diff --git a/roles/mastodon-config/tasks/main.yml b/roles/mastodon-config/tasks/main.yml
new file mode 100644
index 0000000..077cc45
--- /dev/null
+++ b/roles/mastodon-config/tasks/main.yml
@@ -0,0 +1,42 @@
+---
+# This role copies over the user-edited .env.production, runs the database
+# setup, pre-compiles assets, starts Mastodon daemons, adds media cleanup
+# cron job
+
+- name: Copy Mastodon .env.production
+  template:
+    src: .env.production
+    dest: /home/mastodon/live/.env.production
+  become: true
+  become_user: mastodon
+- name: Run Mastodon database setup
+  shell: cd /home/mastodon/live && /home/mastodon/.rbenv/shims/bundle exec rails db:setup
+  environment:
+    RAILS_ENV: production
+  args:
+    executable: /bin/bash
+  become: true
+  become_user: mastodon
+- name: Precompile Mastodon static assets
+  shell: cd /home/mastodon/live && /home/mastodon/.rbenv/shims/bundle exec rails assets:precompile
+  environment:
+    RAILS_ENV: production
+  args:
+    executable: /bin/bash
+  become: true
+  become_user: mastodon
+- name: Add Mastodon media cache cleanup cronjob
+  cron:
+    name: "Mastodon media cache cleanup"
+    special_time: daily
+    job: "cd /home/mastodon/live && RAILS_ENV=production /home/mastodon/.rbenv/shims/bundle exec rake mastodon:media:remove_remote"
+    backup: yes
+    state: present
+  become: true
+  become_user: mastodon
+- name: Start Mastodon services
+  systemd: name={{ item }} state=started
+  with_items:
+    - mastodon-sidekiq
+    - mastodon-streaming
+    - mastodon-web
diff --git a/roles/mastodon-config/templates/.env.production.sample b/roles/mastodon-config/templates/.env.production.sample
new file mode 100644
index 0000000..e98050a
--- /dev/null
+++ b/roles/mastodon-config/templates/.env.production.sample
@@ -0,0 +1,41 @@
+# Copy this file to .env.production in the same directory and then begin editing
+
+# Your Redis host
+REDIS_HOST=127.0.0.1
+# Your Redis port
+REDIS_PORT=6379
+# Your PostgreSQL host
+DB_HOST=/var/run/postgresql
+# Your PostgreSQL user
+DB_USER=mastodon
+# Your PostgreSQL DB name
+DB_NAME=mastodon_production
+# Leave DB password empty
+DB_PASS=
+# Your DB_PORT
+DB_PORT=5432
+
+# Your instance's domain (Don't modify this, we get this from a variable)
+LOCAL_DOMAIN={{ mastodon_hostname }}
+# We have HTTPS enabled
+LOCAL_HTTPS=true
+
+# Application secrets
+# Generate each with `RAILS_ENV=production bundle exec rake secret` on
+# the Mastodon host
+PAPERCLIP_SECRET=
+SECRET_KEY_BASE=
+OTP_SECRET=
+
+# Web Push VAPID keys
+# Generate with `web-push generate-vapid-keys` on Mastodon host and then
+# fill the following out
+VAPID_PRIVATE_KEY=
+VAPID_PUBLIC_KEY=
+
+# All SMTP details, Mailgun and Sparkpost have free tiers
+SMTP_SERVER=
+SMTP_PORT=
+SMTP_LOGIN=
+SMTP_PASSWORD=
+SMTP_FROM_ADDRESS=
diff --git a/site.yml b/site.yml
index b9ffa32..1cc4a2b 100644
--- a/site.yml
+++ b/site.yml
@@ -10,3 +10,4 @@
     - mastodon-nginx
     - mastodon-systemd
     - mastodon-webpush
+#   - mastodon-config