diff --git a/README.md b/README.md
index 2a499f98..94e3048f 100644
--- a/README.md
+++ b/README.md
@@ -35,6 +35,7 @@ Below is the list of variables you can redefine in your playbook to customize st
 | **st2**
 | `st2_version`            | `latest`      | StackStorm version to install. Use latest `latest` to get automatic updates or pin it to numeric version like `2.2.0`.
 | `st2_revision`           | `1`           | StackStorm revision to install. Used only with pinned `st2_version`.
+| `st2_config`             | `{}`          | Hash with StackStorm configuration settings to set in [`st2.conf`](https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample) ini file.
 | `st2_system_user`        | `stanley`     | System user from which st2 will execute local/remote shell actions.
 | `st2_system_user_in_sudoers` | `yes`| Add `st2_system_user` to the sudoers (recommended for most `st2` features to work).
 | `st2_ssh_key_file`       | `/home/{{st2_system_user}}/.ssh/{{st2_system_user}}_rsa` | Path to `st2_system_user` SSH private key. It will be autogenerated by default.
@@ -44,9 +45,10 @@ Below is the list of variables you can redefine in your playbook to customize st
 | `st2_save_credentials`   | `yes`         | Save credentials for local CLI in `/root/.st2/config` file.
 | **st2mistral**
 | `st2mistral_version`     | `latest`      | st2mistral version to install. Use latest `latest` to get automatic updates or pin it to numeric version like `2.2.0`.
-| `st2mistral_db`          | `mistral`     | PostgreSQL DB name for Mistral.
-| `st2mistral_db_username` | `mistral`     | PostgreSQL DB user for Mistral.
+| `st2mistral_db`          | `mistral`     | PostgreSQL DB name that will be created for Mistral.
+| `st2mistral_db_username` | `mistral`     | PostgreSQL DB user that will be created for Mistral.
 | `st2mistral_db_password` | `StackStorm`  | PostgreSQL DB password for Mistral.
+| `st2mistral_config`      | `{}`          | Hash with configuration settings to set in [`mistral.conf`](https://github.com/StackStorm/st2-packages/blob/master/packages/st2mistral/conf/mistral.conf) ini file.
 | **st2web**
 | `st2web_ssl_certificate`     | `null` | String with custom SSL certificate (`.crt`). If not provided, self-signed certificate will be generated.
 | `st2web_ssl_certificate_key` | `null` | String with custom SSL certificate secret key (`.key`). If not provided, self-signed certificate will be generated.
diff --git a/Vagrantfile b/Vagrantfile
index 619ec828..934dc014 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -51,6 +51,7 @@ Vagrant.configure(2) do |config|
 
       vm_config.vm.provision :ansible_local do |ansible|
         ansible.install = true
+        ansible.verbose = true
         ansible.playbook = "stackstorm.yml"
       end
     end
diff --git a/roles/st2/defaults/main.yml b/roles/st2/defaults/main.yml
index 3235da11..f28f7381 100644
--- a/roles/st2/defaults/main.yml
+++ b/roles/st2/defaults/main.yml
@@ -4,6 +4,21 @@ st2_version: latest
 # used only if 'st2_version' is numeric
 st2_revision: 1
 
+# Hash with StackStorm configuration settings to set in 'st2.conf' ini file
+# See https://github.com/StackStorm/st2/blob/master/conf/st2.conf.sample for a full list
+st2_config: {}
+# Example:
+#st2_config:
+#  auth:
+#    debug: True
+#    enable: True
+#  database:
+#    username: st2
+#    db_name: st2
+#    password: random-password123
+#  messaging:
+#    url: amqp://st2:st2@127.0.0.1:5672//
+
 # System user from which st2 will execute local/remote shell actions
 st2_system_user: stanley
 # Add `st2_system_user` to the sudoers (recommended for most `st2` features to work)
diff --git a/roles/st2/tasks/config.yml b/roles/st2/tasks/config.yml
new file mode 100644
index 00000000..f5643dd3
--- /dev/null
+++ b/roles/st2/tasks/config.yml
@@ -0,0 +1,14 @@
+---
+- name: Change '[{{ _conf_section_name }}]' options in st2.conf
+  become: yes
+  ini_file:
+    dest: /etc/st2/st2.conf
+    section: "{{ _conf_section_name }}"
+    option: "{{ _conf_option.key }}"
+    value: "{{ _conf_option.value }}"
+  with_dict: "{{ _conf_options }}"
+  loop_control:
+    loop_var: _conf_option
+  notify:
+    - restart st2
+  tags: st2, config
diff --git a/roles/st2/tasks/main.yml b/roles/st2/tasks/main.yml
index cb054a29..928f49ad 100644
--- a/roles/st2/tasks/main.yml
+++ b/roles/st2/tasks/main.yml
@@ -35,9 +35,17 @@
 
 - name: Configure StackStorm authentication
   include: auth.yml
-  when: st2_auth_enable
+  when: "{{ st2_config.auth.enable|default(st2_auth_enable) if st2_config.auth is defined else st2_auth_enable }}"
   tags: st2, auth
 
+- name: Configure StackStorm st2.conf settings
+  # Ansible nested loop to iterate through a hash of hashes
+  include: config.yml _conf_section_name={{ _conf_section.key }} _conf_options={{ _conf_section.value }}
+  with_dict: "{{ st2_config }}"
+  loop_control:
+    loop_var: _conf_section
+  tags: st2, config
+
 - name: Ensure StackStorm services are enabled and running
   become: yes
   service:
diff --git a/roles/st2mistral/defaults/main.yml b/roles/st2mistral/defaults/main.yml
index 78523c18..04ac87d4 100644
--- a/roles/st2mistral/defaults/main.yml
+++ b/roles/st2mistral/defaults/main.yml
@@ -6,3 +6,13 @@ st2mistral_db: mistral
 st2mistral_db_username: mistral
 # PostgreSQL DB password for Mistral.
 st2mistral_db_password: StackStorm
+
+# Hash with configuration settings to set in `mistral.conf` ini file.
+# See: https://github.com/StackStorm/st2-packages/blob/master/packages/st2mistral/conf/mistral.conf for a full list.
+st2mistral_config: {}
+# Example:
+#st2mistral_config:
+#  DEFAULT:
+#    transport_url: rabbit://guest:guest@127.0.0.1:5672
+#  database:
+#    connection: postgresql://mistral:StackStorm@localhost/mistral
diff --git a/roles/st2mistral/tasks/config.yml b/roles/st2mistral/tasks/config.yml
new file mode 100644
index 00000000..03849fe5
--- /dev/null
+++ b/roles/st2mistral/tasks/config.yml
@@ -0,0 +1,14 @@
+---
+- name: Change '[{{ _conf_section_name }}]' options in mistral.conf
+  become: yes
+  ini_file:
+    dest: /etc/mistral/mistral.conf
+    section: "{{ _conf_section_name }}"
+    option: "{{ _conf_option.key }}"
+    value: "{{ _conf_option.value }}"
+  with_dict: "{{ _conf_options }}"
+  loop_control:
+    loop_var: _conf_option
+  notify:
+    - restart mistral
+  tags: st2mistral, config
diff --git a/roles/st2mistral/tasks/main.yml b/roles/st2mistral/tasks/main.yml
index 4e02c613..b78d597a 100644
--- a/roles/st2mistral/tasks/main.yml
+++ b/roles/st2mistral/tasks/main.yml
@@ -63,6 +63,14 @@
     - restart mistral
   tags: st2mistral
 
+- name: Configure mistral.conf settings
+  # Ansible nested loop to iterate through a hash of hashes
+  include: config.yml _conf_section_name={{ _conf_section.key }} _conf_options={{ _conf_section.value }}
+  with_dict: "{{ st2mistral_config }}"
+  loop_control:
+    loop_var: _conf_section
+  tags: st2mistral, config
+
 - name: Setup mistral DB tables, etc
   become: yes
   shell: /opt/stackstorm/mistral/bin/mistral-db-manage --config-file /etc/mistral/mistral.conf upgrade head && touch /etc/mistral/mistral-db-manage.upgrade.head.ansible.has.run