diff --git a/manifests/config.pp b/manifests/config.pp
index 2f447dc..dc6ff27 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -69,13 +69,19 @@ class nginx::config(
   $vhost_purge                    = $nginx::params::nx_vhost_purge,
   $worker_connections             = $nginx::params::nx_worker_connections,
   $worker_processes               = $nginx::params::nx_worker_processes,
-  $worker_rlimit_nofile           = $nginx::params::nx_worker_rlimit_nofile
+  $worker_rlimit_nofile           = $nginx::params::nx_worker_rlimit_nofile,
+  $global_owner                   = $nginx::params::global_owner,
+  $global_group                   = $nginx::params::global_group,
+  $global_mode                    = $nginx::params::global_mode,
+  $sites_available_owner          = $nginx::params::sites_available_owner,
+  $sites_available_group          = $nginx::params::sites_available_group,
+  $sites_available_mode           = $nginx::params::sites_available_mode,
 ) inherits nginx::params {
 
   File {
-    owner => 'root',
-    group => 'root',
-    mode  => '0644',
+    owner => $global_owner,
+    group => $global_group,
+    mode  => $global_mode,
   }
 
   file { $conf_dir:
@@ -125,6 +131,9 @@ class nginx::config(
   }
 
   file { "${conf_dir}/sites-available":
+    owner  => $sites_available_owner,
+    group  => $sites_available_group,
+    mode   => $sites_available_mode,
     ensure => directory,
   }
 
diff --git a/manifests/init.pp b/manifests/init.pp
index 028c33b..2e3a43d 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -96,6 +96,12 @@ class nginx (
   $worker_connections             = $nginx::params::nx_worker_connections,
   $worker_processes               = $nginx::params::nx_worker_processes,
   $worker_rlimit_nofile           = $nginx::params::nx_worker_rlimit_nofile,
+  $global_owner                   = $nginx::params::nx_global_owner,
+  $global_group                   = $nginx::params::nx_global_group,
+  $global_mode                    = $nginx::params::nx_global_mode,
+  $sites_available_owner          = $nginx::params::nx_sites_available_owner,
+  $sites_available_group          = $nginx::params::nx_sites_available_group,
+  $sites_available_mode           = $nginx::params::nx_sites_available_mode,
   $geo_mappings                   = {},
   $string_mappings                = {},
 ) inherits nginx::params {
@@ -245,6 +251,12 @@ class nginx (
     worker_connections             => $worker_connections,
     worker_processes               => $worker_processes,
     worker_rlimit_nofile           => $worker_rlimit_nofile,
+    global_owner                   => $global_owner,
+    global_group                   => $global_group,
+    global_mode                    => $global_mode,
+    sites_available_owner          => $sites_available_owner,
+    sites_available_group          => $sites_available_group,
+    sites_available_mode           => $sites_available_mode,
     require                        => Class['nginx::package'],
     notify                         => Class['nginx::service'],
   }
diff --git a/manifests/params.pp b/manifests/params.pp
index 14e9744..9294498 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -140,4 +140,14 @@ class nginx::params {
   $package_ensure = 'present'
   $package_source = 'nginx'
   $manage_repo    = true
+
+  # Specific owner for sites-available directory
+  $sites_available_owner = 'root'
+  $sites_available_group = 'root'
+  $sites_available_mode  = '0644'
+
+  # Owner for all other files
+  $global_owner = 'root'
+  $global_group = 'root'
+  $global_mode  = '0644'
 }
diff --git a/manifests/resource/vhost.pp b/manifests/resource/vhost.pp
index 6e86260..1cceb44 100644
--- a/manifests/resource/vhost.pp
+++ b/manifests/resource/vhost.pp
@@ -130,6 +130,9 @@
 #     specified by <path-to-lua-script-file> contains the Lua code, or, as from
 #     the v0.5.0rc32 release, the Lua/LuaJIT bytecode to be executed.
 #   [*gzip_types*]              - Defines gzip_types, nginx default is text/html
+#   [*owner*]                   - Defines owner of the .conf file
+#   [*group*]                   - Defines group of the .conf file
+#   [*mode*]                    - Defines mode of the .conf file
 # Actions:
 #
 # Requires:
@@ -222,6 +225,9 @@ define nginx::resource::vhost (
   $string_mappings        = {},
   $geo_mappings           = {},
   $gzip_types             = undef,
+  $owner                  = $nginx::config::global_owner,
+  $group                  = $nginx::config::global_group,
+  $mode                   = $nginx::config::global_mode,
 ) {
 
   validate_re($ensure, '^(present|absent)$',
@@ -401,6 +407,11 @@ define nginx::resource::vhost (
   validate_hash($string_mappings)
   validate_hash($geo_mappings)
 
+  validate_string($owner)
+  validate_string($group)
+  validate_re($mode, '^\d{4}$',
+    "${mode} is not valid. It should be 4 digits (0644 by default).")
+
   # Variables
   $vhost_dir = "${nginx::config::conf_dir}/sites-available"
   $vhost_enable_dir = "${nginx::config::conf_dir}/sites-enabled"
@@ -418,9 +429,9 @@ define nginx::resource::vhost (
       default  => 'file',
     },
     notify => Class['nginx::service'],
-    owner  => 'root',
-    group  => 'root',
-    mode   => '0644',
+    owner  => $owner,
+    group  => $group,
+    mode   => $mode,
   }
 
   # Add IPv6 Logic Check - Nginx service will not start if ipv6 is enabled
@@ -456,9 +467,9 @@ define nginx::resource::vhost (
   }
 
   concat { $config_file:
-    owner  => 'root',
-    group  => 'root',
-    mode   => '0644',
+    owner  => $owner,
+    group  => $group,
+    mode   => $mode,
     notify => Class['nginx::service'],
   }