diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..3cf8dbd
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,6 @@
+secret_files*
+secret*
+deploy.sh
+setup.sh
+ssh.sh
+ansible/test.yml
\ No newline at end of file
diff --git a/README.md b/README.md
index 7828353..7013aab 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,46 @@
-# peach-vps
-# simple-ansible-template
+# peach-vps config
+
+Code for configuring the peachcloud vps for various hosting and automation
+- debian repository of microservices
+- mdbook builder for devdocs
+
+using ansible 2.9.3
+
+[instructions to install ansible locally](https://docs.ansible.com/ansible/latest/installation_guide/intro_installation.html)
+
+# setup
+
+locally run:
+`mkdir ansible/secret_files`
+(and make sure you get the required secret_files which are hosted off git)
+
+gpg key creation is still not automated,
+so after creating the server generate a gpg key on the server,
+`gpg --gen-key`
+put the gpg_key_id into vars.yaml and then run setup locally:
+
+`ansible-playbook -i ansible/hosts ansible/setup.yml`
+
+
+# deploy
+`ansible-playbook -i ansible/hosts ansible/deploy.yml`
+
+
+# building releases (to be automated later)
+
+## building for arm64
+```cd /srv/src/peach-oled
+cargo-deb
+cd /srv/www/repos/apt/debian
+reprepro includedeb buster /srv/src/peach-oled/target/debian/peach-oled_0.1.0_amd64.deb
+```
+
+## building for aarch64
+```cd /srv/src/peach-oled
+cargo build --release --target=aarch64-unknown-linux-gnu
+CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER=/usr/bin/aarch64-linux-gnu-gcc cargo-deb --release --target=aarch64-unknown-linux-gnu
+```
+
+# misc
+based off this tutorial:
+https://wiki.debian.org/DebianRepository/SetupWithReprepro
\ No newline at end of file
diff --git a/ansible/debianrep.yml b/ansible/debianrep.yml
new file mode 100644
index 0000000..3513184
--- /dev/null
+++ b/ansible/debianrep.yml
@@ -0,0 +1,40 @@
+---
+- name: ensure debian rep directory
+  action: file dest="{{debian_rep_dir}}" state=directory
+
+- name: ensure debian rep conf directory
+  action: file dest="{{debian_rep_dir}}/conf" state=directory
+
+- name: create debian distributions file
+  template:
+    src: debian/distributions
+    dest: "{{debian_rep_dir}}/conf/distributions"
+
+- name: create debian options file
+  action: template src=debian/options dest="{{debian_rep_dir}}/conf/options"
+
+- name: create debian override file
+  action: template src=debian/override.buster dest="{{debian_rep_dir}}/conf/override.buster"
+
+# couldn't easily figure out how to automate gpg key creation, so this step can be manual
+# gpg --gen-key
+
+- name: export public gpg key to be served by web server
+  command: gpg --armor --output {{web_dir}}/repos/apt/peach_pub.gpg --export {{gpg_key_id}}
+  args:
+    creates: "{{web_dir}}/repos/apt/peach_pub.gpg"
+
+- name: install reprepro
+  apt: pkg=reprepro
+
+- name: install toolchain for cross-compilation
+  command: /root/.cargo/bin/rustup toolchain install nightly-aarch64-unknown-linux-gnu
+
+- name: install aarch644 gcc
+  apt: pkg=gcc-aarch64-linux-gnu
+
+- name: create debian repo nginx site config
+  action: template src=templates/debian/nginx_debian.conf dest=/etc/nginx/sites-enabled/debianrep.conf
+  notify:
+    - restart nginx
+
diff --git a/ansible/deploy.yml b/ansible/deploy.yml
new file mode 100644
index 0000000..fb42610
--- /dev/null
+++ b/ansible/deploy.yml
@@ -0,0 +1,38 @@
+- hosts: vps
+  user: root
+  tasks:
+    - include_vars: vars.yaml
+      tags:
+        - always
+
+    - name: deploy microservices code from github
+      git: repo={{item.repo_url}} dest={{item.destination}} remote={{item.remote}} version={{item.branch}} accept_hostkey=yes
+      loop:
+        - { repo_url: 'https://github.com/peachcloud/peach-web.git', remote: 'main', branch: 'main', destination: '{{src_dir}}/peach-web' }
+        - { repo_url: 'https://github.com/peachcloud/peach-oled.git', remote: 'main', branch: 'main', destination: '{{src_dir}}/peach-oled' }
+        - { repo_url: 'https://github.com/peachcloud/peach-stats.git', remote: 'main', branch: 'main', destination: '{{src_dir}}/peach-stats' }
+
+    - name: tasks for creating debian repository
+      include_tasks: debianrep.yml
+
+    - name: tasks for devdocs
+      include_tasks: devdocs.yml
+
+    - name: ensure automation folder
+      action: file dest=/srv/automation state=directory
+
+    - name: deploy code for automation
+      git: repo=https://github.com/peachcloud/peach-vps.git dest={{automation_dir}}/peach-vps remote=main version=main accept_hostkey=yes
+
+    - name: copy welcome file
+      template: src=welcome dest=/srv/welcome
+
+    - name: restart nginx
+      command: /bin/true
+      notify:
+        - restart nginx
+
+  handlers:
+    - name: restart nginx
+      action: service name=nginx state=restarted
+
diff --git a/ansible/devdocs.yml b/ansible/devdocs.yml
new file mode 100644
index 0000000..eeb2425
--- /dev/null
+++ b/ansible/devdocs.yml
@@ -0,0 +1,31 @@
+---
+- name: ensure devdocs_bare
+  action: file dest={{automation_dir}}/devdocs_bare state=directory
+
+- name: initialize devdocs_bare git repo
+  command: git init --bare {{automation_dir}}/devdocs_bare
+  args:
+    creates: '{{src_dir}}/devdocs_bare/.git'
+
+- name: ensure devdocs_build
+  action: file dest={{automation_dir}}/devdocs_build state=directory
+
+- name: ensure git hooks directory
+  action: file dest={{automation_dir}}/devdocs_bare/hooks state=directory
+
+- name: copy devdocs githook
+  action: template src=devdocs/git-post-receive dest="{{automation_dir}}/devdocs_bare/hooks/post-receive" mode='770'
+
+- name: ensure devdocs web directory
+  action: file dest={{web_dir}}/docs:peachcloud:org/html state=directory
+
+- name: install mdbook
+  shell: /root/.cargo/bin/cargo install mdbook
+  args:
+    creates: /root/.cargo/bin/mdbook
+
+- name: create devdocs nginx site config
+  action: template src=templates/devdocs/nginx_devdocs.conf dest=/etc/nginx/sites-enabled/devdocs.conf
+  notify:
+    - restart nginx
+
diff --git a/ansible/hosts b/ansible/hosts
new file mode 100644
index 0000000..1ffd7c3
--- /dev/null
+++ b/ansible/hosts
@@ -0,0 +1,2 @@
+[vps]
+46.101.107.168 ansible_ssh_user=root ansible_ssh_private_key_file=/Users/maxfowler/.ssh/peach_rsa
\ No newline at end of file
diff --git a/ansible/setup.yml b/ansible/setup.yml
new file mode 100644
index 0000000..bece68a
--- /dev/null
+++ b/ansible/setup.yml
@@ -0,0 +1,52 @@
+- hosts: vps
+  user: root
+  tasks:
+    - include_vars: vars.yaml
+
+    - name: Setup users and groups
+      block:
+      - name: Ensure groups exist
+        group:
+          name: peach
+          state: present
+
+      - name: Ensure users exist
+        ansible.builtin.user:
+          name: "{{ item }}"
+          state: present
+          groups: "peach"
+        loop:
+          - notplants
+          - glyph
+
+    - name: ensure log directory
+      action: file dest={{log_dir}} state=directory
+
+    - name: ensure src directory
+      action: file dest={{src_dir}} state=directory
+
+    - name: ensure www directory
+      action: file dest=/srv/www state=directory
+
+    - name: install packages
+      apt:
+        pkg:
+          - git
+          - nginx
+          - curl
+          - build-essential
+
+    - name: install rust by rustup
+      shell: curl https://sh.rustup.rs -sSf | sh -s -- -y
+      args:
+        creates: /root/.cargo/bin/rustc
+
+    - name: install cargo deb
+      shell: /root/.cargo/bin/cargo install cargo-deb
+      args:
+        creates: /root/.cargo/bin/cargo-deb
+
+    - name: copy main nginx config
+      action: template src=nginx/nginx.conf dest=/etc/nginx/nginx.conf
+
+
diff --git a/ansible/templates/automation/README b/ansible/templates/automation/README
new file mode 100644
index 0000000..fb6506d
--- /dev/null
+++ b/ansible/templates/automation/README
@@ -0,0 +1,7 @@
+Automation-related directories are stored in this directory.
+
+For example, bare Git Hooks directories and staging directories for automating the build and deployment of peach-devdocs to docs.peachcloud.org.
+
+See https://github.com/peachcloud/peach-devdocs/blob/master/GITHOOK_DEPLOYMENT.md for more info.
+
+In the future, this directory may also be home to automation for release builds and deb file builds.
\ No newline at end of file
diff --git a/ansible/templates/debian/distributions b/ansible/templates/debian/distributions
new file mode 100644
index 0000000..f6fed0f
--- /dev/null
+++ b/ansible/templates/debian/distributions
@@ -0,0 +1,8 @@
+Origin: PeachCloud
+Label: PeachCloud
+Codename: buster
+Architectures: amd64
+Components: main
+Description: Apt repository for PeachCloud debian packages
+SignWith: {{gpg_key_id}}
+DebOverride: override.buster
diff --git a/ansible/templates/debian/nginx_debian.conf b/ansible/templates/debian/nginx_debian.conf
new file mode 100644
index 0000000..9a02f85
--- /dev/null
+++ b/ansible/templates/debian/nginx_debian.conf
@@ -0,0 +1,21 @@
+server {
+  listen 80;
+  server_name 46.101.107.168;
+
+  access_log /srv/log/nginx-debian.log;
+  error_log /srv/log/nginx-debian.error;
+
+  location / {
+    root {{web_dir}}/repos/apt;
+    index index.html;
+    autoindex on;
+  }
+
+  location ~ /(.*)/conf {
+    deny all;
+  }
+
+  location ~ /(.*)/db {
+    deny all;
+  }
+}
\ No newline at end of file
diff --git a/ansible/templates/debian/options b/ansible/templates/debian/options
new file mode 100644
index 0000000..5dd7345
--- /dev/null
+++ b/ansible/templates/debian/options
@@ -0,0 +1,3 @@
+verbose
+basedir {{debian_rep_dir}}
+ask-passphrase
diff --git a/ansible/templates/debian/override.buster b/ansible/templates/debian/override.buster
new file mode 100644
index 0000000..ec9fb2d
--- /dev/null
+++ b/ansible/templates/debian/override.buster
@@ -0,0 +1,4 @@
+{% for service in services %}
+{{service}} Priority        optional
+{{service}} Section         net
+{% endfor %}
\ No newline at end of file
diff --git a/ansible/templates/devdocs/git-post-receive b/ansible/templates/devdocs/git-post-receive
new file mode 100644
index 0000000..8d1ec36
--- /dev/null
+++ b/ansible/templates/devdocs/git-post-receive
@@ -0,0 +1,13 @@
+#!/bin/bash
+while read oldrev newrev ref
+do
+    if [[ $ref =~ .*/master$ ]];
+    then
+        echo "Master ref received.  Deploying master branch to build directory..."
+        git --work-tree={{automation_dir}}/devdocs_build --git-dir={{automation_dir}}/devdocs_bare checkout -f
+        echo "Building docs and deploying to production..."
+        /root/.cargo/bin/mdbook build {{automation_dir}}/devdocs_build --dest-dir {{web_dir}}/docs:peachcloud:org/html
+    else
+        echo "Ref $ref successfully received.  Doing nothing: only the master branch may be deployed on this server."
+    fi
+done
\ No newline at end of file
diff --git a/ansible/templates/devdocs/nginx_devdocs.conf b/ansible/templates/devdocs/nginx_devdocs.conf
new file mode 100644
index 0000000..68076b9
--- /dev/null
+++ b/ansible/templates/devdocs/nginx_devdocs.conf
@@ -0,0 +1,10 @@
+server {
+    listen 80;
+    server_name reddeadnettle.network;
+
+    location / {
+        root {{web_dir}}/docs:peachcloud:org/html;
+        index index.html;
+        try_files $uri $uri/ /index.html;
+    }
+}
\ No newline at end of file
diff --git a/ansible/templates/nginx/nginx.conf b/ansible/templates/nginx/nginx.conf
new file mode 100644
index 0000000..668b54c
--- /dev/null
+++ b/ansible/templates/nginx/nginx.conf
@@ -0,0 +1,31 @@
+user www-data;
+worker_processes 1;
+worker_rlimit_nofile 8192;
+
+events {
+  worker_connections  3000;
+}
+
+error_log  /var/log/nginx/error.log warn;
+pid        /var/run/nginx.pid;
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+}
\ No newline at end of file
diff --git a/ansible/templates/welcome b/ansible/templates/welcome
new file mode 100644
index 0000000..011f334
--- /dev/null
+++ b/ansible/templates/welcome
@@ -0,0 +1,5 @@
+Welcome to the PeachCloud VPS.
+
+Users with membership to the `peach` group can write to this directory (`/srv/peachcloud`).
+
+All PeachCloud-related assets are to be stored in this directory.
\ No newline at end of file
diff --git a/ansible/vars.yaml b/ansible/vars.yaml
new file mode 100644
index 0000000..f1a7675
--- /dev/null
+++ b/ansible/vars.yaml
@@ -0,0 +1,11 @@
+app_name: peach-vps
+log_dir: /srv/log
+src_dir: /srv/src
+automation_dir: /srv/automation
+web_dir: /srv/www
+debian_rep_dir: /srv/www/repos/apt/debian
+gpg_key_id: 74A8D514053AE40F15C407E5D5233F944CCA2DF5
+services:
+  - peach-oled
+  - peach-stats
+  - peach-web
\ No newline at end of file