diff --git a/defaults/main.yml b/defaults/main.yml
index 99ee0a6..ea51a14 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,5 +1,8 @@
-mosquitto_pid_file: "{{ mosquitto_pid_dir }}/mosquitto.pid"
 mosquitto_user: mosquitto
 mosquitto_group: mosquitto
 mosquitto_port: 61000
 mosquitto_pid_dir: /var/run
+mosquitto_base_dir: /etc/mosquitto
+mosquitto_config_dir: "{{ mosquitto_base_dir }}/conf.d"
+mosquitto_passwd_file: "{{ mosquitto_base_dir }}/passwd"
+mosquitto_pid_file: "{{ mosquitto_pid_dir }}/mosquitto.pid"
diff --git a/tasks/install.yml b/tasks/install.yml
index 857b12b..4be3f2f 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -28,14 +28,25 @@
     createhome: no
     shell: /sbin/nologin
 
-- name: Copy local configuration
+- name: Copy default configuration
   template:
-    src: "etc/mosquitto/conf.d/local.conf.j2"
-    dest: "/etc/mosquitto/conf.d/local.conf"
+    src: "etc/mosquitto/conf.d/default.conf.j2"
+    dest: "{{ mosquitto_config_dir }}/default.conf"
     owner: root
     group: root
     mode: 0644
 
+- name: Copy passwd files
+  template:
+    src: "etc/mosquitto/passwd.j2"
+    dest: "{{ mosquitto_passwd_file }}"
+    owner: root
+    group: root
+    mode: 0600
+
+- name: Hash passwd file
+  shell: "mosquitto_passwd -U {{ mosquitto_passwd_file }}"
+
 - name: Copy systemd unit files
   template:
     src: "etc/systemd/system/mosquitto.service.j2"
diff --git a/templates/etc/mosquitto/conf.d/local.conf.j2 b/templates/etc/mosquitto/conf.d/default.conf.j2
similarity index 87%
rename from templates/etc/mosquitto/conf.d/local.conf.j2
rename to templates/etc/mosquitto/conf.d/default.conf.j2
index 0c24d1c..cacdba6 100644
--- a/templates/etc/mosquitto/conf.d/local.conf.j2
+++ b/templates/etc/mosquitto/conf.d/default.conf.j2
@@ -16,4 +16,4 @@ log_timestamp true
 
 connection_messages true
 allow_anonymous false
-password_file /etc/mosquitto/passwd
+password_file {{ mosquitto_passwd_file }}
diff --git a/templates/etc/mosquitto/passwd.j2 b/templates/etc/mosquitto/passwd.j2
new file mode 100644
index 0000000..ae5fd06
--- /dev/null
+++ b/templates/etc/mosquitto/passwd.j2
@@ -0,0 +1,2 @@
+##{{ ansible_managed }}
+demo:test