diff --git a/vault/defaults.yaml b/vault/defaults.yaml
index 6c2eb34..6b803af 100644
--- a/vault/defaults.yaml
+++ b/vault/defaults.yaml
@@ -17,7 +17,8 @@ vault:
     tls_key_file: ''
     default_lease_ttl: 24h
     max_lease_ttl: 24h
-    self_signed_cert:
-      enabled: false
     backend: {}
     dev_mode: false
+  
+  self_signed_cert:
+    enabled: false
diff --git a/vault/files/config.hcl b/vault/files/config.hcl
index 94c0058..1a9437d 100644
--- a/vault/files/config.hcl
+++ b/vault/files/config.hcl
@@ -3,14 +3,14 @@
 listener "{{ vault.config.listen_protocol }}" {
   address = "{{ vault.config.listen_address }}:{{ vault.config.listen_port }}"
   tls_disable = {{ vault.config.tls_disable }}
-{%- if vault.config.self_signed_cert.enabled %}
-  tls_cert_file = "/etc/vault/{{ vault.config.self_signed_cert.hostname }}.pem"
-  tls_key_file = "/etc/vault/{{ vault.config.self_signed_cert.hostname }}-nopass.key"
+{%- if vault.self_signed_cert.enabled %}
+  tls_cert_file = "/etc/vault/{{ vault.self_signed_cert.hostname }}.pem"
+  tls_key_file = "/etc/vault/{{ vault.self_signed_cert.hostname }}-nopass.key"
 {% else -%}
-{%- if vault.tls_cert_file %}
+{%- if vault.config.tls_cert_file %}
   tls_cert_file = "{{ vault.config.tls_cert_file }}"
 {% endif -%}
-{%- if vault.tls_key_file %}
+{%- if vault.config.tls_key_file %}
   tls_key_file = "{{ vault.config.tls_key_file }}"
 {% endif -%}
 {% endif %}
diff --git a/vault/files/vault.service b/vault/files/vault.service
index 9ee2c15..2a6c59c 100644
--- a/vault/files/vault.service
+++ b/vault/files/vault.service
@@ -1,14 +1,14 @@
-{%- from "vault/map.jinja" import vault with context -%}
+{%- from slspath + '/map.jinja' import vault with context -%}
 [Unit]
 Description=vault server
 Requires=network-online.target
-After=network-online.target{% if vault.storage and vault.storage.type == "consul" %} consul.service{% endif %}
+After=network-online.target{% if vault.config.storage and vault.config.storage.type == "consul" %} consul.service{% endif %}
 
 [Service]
 EnvironmentFile=-/etc/sysconfig/vault
-User={{ vault.user }}
-Group={{ vault.group }}
-ExecStart=/usr/local/bin/vault server {% if vault.dev_mode %}-dev{% else %}-config="/etc/vault.d/config.hcl"{% endif %}
+User={{ user }}
+Group={{ group }}
+ExecStart=/usr/local/bin/vault server {% if vault.config.dev_mode %}-dev{% else %}-config="/etc/vault.d/config.hcl"{% endif %}
 ExecReload=/bin/kill -signal HUP $MAINPID
 ExecStop=/usr/local/bin/vault operator step-down
 Restart=on-failure
diff --git a/vault/files/vault.sysvinit b/vault/files/vault.sysvinit
index f2ae5f4..1b4091c 100644
--- a/vault/files/vault.sysvinit
+++ b/vault/files/vault.sysvinit
@@ -5,7 +5,7 @@
 # chkconfig:   2345 95 95
 # description: Vault is a tool for service discovery and configuration
 # processname: vault
-# config: /etc/vault.conf
+# config: /etc/vault.d/config.hcl
 # pidfile: /var/run/vault.pid
 
 ### BEGIN INIT INFO
diff --git a/vault/files/vault.upstart b/vault/files/vault.upstart
index 0feb2f5..ff1a6e5 100644
--- a/vault/files/vault.upstart
+++ b/vault/files/vault.upstart
@@ -1,4 +1,4 @@
-{%- from "vault/map.jinja" import vault with context -%}
+{%- from slspath + '/map.jinja' import vault with context -%}
 description "Vault server"
 
 start on (runlevel [345] and started network)
@@ -15,10 +15,10 @@ script
   export GOMAXPROCS=`nproc`
 
   exec /usr/local/bin/vault server \
-{%- if vault.dev_mode %}
+{%- if vault.config.dev_mode %}
     -dev \
 {% else %}
-    -config="/etc/vault/config/server.hcl" \
+    -config="/etc/vault.d/config.hcl" \
 {% endif -%}
     >>/var/log/vault.log 2>&1
 end script