diff --git a/.fixtures.yml b/.fixtures.yml
index fda4720..da33c25 100644
--- a/.fixtures.yml
+++ b/.fixtures.yml
@@ -2,3 +2,4 @@ fixtures:
   repositories:
     augeas_core: 'https://github.com/puppetlabs/puppetlabs-augeas_core'
     stdlib: 'https://github.com/puppetlabs/puppetlabs-stdlib'
+    systemd: 'https://github.com/camptocamp/puppet-systemd'
diff --git a/data/Debian.yaml b/data/Debian.yaml
index fe4556e..e783168 100644
--- a/data/Debian.yaml
+++ b/data/Debian.yaml
@@ -5,3 +5,5 @@ tftp::service: tftpd-hpa
 tftp::syslinux_package:
 - syslinux-common
 - pxelinux
+tftp::username: 'tftp'
+tftp::options: '--secure'
diff --git a/manifests/config.pp b/manifests/config.pp
index d42c14a..4fd38be 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -5,10 +5,28 @@
     ensure_resource('file', $tftp::root, { 'ensure' => 'directory' })
   }
 
-  if $facts['os']['family'] =~ /^(FreeBSD|DragonFly)$/ {
-    augeas { 'set root directory':
-      context => '/files/etc/rc.conf',
-      changes => "set tftpd_flags '\"-s ${tftp::root}\"'",
+  case $facts['os']['family'] {
+    'FreeBSD', 'DragonFly': {
+      augeas { 'set root directory':
+        context => '/files/etc/rc.conf',
+        changes => "set tftpd_flags '\"-s ${tftp::root}\"'",
+      }
     }
+    'Debian': {
+      file { '/etc/default/tftpd-hpa':
+        ensure  => file,
+        owner   => 'root',
+        group   => 'root',
+        mode    => '0644',
+        content => template('tftp/tftpd-hpa.erb'),
+      }
+    }
+    'RedHat': {
+      systemd::dropin_file { 'root-directory.conf':
+        unit    => 'tftp.service',
+        content => epp('tftp/tftp.service-override.epp'),
+      }
+    }
+    default: {}
   }
 }
diff --git a/manifests/init.pp b/manifests/init.pp
index cb463cb..a17410c 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -20,6 +20,10 @@
 # @param manage_root_dir manages the root dir, which tftpd will serve, defaults to true
 # @param service Name of the TFTP service, when daemon is true
 # @param service_provider Override TFTP service provider, when daemon is true
+# @param username Configures the daemon user
+# @param port Configures the Listen Port
+# @param address Configures the Listen Address, if empty it will listen on IPv4 and IPv6 (only on tftpd-hpa)
+# @param options Configures daemon options
 class tftp (
   Stdlib::Absolutepath $root,
   String $package,
@@ -28,6 +32,10 @@
   Boolean $manage_root_dir,
   Optional[String] $service = undef,
   Optional[String] $service_provider = undef,
+  String $username = 'root',
+  Stdlib::Port $port = 69,
+  Optional[Stdlib::IP::Address] $address = undef,
+  Optional[String] $options = undef,
 ) {
   contain tftp::install
   contain tftp::config
diff --git a/spec/acceptance/tftp_port_spec.rb b/spec/acceptance/tftp_port_spec.rb
new file mode 100644
index 0000000..a7316c4
--- /dev/null
+++ b/spec/acceptance/tftp_port_spec.rb
@@ -0,0 +1,53 @@
+require 'spec_helper_acceptance'
+
+describe 'tftp with default parameters' do
+  it_behaves_like 'an idempotent resource' do
+    let(:manifest) do
+      <<-EOS
+      class { 'tftp':
+        port => 1234,
+      }
+
+      file { "${tftp::root}/test":
+        ensure  => file,
+        content => 'running on a different port',
+      }
+      EOS
+    end
+  end
+
+  service_name = case fact('osfamily')
+                 when 'Archlinux'
+                   'tftpd.socket'
+                 when 'RedHat'
+                   'tftp.socket'
+                 when 'Debian'
+                   'tftpd-hpa'
+                 end
+
+  describe service(service_name) do
+    it { is_expected.to be_enabled }
+    it { is_expected.to be_running }
+  end
+
+  describe port(69), unless: service_name.end_with?('.socket') do
+    it { is_expected.not_to be_listening }
+  end
+
+  describe port(1234), unless: service_name.end_with?('.socket') do
+    it { is_expected.to be_listening.with('udp') }
+  end
+
+  describe 'ensure tftp client is installed' do
+    on hosts, puppet('resource', 'package', 'tftp', 'ensure=installed')
+  end
+
+  describe command("echo get /test /tmp/downloaded_file | tftp #{fact('fqdn')} 1234") do
+    its(:exit_status) { should eq 0 }
+  end
+
+  describe file('/tmp/downloaded_file') do
+    it { should be_file }
+    its(:content) { should eq 'running on a different port' }
+  end
+end
diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
index 7a2bdea..dccc7d1 100644
--- a/spec/classes/init_spec.rb
+++ b/spec/classes/init_spec.rb
@@ -49,6 +49,11 @@
             .with_alias('tftpd')
             .that_subscribes_to('Class[Tftp::Config]')
         end
+
+        it 'should contain the service override' do
+          should contain_systemd__dropin_file('root-directory.conf')
+            .with_content(%r{^ExecStart=/usr/sbin/in\.tftp -s /var/lib/tftpboot$})
+        end
       when 'FreeBSD'
         it 'should contain the service' do
           should contain_service('tftpd')
diff --git a/templates/tftp.service-override.epp b/templates/tftp.service-override.epp
new file mode 100644
index 0000000..493ad6e
--- /dev/null
+++ b/templates/tftp.service-override.epp
@@ -0,0 +1,3 @@
+[Service]
+ExecStart=
+ExecStart=/usr/sbin/in.tftp -s <%= $tftp::root %>
diff --git a/templates/tftpd-hpa.erb b/templates/tftpd-hpa.erb
new file mode 100644
index 0000000..d293da7
--- /dev/null
+++ b/templates/tftpd-hpa.erb
@@ -0,0 +1,6 @@
+# /etc/default/tftpd-hpa
+
+TFTP_USERNAME="<%= scope['tftp::username'] %>"
+TFTP_DIRECTORY="<%= scope['tftp::root'] %>"
+TFTP_ADDRESS="<%= scope['tftp::address'] %>:<%= scope['tftp::port'] %>"
+TFTP_OPTIONS="<%= scope['tftp::options'] %>"