diff --git a/sks/manifests/init.pp b/sks/manifests/init.pp
new file mode 100644
index 0000000..a6f4878
--- /dev/null
+++ b/sks/manifests/init.pp
@@ -0,0 +1,95 @@
+# Install and configure SKS keyserver.
+#
+class sks($datadir=undef) {
+
+ case $::operatingsystem {
+ "ubuntu": {
+ $user = "debian-sks"
+ $group = "debian-sks"
+ $config = "/etc/sks/sksconf"
+ }
+ default: {
+ fail("sks not supported on ${::operatingsystem}")
+ }
+ }
+
+ package { "sks":
+ ensure => installed,
+ }
+
+ if $datadir {
+ file { $datadir:
+ ensure => directory,
+ mode => "0700",
+ owner => $user,
+ group => $group,
+ require => Package["sks"],
+ }
+ file { "/var/lib/sks":
+ ensure => link,
+ target => $datadir,
+ force => true,
+ require => File[$datadir],
+ }
+ } else {
+ file { "/var/lib/sks":
+ ensure => directory,
+ mode => "0700",
+ owner => $user,
+ group => $group,
+ require => Package["sks"],
+ }
+ }
+
+ exec { "sks build":
+ path => "/bin:/usr/bin:/sbin:/usr/sbin",
+ user => $user,
+ creates => "/var/lib/sks/DB",
+ require => File["/var/lib/sks"],
+ before => Service["sks"],
+ }
+
+ file { $config:
+ ensure => present,
+ mode => "0644",
+ owner => "root",
+ group => "root",
+ content => template("sks/sksconf.erb"),
+ require => Package["sks"],
+ notify => Service["sks"],
+ }
+
+ case $::operatingsystem {
+ "debian","ubuntu": {
+ augeas { "enable-sks":
+ context => "/files/etc/default/sks",
+ changes => "set initstart yes",
+ require => Package["sks"],
+ notify => Service["sks"],
+ }
+ }
+ }
+
+ file { "/var/lib/sks/www":
+ ensure => directory,
+ mode => "0700",
+ owner => $user,
+ group => $group,
+ }
+
+ file { "/var/lib/sks/www/index.html":
+ ensure => present,
+ mode => "0600",
+ owner => $user,
+ group => $group,
+ content => template("sks/index.html.erb"),
+ before => Service["sks"],
+ }
+
+ service { "sks":
+ ensure => running,
+ enable => true,
+ status => "pgrep -f /usr/sbin/sks",
+ }
+
+}
diff --git a/sks/templates/index.html.erb b/sks/templates/index.html.erb
new file mode 100644
index 0000000..b42c84a
--- /dev/null
+++ b/sks/templates/index.html.erb
@@ -0,0 +1,40 @@
+
+
+
+SKS Search Page
+
+
+
+SKS OpenPGP Keyserver
+Extract a key
+You can extract a key by typing in some words that appear in the userid
+of the key you're looking for, or by typing in the keyid in hex format ("0x...")
+
+
+
+Submit a key
+You can submit a key by simply pasting in the ASCII-armored version
+of your key and clicking on submit.
+
+
+
diff --git a/sks/templates/sksconf.erb b/sks/templates/sksconf.erb
new file mode 100644
index 0000000..9861d23
--- /dev/null
+++ b/sks/templates/sksconf.erb
@@ -0,0 +1,32 @@
+# /etc/sks/sksconf
+#
+# The configuration file for your SKS server.
+# You can find more options in sks(8) manpage.
+
+# Set server hostname
+hostname: <%= @fqdn %>
+
+# Set recon binding address
+recon_address: <%= @ipaddress %>
+
+# Set recon port number
+#recon_port: 11370
+
+# Set hkp binding address
+hkp_address: <%= @ipaddress %>
+
+# Set hkp port number
+#hkp_port: 11371
+
+# Have the HKP interface listen on port 80, as well as the hkp_port
+#use_port_80:
+
+# From address used in synchronization emails used to communicate with PKS
+#from_addr: "PGP Key Server Administrator "
+
+# Command used for sending mail (you can use -f option to specify the
+# envelope sender address, if your MTA trusts the sks user)
+#sendmail_cmd: /usr/lib/sendmail -t -oi
+
+# Runs database statistics calculation on boot (time and cpu expensive)
+#initial_stat: