diff --git a/tasks/main.yml b/tasks/main.yml
index 7b2ea3027bbc3157bf75c0459aec0cdf4049e41f..539eaabaf7e01908ccdd64d7823cd8709ae2dd63 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -6,7 +6,7 @@
   notify: update initramfs
   template:
     src: config.j2
-    dest: /etc/dropbear-initramfs/config
+    dest: "{{ dropbear_initramfs_config_path }}"
     mode: 0644
     owner: root
     group: root
@@ -15,7 +15,7 @@
   notify: update initramfs
   template:
     src: authorized_keys.j2
-    dest: /etc/dropbear-initramfs/authorized_keys
+    dest: "{{ dropbear_initramfs_path }}/authorized_keys"
     mode: 0644
     owner: root
     group: root
diff --git a/templates/config.j2 b/templates/config.j2
index 9b65a41a5dd39cf0a1841ffe1d7390c904ccaf45..9e434d451179142430bbcfc17b3368cbb8f03399 100644
--- a/templates/config.j2
+++ b/templates/config.j2
@@ -3,6 +3,7 @@
 #
 # Command line options to pass to dropbear(8)
 #
+
 # -s -> disable password login
 DROPBEAR_OPTIONS="-s"
 
@@ -13,5 +14,18 @@ DROPBEAR_OPTIONS="-s"
 # The special value 'none' keeps all interfaces up and preserves routing
 # tables and addresses.
 #
-#IFDOWN=*
+#IFDOWN="*"
 
+#
+# On local (non-NFS) mounts, the network stack and dropbear are started
+# asynchronously at init-premount stage.  This value specifies the
+# maximum number of seconds to wait (while the network/dropbear are
+# being configured) at init-bottom stage before terminating dropbear and
+# bringing the network down.
+# If the timeout is too short, and if the boot process is not blocking
+# on user input supplied via SSHd (ie no remote unlocking), then the
+# initrd might pivot to init(1) too early, thereby causing a race
+# condition between network configuration from initramfs vs from the
+# normal system.
+#
+#DROPBEAR_SHUTDOWN_TIMEOUT=60
diff --git a/vars/main.yml b/vars/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..25e0d8b8ecd15c9812c776cabff4cc8472eee8bb
--- /dev/null
+++ b/vars/main.yml
@@ -0,0 +1,2 @@
+dropbear_initramfs_path: "{% if ansible_distribution_release == 'bullseye' %}/etc/dropbear-initramfs/{% else %}/etc/dropbear/initramfs/{% endif %}"
+dropbear_initramfs_config_path: "{{ dropbear_initramfs_path }}{% if ansible_distribution_release == 'bullseye' %}config{% else %}dropbear.conf{% endif %}"