diff --git a/manifests/main/files.pp b/manifests/main/files.pp
index 8993d09..129fb95 100644
--- a/manifests/main/files.pp
+++ b/manifests/main/files.pp
@@ -42,5 +42,16 @@ class puppet_cd::main::files (
       content => template($pt_puppetdb_conf_erb),
 #      notify  => Service[$pt_agent_service,$pt_server_service],
     }
+
+    # fix service file
+    file { $pt_puppetdb_service_file:
+      ensure  => file,
+      path    => $pt_puppetdb_service_file,
+      owner   => 'root',
+      group   => 'root',
+      mode    => '0644',
+      content => template($pt_puppetdb_service_erb),
+      notify  => Service[$pt_db_service],
+    }
   }
 }
diff --git a/manifests/params.pp b/manifests/params.pp
index 1a704e4..60c2d75 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -93,7 +93,7 @@ class puppet_cd::params (
   String $pt_db_fqdn                = 'puppetdb.example.net',
 
   # installation
-  String $pt_pkg_ensure             = 'present',
+  String $pt_pkg_ensure             = 'latest',
   String $pt_agent_pkg              = 'puppet-agent',
   String $pt_server_pkg             = 'puppetserver',
   Array $pt_db_pkg                  = ['puppetdb','puppetdb-termini'],
@@ -231,6 +231,8 @@ class puppet_cd::params (
   $pt_puppetdb_conf_erb             = 'puppet_cd/puppetdb/puppetdb.conf.erb'
   $pt_puppetdb_repl_ini             = "${pt_puppetdb_conf_d}/repl.ini"
   $pt_puppetdb_repl_erb             = 'puppet_cd/puppetdb/repl.ini.erb'
+  $pt_puppetdb_service_file         = '/usr/lib/systemd/system/puppetdb.service'
+  $pt_puppetdb_service_erb          = 'puppet_cd/puppetdb/puppetdb_service.erb'
 ## r10k
   $pt_r10k_file                     = "${pt_r10k_dir}/r10k.yaml"
   $pt_r10k_erb                      = 'puppet_cd/r10k/r10k.yaml.erb'
diff --git a/templates/puppetdb/puppetdb_service.erb b/templates/puppetdb/puppetdb_service.erb
new file mode 100644
index 0000000..66ac171
--- /dev/null
+++ b/templates/puppetdb/puppetdb_service.erb
@@ -0,0 +1,48 @@
+#
+# Local settings can be configured without being overwritten by package upgrades, for example
+# if you want to increase puppetdb open-files-limit to 10000,
+# you need to increase systemd's LimitNOFILE setting, so create a file named
+# "/etc/systemd/system/puppetdb.service.d/limits.conf" containing:
+#       [Service]
+#       LimitNOFILE=10000
+# You can confirm it worked by running systemctl daemon-reload
+# then running systemctl show puppetdb | grep LimitNOFILE
+#
+[Unit]
+Description=puppetdb Service
+After=syslog.target network.target nss-lookup.target
+
+[Service]
+Type=forking
+EnvironmentFile=/etc/sysconfig/puppetdb
+User=puppetdb
+TimeoutStartSec=14400
+TimeoutStopSec=60
+Restart=on-failure
+StartLimitBurst=5
+PIDFile=/run/puppetlabs/puppetdb/puppetdb.pid
+
+# https://tickets.puppetlabs.com/browse/EZ-129
+# Prior to systemd v228, TasksMax was unset by default, and unlimited. Starting in 228 a default of '512'
+# was implemented. This is low enough to cause problems for certain applications. In systemd 231, the
+# default was changed to be 15% of the default kernel limit. This explicitly sets TasksMax to 4915,
+# which should match the default in systemd 231 and later.
+# See https://github.com/systemd/systemd/issues/3211#issuecomment-233676333
+TasksMax=4915
+
+#set default privileges to -rw-r-----
+UMask=027
+
+
+ExecReload=/opt/puppetlabs/server/apps/puppetdb/bin/puppetdb reload
+ExecStart=/opt/puppetlabs/server/apps/puppetdb/bin/puppetdb start
+ExecStop=/opt/puppetlabs/server/apps/puppetdb/bin/puppetdb stop
+
+KillMode=process
+
+SuccessExitStatus=143
+
+StandardOutput=journald
+
+[Install]
+WantedBy=multi-user.target