diff --git a/hieradata/common.yaml b/hieradata/common.yaml
index 279c10b..3863f91 100644
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -176,9 +176,6 @@ profiles::ntp::client::peers:
   - 2.au.pool.ntp.org
   - 3.au.pool.ntp.org
 
-profiles::base::puppet_servers:
-  - 'prodinf01n01.main.unkin.net'
-
 consul::install_method: 'package'
 consul::manage_repo: false
 consul::bin_dir: /usr/bin
diff --git a/hieradata/os/AlmaLinux/all_releases.yaml b/hieradata/os/AlmaLinux/all_releases.yaml
index fc20a28..309179b 100644
--- a/hieradata/os/AlmaLinux/all_releases.yaml
+++ b/hieradata/os/AlmaLinux/all_releases.yaml
@@ -3,7 +3,9 @@
 profiles::firewall::firewalld::ensure_package: 'absent'
 profiles::firewall::firewalld::ensure_service: 'stopped'
 profiles::firewall::firewalld::enable_service: false
-profiles::puppet::agent::puppet_version: '7.34.0'
+profiles::puppet::agent::version: '7.37.2'
+profiles::puppet::agent::openvox_enable: true
+profiles::puppet::client::openvox_enable: true
 
 hiera_include:
   - profiles::almalinux::base
@@ -53,13 +55,6 @@ profiles::yum::global::repos:
     baseurl: https://packagerepo.service.consul/epel/%{facts.os.release.major}/everything-daily/%{facts.os.architecture}/os/
     gpgkey: https://packagerepo.service.consul/epel/%{facts.os.release.major}/everything-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-EPEL-%{facts.os.release.major}
     mirrorlist: absent
-  puppet:
-    name: puppet
-    descr: puppet repository
-    target: /etc/yum.repos.d/puppet.repo
-    baseurl: https://packagerepo.service.consul/puppet7/el/%{facts.os.release.major}-daily/%{facts.os.architecture}/os/
-    gpgkey: https://packagerepo.service.consul/puppet7/el/%{facts.os.release.major}-daily/%{facts.os.architecture}/os/RPM-GPG-KEY-puppet-20250406
-    mirrorlist: absent
   unkinben:
     name: unkinben
     descr: unkinben repository
diff --git a/hieradata/os/Debian/Debian11.yaml b/hieradata/os/Debian/Debian11.yaml
index 594461c..5aa30c0 100644
--- a/hieradata/os/Debian/Debian11.yaml
+++ b/hieradata/os/Debian/Debian11.yaml
@@ -11,4 +11,4 @@ profiles::apt::components:
   - main
   - non-free
 
-profiles::puppet::agent::puppet_version: '7.25.0-1bullseye'
+profiles::puppet::agent::version: '7.25.0-1bullseye'
diff --git a/hieradata/os/Debian/Debian12.yaml b/hieradata/os/Debian/Debian12.yaml
index f6b5f7d..8e19138 100644
--- a/hieradata/os/Debian/Debian12.yaml
+++ b/hieradata/os/Debian/Debian12.yaml
@@ -12,4 +12,4 @@ profiles::apt::components:
   - non-free
   - non-free-firmware
 
-profiles::puppet::agent::puppet_version: 'latest'
+profiles::puppet::agent::version: 'latest'
diff --git a/site/profiles/manifests/base.pp b/site/profiles/manifests/base.pp
index 7add82f..f9d2f80 100644
--- a/site/profiles/manifests/base.pp
+++ b/site/profiles/manifests/base.pp
@@ -1,7 +1,5 @@
 # this is the base class, which will be used by all servers
-class profiles::base (
-  Array  $puppet_servers,
-) {
+class profiles::base () {
 
   # run a limited set of classes on the first run aimed at bootstrapping the new node
   if $facts['firstrun'] {
@@ -13,11 +11,7 @@ class profiles::base (
 
     # manage the puppet agent
     include profiles::puppet::agent
-
-    # manage puppet clients
-    if ! member($puppet_servers, $trusted['certname']) {
-      include profiles::puppet::client
-    }
+    include profiles::puppet::client
 
     # include the base profiles
     include profiles::base::repos
diff --git a/site/profiles/manifests/puppet/agent.pp b/site/profiles/manifests/puppet/agent.pp
index 76164c1..f8a38e4 100644
--- a/site/profiles/manifests/puppet/agent.pp
+++ b/site/profiles/manifests/puppet/agent.pp
@@ -1,37 +1,66 @@
 # profiles::puppet::agent
 # This class manages Puppet agent package and service.
 class profiles::puppet::agent (
-  String $puppet_version      = 'latest',
+  String  $version        = 'latest',
+  Boolean $openvox_enable = false,
 ) {
 
-  # if puppet-version is anything other than latest, set a versionlock
-  $puppet_versionlock_ensure = $puppet_version ? {
+  # set openvox package, yumrepo, service
+  if $openvox_enable {
+    $use_package = 'openvox-agent'
+    $use_yumrepo = 'openvox'
+    $use_service = 'puppet'
+  }else{
+    $use_package = 'puppet-agent'
+    $use_yumrepo = 'puppet'
+    $use_service = 'puppet'
+  }
+
+  # manage the yumrepo for the given package
+  if $openvox_enable and $facts['os']['family'] == 'RedHat' {
+    yumrepo { 'openvox':
+      ensure  => 'present',
+      baseurl => "https://packagerepo.service.consul/openvox7/el/${facts['os']['release']['major']}-daily/${facts['os']['architecture']}/os/",
+      descr   => 'openvox repository',
+      gpgkey  => "https://packagerepo.service.consul/openvox7/el/${facts['os']['release']['major']}-daily/${facts['os']['architecture']}/os/GPG-KEY-openvox.pub"
+    }
+  }else{
+    yumrepo { 'puppet':
+      ensure  => 'present',
+      baseurl => "https://packagerepo.service.consul/puppet7/el/${facts['os']['release']['major']}-daily/${facts['os']['architecture']}/os/",
+      descr   => 'puppet repository',
+      gpgkey  => "https://packagerepo.service.consul/puppet7/el/${facts['os']['release']['major']}-daily/${facts['os']['architecture']}/os/RPM-GPG-KEY-puppet-20250406"
+    }
+  }
+
+  # if agent-version is anything other than latest, set a versionlock
+  $agent_versionlock_ensure = $version ? {
     'latest' => 'absent',
     default  => 'present',
   }
-  $puppet_versionlock_version = $puppet_version ? {
+  $agent_versionlock_version = $version ? {
     'latest' => undef,
-    default  => $puppet_version,
+    default  => $version,
   }
 
   case $facts['os']['family'] {
     'RedHat': {
-      # Ensure the puppet-agent package is installed and locked to a specific version
-      package { 'puppet-agent':
-        ensure  => $puppet_version,
-        require => Yumrepo['puppet'],
+      # Ensure the agent package is installed and locked to a specific version
+      package { $use_package:
+        ensure  => $version,
+        require => Yumrepo[$use_yumrepo],
       }
 
       # versionlock puppet-agent
-      yum::versionlock{'puppet-agent':
-        ensure  => $puppet_versionlock_ensure,
-        version => $puppet_versionlock_version,
+      yum::versionlock{$use_package:
+        ensure  => $agent_versionlock_ensure,
+        version => $agent_versionlock_version,
       }
     }
     'Debian': {
       # Ensure the puppet-agent package is installed and locked to a specific version
-      package { 'puppet-agent':
-        ensure  => $puppet_version,
+      package { $use_package:
+        ensure  => $version,
         require => Class['profiles::apt::puppet7'],
       }
     }
@@ -39,12 +68,11 @@ class profiles::puppet::agent (
   }
 
   # Ensure the puppet service is running
-  service { 'puppet':
+  service { $use_service:
     ensure     => 'running',
     enable     => true,
     hasrestart => true,
-    require    => Package['puppet-agent'],
+    require    => Package[$use_package],
   }
 
 }
-
diff --git a/site/profiles/manifests/puppet/client.pp b/site/profiles/manifests/puppet/client.pp
index 01df2ad..681972d 100644
--- a/site/profiles/manifests/puppet/client.pp
+++ b/site/profiles/manifests/puppet/client.pp
@@ -13,11 +13,17 @@ class profiles::puppet::client (
   Boolean $show_diff          = true,
   Boolean $usecacheonfailure  = false,
   Integer $facts_soft_limit   = 4096,
+  Boolean $openvox_enable     = false,
 ) {
 
   # dont manage puppet.conf if this is a puppetmaster
   if $facts['enc_role'] != 'roles::infra::puppet::master' {
 
+    if $openvox_enable {
+      $use_service = 'puppet'
+    }else{
+      $use_service = 'puppet'
+    }
 
     $dns_alt_names_string = join(sort($dns_alt_names), ',')
 
@@ -28,14 +34,14 @@ class profiles::puppet::client (
       owner   => 'root',
       group   => 'root',
       mode    => '0644',
-      notify  => Service['puppet'],
+      notify  => Service[$use_service],
     }
 
     package { 'toml_puppetagent_gem':
       ensure   => installed,
       name     => 'toml',
       provider => 'puppet_gem',
-      notify   => Service['puppet'],
+      notify   => Service[$use_service],
     }
   }
 }