diff --git a/templates/libvirtd.conf.erb b/templates/libvirtd.conf.erb
index 1ed9e3f..41e614b 100644
--- a/templates/libvirtd.conf.erb
+++ b/templates/libvirtd.conf.erb
@@ -19,12 +19,7 @@
 # using this capability.
 #
 # This is enabled by default, uncomment this to disable it
-#listen_tls = 0
-<% if @listen_tls == true -%>
-listen_tls = 1
-<% elsif @listen_tls == false -%>
-listen_tls = 0
-<% end -%>
+<% unless defined?(@listen_tls) %>#<% end %>listen_tls = <%= defined?(@listen_tls) && (@listen_tls ? '1' : '0') || '0' %>
 
 # Listen for unencrypted TCP connections on the public TCP/IP port.
 # NB, must pass the --listen flag to the libvirtd process for this to
@@ -35,39 +30,25 @@ listen_tls = 0
 # DIGEST_MD5 and GSSAPI (Kerberos5)
 #
 # This is disabled by default, uncomment this to enable it.
-#listen_tcp = 1
-<% if @listen_tcp == true -%>
-listen_tcp = 1
-<% elsif @listen_tcp == false -%>
-listen_tcp = 0
-<% end -%>
+<% unless defined?(@listen_tcp) %>#<% end %>listen_tcp = <%= defined?(@listen_tcp) && (@listen_tcp ? '1' : '0') || '1' %>
 
 
 
 # Override the port for accepting secure TLS connections
 # This can be a port number, or service name
 #
-#tls_port = "16514"
-<% if @tls_port -%>
-tls_port = "<%= @tls_port %>"
-<% end -%>
+<% unless @tls_port %>#<% end %>tls_port = "<%= @tls_port || '16514' %>"
 
 # Override the port for accepting insecure TCP connections
 # This can be a port number, or service name
 #
-#tcp_port = "16509"
-<% if @tcp_port -%>
-tcp_port = "<%= @tcp_port %>"
-<% end -%>
+<% unless @tcp_port %>#<% end %>tcp_port = "<%= @tcp_port || '16509' %>"
 
 
 # Override the default configuration which binds to all network
 # interfaces. This can be a numeric IPv4/6 address, or hostname
 #
-#listen_addr = "192.168.0.1"
-<% if @listen_addr -%>
-listen_addr = "<%= @listen_addr %>"
-<% end -%>
+<% unless @listen_addr %>#<% end %>listen_addr = "<%= @listen_addr || '192.168.0.1' %>"
 
 
 # Flag toggling mDNS advertizement of the libvirt service.
@@ -100,20 +81,14 @@ mdns_adv = 0
 # without becoming root.
 #
 # This is restricted to 'root' by default.
-#unix_sock_group = "libvirt"
-<% if @unix_sock_group -%>
-unix_sock_group = "<%= @unix_sock_group %>"
-<% end -%>
+<% unless @unix_sock_group %>#<% end %>unix_sock_group = "<%= @unix_sock_group || 'libvirt' %>"
 
 # Set the UNIX socket permissions for the R/O socket. This is used
 # for monitoring VM status only
 #
 # Default allows any user. If setting group ownership may want to
 # restrict this to:
-#unix_sock_ro_perms = "0777"
-<% if @unix_sock_ro_perms -%>
-unix_sock_ro_perms = "<%= @unix_sock_ro_perms %>"
-<% end -%>
+<% unless @unix_sock_ro_perms %>#<% end %>unix_sock_ro_perms = "<%= @unix_sock_ro_perms || '0777' %>"
 
 # Set the UNIX socket permissions for the R/W socket. This is used
 # for full management of VMs
@@ -123,16 +98,10 @@ unix_sock_ro_perms = "<%= @unix_sock_ro_perms %>"
 #
 # If not using PolicyKit and setting group ownership for access
 # control then you may want to relax this to:
-#unix_sock_rw_perms = "0770"
-<% if @unix_sock_rw_perms -%>
-unix_sock_rw_perms = "<%= @unix_sock_rw_perms %>"
-<% end -%>
+<% unless @unix_sock_rw_perms %>#<% end %>unix_sock_rw_perms = "<%= @unix_sock_rw_perms || '0770' %>"
 
 # Set the name of the directory in which sockets will be found/created.
-#unix_sock_dir = "/var/run/libvirt"
-<% if @unix_sock_dir -%>
-unix_sock_dir = "<%= @unix_sock_dir %>"
-<% end -%>
+<% unless @unix_sock_dir %>#<% end %>unix_sock_dir = "<%= @unix_sock_dir || '/var/run/libvirt' %>"
 
 #################################################################
 #
@@ -160,10 +129,7 @@ unix_sock_dir = "<%= @unix_sock_dir %>"
 #
 # To restrict monitoring of domains you may wish to enable
 # an authentication mechanism here
-#auth_unix_ro = "none"
-<%- if @auth_unix_ro -%>
-auth_unix_ro = "<%= @auth_unix_ro %>"
-<%- end -%>
+<% unless @auth_unix_ro %>#<% end %>auth_unix_ro = "<%= @auth_unix_ro || 'none' %>"
 
 # Set an authentication scheme for UNIX read-write sockets
 # By default socket permissions only allow root. If PolicyKit
@@ -172,10 +138,7 @@ auth_unix_ro = "<%= @auth_unix_ro %>"
 #
 # If the unix_sock_rw_perms are changed you may wish to enable
 # an authentication mechanism here
-#auth_unix_rw = "none"
-<%- if @auth_unix_rw -%>
-auth_unix_rw = "<%= @auth_unix_rw %>"
-<%- end -%>
+<% unless @auth_unix_rw %>#<% end %>auth_unix_rw = "<%= @auth_unix_rw || 'none' %>"
 
 # Change the authentication scheme for TCP sockets.
 #
@@ -183,10 +146,7 @@ auth_unix_rw = "<%= @auth_unix_rw %>"
 # Don't do this outside of a dev/test scenario. For real world
 # use, always enable SASL and use the GSSAPI or DIGEST-MD5
 # mechanism in /etc/sasl2/libvirt.conf
-#auth_tcp = "sasl"
-<% if @auth_tcp -%>
-auth_tcp = "<%= @auth_tcp %>"
-<% end -%>
+<% unless @auth_tcp %>#<% end %>auth_tcp = "<%= @auth_tcp || 'sasl' %>"
 
 # Change the authentication scheme for TLS sockets.
 #
@@ -195,10 +155,7 @@ auth_tcp = "<%= @auth_tcp %>"
 #
 # It is possible to make use of any SASL authentication
 # mechanism as well, by using 'sasl' for this option
-#auth_tls = "none"
-<% if @auth_tls -%>
-auth_tls = "<%= @auth_tls %>"
-<% end -%>
+<% unless @auth_tls %>#<% end %>auth_tls = "<%= @auth_tls || 'none' %>"