diff --git a/pillar/credentials/vault.sls b/pillar/credentials/vault.sls
--- a/pillar/credentials/vault.sls
+++ b/pillar/credentials/vault.sls
@@ -115,6 +115,9 @@
     - ops/secrets/nasqueron/airflow/sentry
     - ops/secrets/dbserver/cluster-A/users/airflow
 
+    - ops/secrets/nasqueron/etherpad/mysql
+    - ops/secrets/nasqueron/etherpad/users/dereckson
+
     - ops/secrets/nasqueron/penpot/github
     - ops/secrets/nasqueron/penpot/postgresql
     - ops/secrets/nasqueron/penpot/secret_key
diff --git a/pillar/paas/docker/docker-002/etherpad.sls b/pillar/paas/docker/docker-002/etherpad.sls
new file mode 100644
--- /dev/null
+++ b/pillar/paas/docker/docker-002/etherpad.sls
@@ -0,0 +1,41 @@
+#   -------------------------------------------------------------
+#   Salt — Provision Docker engine
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+#   Project:        Nasqueron
+#   License:        Trivial work, not eligible to copyright
+#   -------------------------------------------------------------
+
+docker_images:
+  - nasqueron/etherpad:production
+
+docker_containers:
+  etherpad:
+    pad:
+      app_port: 34080
+      host: pad.nasqueron.org
+      aliases:
+        - pad.wolfplex.org
+        - pad.wolfplex.be
+      credential: nasqueron.etherpad.api
+      mysql_link: acquisitariat
+
+etherpad_settings:
+  pad:
+    title: Nasqueron pad
+    defaultPadText: |
+      Welcome to this Etherpad instance.
+
+      This pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents.
+
+      Warning: the pad URL is public, it will be listed at http://www.wolfplex.be/pad/ and also available through a public API call to http://api.wolfplex.be/pads/
+    favicon: "https://www.wolfplex.org/favicon.ico"
+
+    mysql:
+      host: mysql
+      credential: nasqueron/etherpad/mysql
+      database: etherpad
+
+    users:
+      dereckson:
+        credential: nasqueron/etherpad/users/dereckson
+        is_admin: True
diff --git a/pillar/paas/docker/docker-002/main.sls b/pillar/paas/docker/docker-002/main.sls
--- a/pillar/paas/docker/docker-002/main.sls
+++ b/pillar/paas/docker/docker-002/main.sls
@@ -42,7 +42,6 @@
   # Infrastructure and development services
   - nasqueron/aphlict
   - nasqueron/cachet
-  - nasqueron/etherpad:production
   - nasqueron/notifications
   - nasqueron/phabricator
   - ghcr.io/hound-search/hound
@@ -223,16 +222,6 @@
   # Community and development services
   #
 
-  etherpad:
-    pad:
-      app_port: 34080
-      host: pad.nasqueron.org
-      aliases:
-        - pad.wolfplex.org
-        - pad.wolfplex.be
-      credential: nasqueron.etherpad.api
-      mysql_link: acquisitariat
-
   # Hauk
   hauk:
     hauk:
diff --git a/roles/paas-docker/containers/etherpad.sls b/roles/paas-docker/containers/etherpad.sls
--- a/roles/paas-docker/containers/etherpad.sls
+++ b/roles/paas-docker/containers/etherpad.sls
@@ -30,6 +30,31 @@
     - name: /srv/{{ instance }}
 {% endif %}
 
+#   -------------------------------------------------------------
+#   Configuration file
+#   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+{% set settings = pillar["etherpad_settings"][instance] %}
+
+/srv/{{ instance }}/var/settings.json:
+  file.managed:
+    - source: salt://roles/paas-docker/containers/files/etherpad/settings.json.jinja
+    - mode: 400
+    - user: 9001
+    - show_changes: False
+    - template: jinja
+    - context:
+        settings: {{ settings }}
+        mysql:
+          user: {{ salt["credentials.get_username"](settings["mysql"]["credential"]) }}
+          password: {{ salt["credentials.get_password"](settings["mysql"]["credential"]) }}
+        users:
+          {% for user, user_args in settings.get("users", {}).items() %}
+          {{ user }}:
+            password: {{ salt["credentials.get_password"](user_args["credential"]) }}
+            is_admin: {{ user_args["is_admin"] }}
+          {% endfor %}
+
 #   -------------------------------------------------------------
 #   Container
 #   - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
diff --git a/roles/paas-docker/containers/files/etherpad/settings.json.jinja b/roles/paas-docker/containers/files/etherpad/settings.json.jinja
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/containers/files/etherpad/settings.json.jinja
@@ -0,0 +1,25 @@
+{
+  "title": "{{ settings.title }}",
+  "defaultPadText": {{ settings.defaultPadText | json }},
+  "favicon": "{{ settings.favicon }}",
+  "ip": "0.0.0.0",
+  "port": 9001,
+  "trustProxy": true,
+  "dbType": "mysql",
+  "dbSettings": {
+    "user": "{{ mysql.user }}",
+    "host": "{{ settings.mysql.host }}",
+    "password": "{{ mysql.password }}",
+    "database": "{{ settings.mysql.database }}"
+  },
+  "minify": true,
+  "maxAge" : 99999999,
+  "requireSession" : false,
+  "editOnly" : false,
+  "requireAuthentication": false,
+  "requireAuthorization": false,
+  "users": {{ users | json }},
+  "skinName": "colibris",
+  "skinVariants": "dark-toolbar super-dark-background super-dark-editor full-width-editor",
+  "abiword": "/usr/bin/abiword"
+}