diff --git a/README.md b/README.md
index a8ed515..96ca289 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,3 @@
 # woodpecker-ci
 
+Deployment for Woodpecker CI
diff --git a/playbook.yml b/playbook.yml
new file mode 100644
index 0000000..721df87
--- /dev/null
+++ b/playbook.yml
@@ -0,0 +1,81 @@
+- hosts: localhost
+  tasks:
+    - name: create required directories
+      become: true
+      file:
+        path: '{{ item.path }}'
+        state: '{{ item.state }}'
+        mode: '{{ item.mode }}'
+        owner: '{{ item.owner }}'
+        group: '{{ item.group }}'
+      loop:
+        - {
+            path: '{{ app_dir }}',
+            owner: sonny,
+            group: sonny,
+            state: directory,
+            mode: 755
+          }
+
+    - name: copy docker-compose file
+      template:
+        src: 'templates/docker-compose.j2'
+        dest: '{{ app_dir }}/docker-compose.yml'
+
+    - name: stop woodpecker-ci
+      command: docker compose --file docker-compose.yml down
+      args:
+        chdir: '{{ app_dir }}'
+
+    - name: pull {{ image_tag }}
+      command: docker compose --file docker-compose.yml pull
+      args:
+        chdir: '{{ app_dir }}'
+
+    - name: start woodpecker-ci
+      command: docker compose --file docker-compose.yml up --detach
+      args:
+        chdir: '{{ app_dir }}'
+
+  vars:
+    domain: 'woodpecker.fudiggity.nl'
+
+    image_tag: 'woodpeckerci/woodpecker-server:v2.8.0'
+    agent_tag: 'woodpeckerci/woodpecker-agent:v2.8.0'
+
+    postgres_user: woodpecker
+    postgres_name: woodpecker
+
+    app_dir: '/srv/docker/woodpecker'
+
+    woodpecker_forgejo_url: https://forgejo.fudiggity.nl
+    woodpecker_forgejo_client: f467d6ee-6095-4c90-9d14-674d60b07183
+    woodpecker_forgejo_secret: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          62356630626162303634613865313562333538353866643234623239656366366333353164326262
+          3633363836323134356264343731643661353865323232640a346161336134636466653932303663
+          33356431633266633335353737663363353938613730613030393636363965363735623439356463
+          3730616535313564350a393462666630613233643433333433646662383831396139303764393734
+          36353238383965616135663631303933313561653662393734313934623261346661613936303165
+          64663064643063663964393962316436666336373139333232333537303034346262376631643562
+          666637613833363639386433663464386239
+
+    woodpecker_agent_secret: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          62323937303564623931616630633864666435353335346262303761346132356461333938623461
+          3236306164663135333362643664313136306238643062330a363862623138613932363935613231
+          37323637646666653961376533356639666262613630323261333030323834343831376435373534
+          6635616637306133650a656365633538643232303866346466373135653364333332373061633034
+          38383564653265303437393665303830343238663336386163653332336662383464366239643765
+          66353261343339333664346334393036646134373066343636303136383063373432646537646236
+          393032346237326134303933336565343338
+
+    postgres_password: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          34613464623532313861303136613838616335643034386262343036353935646364623239663061
+          3730646236326435313630323234633363333333616333640a383361613335343930343866353361
+          32356165333961663436356433663733363865383932613365636137326534313136333230366364
+          3137326562316337350a363537336265303438643637663465366333353633383865623463326632
+          66343963666231343835663438303562643635643738366335313736666136373136666164316566
+          30623366616261636261386538333537653063393264643465383830613536343134346364373734
+          336135623065323164623639646365343339
diff --git a/templates/docker-compose.j2 b/templates/docker-compose.j2
new file mode 100644
index 0000000..6a828ca
--- /dev/null
+++ b/templates/docker-compose.j2
@@ -0,0 +1,49 @@
+# {{ ansible_managed }}
+
+services:
+  woodpecker-server:
+    image: {{ image_tag }}
+    ports:
+      - 7000:8000
+    volumes:
+      - woodpecker-server-data:/var/lib/woodpecker/
+    depends_on:
+      - db
+    environment:
+      WOODPECKER_OPEN: true
+      WOODPECKER_HOST: 'https://{{ domain }}'
+      WOODPECKER_AGENT_SECRET: {{ woodpecker_agent_secret }}
+      WOODPECKER_DATABASE_DRIVER: postgres
+      WOODPECKER_DATABASE_DATASOURCE: postgres://{{ postgres_user }}:{{ postgres_password }}@db:5432/postgres?sslmode=disable
+      WOODPECKER_FORGEJO: true
+      WOODPECKER_FORGEJO_URL: {{ woodpecker_forgejo_url }}
+      WOODPECKER_FORGEJO_CLIENT: {{ woodpecker_forgejo_client }}
+      WOODPECKER_FORGEJO_SECRET: {{ woodpecker_forgejo_secret }}
+
+  db:
+    image: postgres:17
+    restart: always
+    environment:
+      POSTGRES_USER: {{ postgres_user }}
+      POSTGRES_PASSWORD: {{ postgres_password }}
+      POSTGRES_DB: {{ postgres_name }}
+    volumes:
+      - postgres-data:/var/lib/postgresql/data
+
+  woodpecker-agent:
+    image: {{ agent_tag }}
+    command: agent
+    restart: always
+    depends_on:
+      - woodpecker-server
+    volumes:
+      - woodpecker-agent-config:/etc/woodpecker
+      - /var/run/docker.sock:/var/run/docker.sock
+    environment:
+      WOODPECKER_SERVER: woodpecker-server:9000
+      WOODPECKER_AGENT_SECRET: {{ woodpecker_agent_secret }}
+
+volumes:
+  woodpecker-server-data:
+  woodpecker-agent-config:
+  postgres-data: