_home     = &#39;/opt/puppetlabs/server/data/puppetdb&#39;,
+  String $pt_db_user_shell    = &#39;/sbin/nologin&#39;,
 
 ) {
-  $fqdn                     = $facts[&#39;networking&#39;][&#39;fqdn&#39;]
+  $fqdn                       = $facts[&#39;networking&#39;][&#39;fqdn&#39;]
 
 # directories
-  $pt_main_dir              = &#39;/etc/puppetlabs&#39;
-  $pt_puppetdir             = &quot;${pt_main_dir}/puppet&quot;
-  $pt_code_dir              = &quot;${pt_main_dir}/code&quot;
-  $pt_environmentspath      = &quot;${pt_code_dir}/environments&quot;
-  $pt_ssldir                = &quot;${pt_puppetdir}/ssl&quot;
-  $pt_privatekeydir         = &quot;${pt_ssldir}/private_keys&quot;
-  $pt_rundir                = &#39;/var/run/puppetlabs&#39;
-  $pt_rundir_master         = &#39;/var/run/puppetlabs/puppetserver&#39;
-  $pt_vardir                = &#39;/opt/puppetlabs/puppet/cache&#39;
-  $pt_vardir_master         = &#39;/opt/puppetlabs/server/data/puppetserver&#39;
+  $pt_main_dir                = &#39;/etc/puppetlabs&#39;
+  $pt_puppetdir               = &quot;${pt_main_dir}/puppet&quot;
+  $pt_code_dir                = &quot;${pt_main_dir}/code&quot;
+  $pt_environmentspath        = &quot;${pt_code_dir}/environments&quot;
+  $pt_ssldir                  = &quot;${pt_puppetdir}/ssl&quot;
+  $pt_privatekeydir           = &quot;${pt_ssldir}/private_keys&quot;
+  $pt_rundir                  = &#39;/var/run/puppetlabs&#39;
+  $pt_rundir_master           = &#39;/var/run/puppetlabs/puppetserver&#39;
+  $pt_vardir                  = &#39;/opt/puppetlabs/puppet/cache&#39;
+  $pt_vardir_master           = &#39;/opt/puppetlabs/server/data/puppetserver&#39;
 
 # service
-  $pt_server_service        = &#39;puppetserver&#39;
-  $pt_agent_service         = &#39;puppet&#39;
-  $pt_db_service            = &#39;puppetdb&#39;
+  $pt_server_service          = &#39;puppetserver&#39;
+  $pt_agent_service           = &#39;puppet&#39;
+  $pt_db_service              = &#39;puppetdb&#39;
 
 #
   # includes must be last
diff --git a/doc/puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html b/doc/puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html
index 20d505c..4290825 100644
--- a/doc/puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html
+++ b/doc/puppet_classes/puppet_cd_3A_3Aserver_3A_3Aservice.html
@@ -137,7 +137,8 @@
 39
 40
 41
-42</pre>
+42
+43</pre>
       </td>
       <td>
         <pre class="code"><span class="info file"># File 'manifests/server/service.pp', line 6</span>
@@ -158,6 +159,7 @@ class puppet_cd::server::service (
   # manage puppet server service
   if $fqdn == $pt_pm_fqdn {
     require puppet_cd::firewall::iptables
+    require puppet_cd::main::user
 
     service { $pt_server_service:
       ensure     =&gt; running,