diff --git a/manifests/init.pp b/manifests/init.pp
index 2a1ad33..afe3c09 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -6,19 +6,169 @@
 #   present or absent. Default: present
 #
 # [*dhcp4_conf*]
-#   Hash with the DHCP 4 service configuration.
+#   Hash with the DHCP 4 service configuration. Sample content:
+# Dhcp4:
+#   interfaces-config:
+#     interfaces:
+#       - eth0
+#   control-socket:
+#     socket-type: "unix"
+#     socket-name: "/run/kea/kea4-ctrl-socket"
+#   lease-database:
+#     type: memfile
+#     lfc-interval: 3600
+#   expired-leases-processing:
+#     reclaim-timer-wait-time: 10
+#     flush-reclaimed-timer-wait-time: 25
+#     hold-reclaimed-time: 3600
+#     max-reclaim-leases: 100
+#     max-reclaim-time: 250
+#     unwarned-reclaim-cycles: 5
+#   renew-timer: 900
+#   rebind-timer: 1800
+#   valid-lifetime: 3600
+#   option-data:
+#     - name: domain-name-servers
+#       data: "192.168.1.1, 192.168.1.2"
+#     - name: "domain-search"
+#       data: "example.com, example.org
+#   client-classes: []
+#   subnet4:
+#     - subnet": "192.168.1.0/24"
+#       pools:
+#         - pool: "192.168.1.100 - 192.168.1.200"
+#       option-data:
+#         - name: "routers"
+#           data: "192.168.1.1, 192.168.1.2"
+#       reservations:
+#         - hw-address: "1a:1b:1c:1d:1e:1f"
+#           ip-address: "192.168.1.201"
+#           hostname: "special-snowflake"
+#   loggers:
+#     - name: kea-dhcp4
+#       output_options:
+#         - output: "stdout"
+#           pattern: "%-5p %m\\n"
+#       severity: "INFO"
+#       debuglevel: 0
+#   hooks-libraries:
+#     - library: /usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so
+#       parameters: {}
+#     - library: /usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_ha.so
+#       parameters:
+#         high-availability:
+#           this-server-name: server1
+#           trust-anchor: /etc/letsencrypt/live/server1/chain.pem
+#           cert-file: /etc/letsencrypt/live/server1/cert.pem
+#           key-file: /etc/letsencrypt/live/server1/privkey.pem
+#           mode: hot-standby
+#           heartbeat-delay: 10000
+#           max-response-delay: 60000
+#           max-ack-delay: 5000
+#           max-unacked-clients: 5
+#           peers:
+#             - name: "server1"
+#               url: "http://192.168.1.1:8000/"
+#               role: "primary"
+#               auto-failover: true
+#             - name: "server2"
+#               url: "http://192.168.1.2:8000/"
+#               role: "standby"
+#               auto-failover: true
 #
 # [*dhcp6_conf*]
-#   Hash with the DHCP 4 service configuration.
+#   Hash with the DHCP 4 service configuration. Sample content:
+# Dhcp6:
+#   interfaces-config:
+#     interfaces:
+#       - eth0
+#   control-socket:
+#     socket-type: "unix"
+#     socket-name: "/run/kea/kea4-ctrl-socket"
+#   lease-database:
+#     type: memfile
+#     lfc-interval: 3600
+#   expired-leases-processing:
+#     reclaim-timer-wait-time: 10
+#     flush-reclaimed-timer-wait-time: 25
+#     hold-reclaimed-time: 3600
+#     max-reclaim-leases: 100
+#     max-reclaim-time: 250
+#     unwarned-reclaim-cycles: 5
+#   renew-timer: 900
+#   rebind-timer: 1800
+#   valid-lifetime: 3600
+#   option-data:
+#     - name: domain-name-servers
+#       data: "fd12:3456:789a:1::1, fd12:3456:789a:1::2"
+#     - name: "domain-search"
+#       data: "example.com, example.org"
+#   client-classes: []
+#   subnet6:
+#     - subnet": "fd12:3456:789a:1::0/64"
+#       pools:
+#         - pool: "fd12:3456:789a:1::0/64"
+#       option-data: []
+#       reservations:
+#         - hw-address: "1a:1b:1c:1d:1e:1f"
+#           ip-address: "192.168.1.201"
+#           hostname: "special-snowflake"
+#   loggers:
+#     - name: kea-dhcp4
+#       output_options:
+#         - output: "stdout"
+#           pattern: "%-5p %m\\n"
+#       severity: "INFO"
+#       debuglevel: 0
 #
 # [*ddns_conf*]
-#   Hash with the Dynamic DNS configuration.
+#   Hash with the Dynamic DNS configuration. Sample content:
+# DhcpDdns:
+#     ip-address: "127.0.0.1"
+#     port: 53001
+#     control-socket:
+#         socket-type: "unix"
+#         socket-name: "/run/kea/kea-ddns-ctrl-socket"
+#     tsig-keys: []
+#     forward-ddns : {}
+#     reverse-ddns : {}
+#     loggers:
+#       - name: "kea-dhcp-ddns"
+#         output_options: 
+#           - output: stdout
+#             pattern: "%-5p %m\\n"
+#     severity: INFO
+#     debuglevel: 0
 #
 # [*ctrl_agent_conf*]
-#   Hash with the Control Agent configuration.
+#   Hash with the Control Agent configuration. Sample content:
+# Control-agent:
+#     http-host: "127.0.0.1"
+#     http-port: 8000
+#     authentication:
+#       type: "basic"
+#       realm: "Kea Control Agent"
+#       directory: "/etc/kea"
+#       clients:
+#         - user: "kea-api"
+#         - password-file: "kea-api-password"
+#     control-sockets:
+#       dhcp4:
+#         socket-type": "unix"
+#         socket-name": "/run/kea/kea4-ctrl-socket"
+#       dhcp6:
+#         socket-type: "unix"
+#         socket-name: "/run/kea/kea6-ctrl-socket"
+#       d2:
+#         socket-type: "unix"
+#         socket-name: "/run/kea/kea-ddns-ctrl-socket"
 #
 # [*api_password*]
-#   (Sensitive) String API password.
+#   (Sensitive) String API password. So in your hiera data add the
+# variable kea::api_password as an encrypted value and:
+# lookup_options:
+#   kea::api_password:
+#     convert_to: "Sensitive"
 #
 class kea (
   String $ensure = 'present',
@@ -80,7 +230,13 @@ class kea (
     require => Package['kea'],
     notify  => Service['kea'],
   }
-  service { 'kea':
+  $services = [
+    'kea-ctrl-agent.service',
+    'kea-dhcp-ddns-server.service',
+    'kea-dhcp4-server.service',
+    'kea-dhcp6-server.service',
+  ]
+  service { $services:
     ensure  => $service_ensure,
     require => Package['kea'],
   }