diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml
index b7e4c96..33b1732 100644
--- a/.github/workflows/deployment.yml
+++ b/.github/workflows/deployment.yml
@@ -1,28 +1,25 @@
-name: deployment
+name: deploy
 
 on:
-  repository_dispatch:
-    types: [update_deployment]
   push:
     branches:
       - master
 
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
+    timeout-minutes: 10
     steps:
     - uses: actions/checkout@v2
-    - name: update compose deployment
+    - name: Prepare environment
       run: |
-        # validate config
-        docker-compose config -q
-        # set up ssh
+        id
         eval $(ssh-agent -s)
-        echo "${{ secrets.SSH_PRIVATE_KEY }}" | tr -d '\r' | ssh-add -
         mkdir -p ~/.ssh
-        chmod 700 ~/.ssh
-        touch ~/.ssh/known_hosts
-        chmod 644 ~/.ssh/known_hosts
-        ssh-keyscan pandorabox.io >> ~/.ssh/known_hosts
-        # execute deployment script
-        cat scripts/deploy.sh | ssh root@pandorabox.io "cd /data/pandorabox.io && /bin/bash -"
+        echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+        ssh-keyscan akheron.rudin.io >> ~/.ssh/known_hosts
+        chmod -R 700 ~/.ssh
+        ansible-galaxy collection install community.general
+    - name: Run ansible
+      run: |
+        ansible-playbook -i hosts --private-key ~/.ssh/id_rsa deploy.yml
diff --git a/deploy.yml b/deploy.yml
new file mode 100644
index 0000000..ef004d3
--- /dev/null
+++ b/deploy.yml
@@ -0,0 +1,29 @@
+---
+- hosts: all
+  remote_user: root
+  vars:
+    compose_directory: /data/pandorabox.io
+  tasks:
+    - name: Checkout git master
+      ansible.builtin.git:
+        repo: https://github.com/pandorabox-io/pandorabox.io
+        dest: "{{ compose_directory }}"
+        single_branch: yes
+        version: master
+
+    - name: Generate minetest config
+      shell:
+        cmd: "cat minetest.conf minetest.conf.keys > data/minetest/minetest.conf"
+        chdir: "{{ compose_directory }}"
+
+    - name: Create and start services
+      community.general.docker_compose:
+        project_src: "{{ compose_directory }}"
+        pull: yes
+        build: yes
+        remove_orphans: yes
+
+    - name: Reload nginx config
+      shell:
+        cmd: "docker-compose exec -T nginx nginx -s reload"
+        chdir: "{{ compose_directory }}"
diff --git a/hosts b/hosts
new file mode 100644
index 0000000..c281691
--- /dev/null
+++ b/hosts
@@ -0,0 +1 @@
+akheron.rudin.io
\ No newline at end of file