diff --git a/Puppetfile b/Puppetfile
index 5ad891a..e4f3c7d 100644
--- a/Puppetfile
+++ b/Puppetfile
@@ -20,6 +20,7 @@ mod 'puppet-yum', '7.0.0'
 mod 'puppet-archive', '7.0.0'
 mod 'puppet-chrony', '2.6.0'
 mod 'puppet-puppetboard', '9.0.0'
+mod 'puppet-nginx', '5.0.0'
 
 # other
 mod 'ghoneycutt-puppet', '3.3.0'
diff --git a/hieradata/common.yaml b/hieradata/common.yaml
index eea398c..0a0ce3e 100644
--- a/hieradata/common.yaml
+++ b/hieradata/common.yaml
@@ -63,3 +63,7 @@ profiles::base::hosts::additional_hosts:
     hostname: prodinf01n05.main.unkin.net
     aliases:
       - prodinf01n05
+  - ip: 198.18.17.6
+    hostname: prodinf01n06.main.unkin.net
+    aliases:
+      - prodinf01n06
diff --git a/site/profiles/manifests/puppet/puppetboard.pp b/site/profiles/manifests/puppet/puppetboard.pp
index 85d2d4e..0085eb5 100644
--- a/site/profiles/manifests/puppet/puppetboard.pp
+++ b/site/profiles/manifests/puppet/puppetboard.pp
@@ -1,43 +1,123 @@
 # Class: profiles::puppet::puppetboard
 #
-# This class manages the configuration of Puppetboard, a web frontend for PuppetDB.
-#
-# Parameters:
-#   - `python_version`: Specifies the Python version used for the virtualenv where Puppetboard runs.
-#   - `manage_virtualenv`: Determines if this class should handle the creation of the virtual environment for Puppetboard.
-#   - `reports_count`: Defines the number of reports to show per node in Puppetboard.
-#   - `offline_mode`: Determines if Puppetboard should work in offline mode or not.
-#   - `default_environment`: Sets the default Puppet environment to filter results in Puppetboard.
-#
-# Usage:
-#   This class can be called directly in your manifests or through Hiera.
-#
-# Example:
-#   To use the default parameters (as shown below), you can declare the class:
-#   
-#   include profiles::puppet::puppetboard
-#
-#   Alternatively, you can customize the parameters:
-#
-#   class { 'profiles::puppet::puppetboard':
-#     python_version => '3.8',
-#     reports_count  => 50,
-#     offline_mode   => false,
-#   }
+# This class manages the Puppetboard, a web interface to PuppetDB.
 #
 class profiles::puppet::puppetboard (
-  String $python_version = '3.6',
-  Boolean $manage_virtualenv = false,
-  Integer $reports_count = 40,
-  Boolean $offline_mode = true,
-  String $default_environment = '*',
+  String  $python_version       = '3.6',
+  Boolean $manage_virtualenv    = false,
+  Integer $reports_count        = 40,
+  Boolean $offline_mode         = true,
+  String  $default_environment  = '*',
+  String  $puppetdb_host        = lookup('profiles::puppet::puppetdb::puppetdb_host'),
+  Stdlib::AbsolutePath $basedir = '/opt/puppetboard',
+  Stdlib::Absolutepath $virtualenv_dir  = "${basedir}/venv",
+  Stdlib::Absolutepath $settings_file   = "${basedir}/settings.py",
+  String  $user                 = 'puppetboard',
+  String  $group                = 'puppetboard',
+  String  $gunicorn_bind        = '127.0.0.1:8080',
+  String  $gunicorn_bind_prefix = 'http://',
+  Integer $gunicorn_workers     = 1,
+  Integer $gunicorn_threads     = 4,
+  String  $nginx_vhost          = 'puppetboard.main.unkin.net',
+  Integer $nginx_port           = 80,
+  #String[1] $secret_key         = "${fqdn_rand_string(32)}",
 ) {
 
+  # store puppet-agents ssl settings/certname
+  $ssl_dir = $::settings::ssldir
+  $puppetboard_certname = $trusted['certname']
+
+  # setup the puppetboard venv
   class { 'puppetboard':
     python_version      => $python_version,
     manage_virtualenv   => $manage_virtualenv,
     reports_count       => $reports_count,
     offline_mode        => $offline_mode,
+    basedir             => $basedir,
+    virtualenv_dir      => $virtualenv_dir,
+    settings_file       => $settings_file,
+    #secret_key         => $secret_key,
     default_environment => $default_environment,
+    puppetdb_host       => $puppetdb_host,
+    puppetdb_port       => 8081,
+    puppetdb_key        => "${basedir}/ssl/${puppetboard_certname}.pem",
+    puppetdb_ssl_verify => "${ssl_dir}/certs/ca.pem",
+    puppetdb_cert       => "${ssl_dir}/certs/${puppetboard_certname}.pem",
+    user                => $user,
+    group               => $group,
+    notify              => Service['puppetboard.service'],
+  }
+
+  # install gunicorn
+  python::pip { 'puppetboard_gunicorn':
+    ensure     => 'latest',
+    pkgname    => 'gunicorn',
+    virtualenv => $virtualenv_dir,
+    require    => Class['puppetboard'],
+  }
+
+  # create ssl dir for puppetboard
+  file { "${basedir}/ssl":
+    ensure  => directory,
+    owner   => $user,
+    group   => $group,
+    mode    => '0750',
+    require => Class['puppetboard'],
+  }
+
+  # copy the ssl certs for puppetboard
+  file { "${basedir}/ssl/${puppetboard_certname}.pem":
+    ensure  => present,
+    owner   => $user,
+    group   => $group,
+    mode    => '0750',
+    source  => "${ssl_dir}/private_keys/${puppetboard_certname}.pem",
+    require => File["${basedir}/ssl"],
+    notify  => Service['puppetboard.service'],
+  }
+
+  # create script to start service
+  file { "${virtualenv_dir}/bin/start_puppetboard":
+    ensure  => file,
+    owner   => $user,
+    group   => $group,
+    mode    => '0755',
+    content => template('profiles/puppet/puppetboard/start_puppetboard.erb'),
+    require => Class['puppetboard'],
+    notify  => Service['puppetboard.service'],
+  }
+
+  # create systemd service unit
+  systemd::unit_file { 'puppetboard.service':
+    content => template('profiles/puppet/puppetboard/puppetboard.service.erb'),
+    active  => true,
+    enable  => true,
+    require => File["${virtualenv_dir}/bin/start_puppetboard"],
+  }
+
+  # ensure the nginx service is managed
+  class { 'nginx': }
+
+  # create the nginx vhost
+  nginx::resource::server { $nginx_vhost:
+      listen_port           => $nginx_port,
+      server_name           => [$nginx_vhost],
+      proxy                 => "${gunicorn_bind_prefix}${gunicorn_bind}",
+      proxy_set_header      => [
+          'Host $http_host',
+          'X-Real-IP $remote_addr',
+          'X-Scheme $scheme',
+      ],
+      proxy_pass_header     => ['Server'],
+      proxy_redirect        => 'off',
+      proxy_connect_timeout => '10s',
+      proxy_read_timeout    => '10s',
+  }
+
+  # service static files from nginx for performance
+  nginx::resource::location { "${nginx_vhost}_static":
+      location       => '/static',
+      server         => $nginx_vhost,
+      location_alias => "${virtualenv_dir}/lib/python${python_version}/site-packages/puppetboard/static",
   }
 }
diff --git a/site/profiles/templates/puppet/puppetboard/puppetboard.service.erb b/site/profiles/templates/puppet/puppetboard/puppetboard.service.erb
new file mode 100644
index 0000000..08fec4d
--- /dev/null
+++ b/site/profiles/templates/puppet/puppetboard/puppetboard.service.erb
@@ -0,0 +1,12 @@
+[Unit]
+Description=puppetboard daemon
+After=network.target
+[Service]
+Type=simple
+User=<%= @user %>
+Group=<%= @group %>
+Environment="PUPPETBOARD_SETTINGS=<%= @settings_file %>"
+ExecStart=<%= @virtualenv_dir %>/bin/start_puppetboard
+PrivateTmp=true
+[Install]
+WantedBy=multi-user.target
diff --git a/site/profiles/templates/puppet/puppetboard/start_puppetboard.erb b/site/profiles/templates/puppet/puppetboard/start_puppetboard.erb
new file mode 100644
index 0000000..46e6da3
--- /dev/null
+++ b/site/profiles/templates/puppet/puppetboard/start_puppetboard.erb
@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+<%= @virtualenv_dir %>/bin/gunicorn \
+    --workers <%= @gunicorn_workers %> \
+    --threads <%= @gunicorn_threads %> \
+    --config <%= @settings_file %> \
+    --bind <%= @gunicorn_bind %> \
+    puppetboard.app:app
diff --git a/site/roles/manifests/puppet/puppetboard.pp b/site/roles/manifests/puppet/puppetboard.pp
new file mode 100644
index 0000000..34862c3
--- /dev/null
+++ b/site/roles/manifests/puppet/puppetboard.pp
@@ -0,0 +1,6 @@
+# a role to deploy the puppetboard
+class roles::puppet::puppetboard {
+    include profiles::defaults
+    include profiles::base
+    include profiles::puppet::puppetboard
+  }