diff --git a/.gitignore b/.gitignore
index af4d511..7227d65 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
 /.env
+/ansible/inventory.ini
 /data
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
new file mode 100644
index 0000000..c2a3cc5
--- /dev/null
+++ b/ansible/ansible.cfg
@@ -0,0 +1,4 @@
+[defaults]
+nocows = True
+inventory = ./inventory.ini
+interpreter_python = auto_silent
diff --git a/ansible/example.inventory.ini b/ansible/example.inventory.ini
new file mode 100644
index 0000000..077d9c3
--- /dev/null
+++ b/ansible/example.inventory.ini
@@ -0,0 +1,2 @@
+[gitea]
+192.168.1.10 ansible_user=root
diff --git a/ansible/main.yml b/ansible/main.yml
new file mode 100644
index 0000000..beb8ea8
--- /dev/null
+++ b/ansible/main.yml
@@ -0,0 +1,6 @@
+---
+- hosts: all
+  become: true
+  tasks:
+    - name: Setup Linux user and group
+      import_tasks: tasks/user.yml
diff --git a/ansible/tasks/user.yml b/ansible/tasks/user.yml
new file mode 100644
index 0000000..01988b1
--- /dev/null
+++ b/ansible/tasks/user.yml
@@ -0,0 +1,20 @@
+---
+- name: Ensure a Linux group "git" exists
+  ansible.builtin.group:
+    state: present
+    name: git
+    system: no
+    uid: "{{ GIT_USER_GID }}"
+- name: Ensure a Linux user "git" exists
+  ansible.builtin.user:
+    state: present
+    name: git
+    group: git
+    password: "!"
+    comment: "Gitea"
+    system: no
+    uid: "{{ GIT_USER_UID }}"
+    create_home: no
+    generate_ssh_key: yes
+    ssh_key_bits: 4096
+    ssh_key_comment: "Gitea Host Key"