diff --git a/peertube-server/.idea/.gitignore b/peertube-server/.idea/.gitignore
new file mode 100644
index 0000000..13566b8
--- /dev/null
+++ b/peertube-server/.idea/.gitignore
@@ -0,0 +1,8 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Editor-based HTTP Client requests
+/httpRequests/
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml
diff --git a/peertube-server/.idea/inspectionProfiles/profiles_settings.xml b/peertube-server/.idea/inspectionProfiles/profiles_settings.xml
new file mode 100644
index 0000000..105ce2d
--- /dev/null
+++ b/peertube-server/.idea/inspectionProfiles/profiles_settings.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/peertube-server/.idea/modules.xml b/peertube-server/.idea/modules.xml
new file mode 100644
index 0000000..fd0ff19
--- /dev/null
+++ b/peertube-server/.idea/modules.xml
@@ -0,0 +1,8 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/peertube-server/.idea/peertube-server.iml b/peertube-server/.idea/peertube-server.iml
new file mode 100644
index 0000000..d0876a7
--- /dev/null
+++ b/peertube-server/.idea/peertube-server.iml
@@ -0,0 +1,8 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/peertube-server/.idea/vcs.xml b/peertube-server/.idea/vcs.xml
new file mode 100644
index 0000000..6c0b863
--- /dev/null
+++ b/peertube-server/.idea/vcs.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/peertube-server/Makefile b/peertube-server/Makefile
new file mode 100644
index 0000000..4aec0e9
--- /dev/null
+++ b/peertube-server/Makefile
@@ -0,0 +1,9 @@
+install:
+ sudo dnf install ansible
+ ansible-galaxy collection install community.general
+ ansible-galaxy collection install containers.podman
+ ansible-galaxy collection install ansible.posix
+list-hosts:
+ ansible-inventory -i inventory.ini --list
+run:
+ ansible-playbook -i inventory.ini playbook.yaml --ask-become-pass
\ No newline at end of file
diff --git a/peertube-server/inventory.ini b/peertube-server/inventory.ini
new file mode 100644
index 0000000..3998aed
--- /dev/null
+++ b/peertube-server/inventory.ini
@@ -0,0 +1,5 @@
+[nuculabs]
+legion.nuculabs.com ansible_user=dnutiu
+
+[local]
+localhost ansible_connection=local
\ No newline at end of file
diff --git a/peertube-server/playbook.yaml b/peertube-server/playbook.yaml
new file mode 100644
index 0000000..6379320
--- /dev/null
+++ b/peertube-server/playbook.yaml
@@ -0,0 +1,66 @@
+- name: Create directory and templated file
+ hosts: nuculabs
+ become: yes
+ become_method: sudo
+ vars_files:
+ - variables.yaml
+
+ tasks:
+ # Create necessary directories.
+ - name: Create PeerTube data directory
+ ansible.builtin.file:
+ path: "/{{ peertube.data_directory }}"
+ state: directory
+ mode: '0755'
+ ignore_errors: true
+ - name: Create PeerTube config directory
+ ansible.builtin.file:
+ path: "/{{ peertube.config_directory }}"
+ state: directory
+ mode: '0754'
+ ignore_errors: true
+ - name: Create PostgresSQL directory
+ ansible.builtin.file:
+ path: "/{{ postgres.postgres_directory }}"
+ state: directory
+ mode: '0754'
+ ignore_errors: true
+ # Ensure dependencies are installed
+ - name: Ensure Podman is installed
+ ansible.builtin.package:
+ name: podman
+ state: present
+ - name: Ensure Udica is installed
+ ansible.builtin.package:
+ name: udica
+ state: present
+ - name: Ensure container-selinux is installed
+ ansible.builtin.package:
+ name: container-selinux
+ state: present
+ # Pull docker images
+ - name: Pull PeerTube image
+ containers.podman.podman_image:
+ name: "{{ peertube.image_name }}"
+ state: present
+ - name: Pull Postgres image
+ containers.podman.podman_image:
+ name: "{{ postgres.image_name }}"
+ state: present
+ - name: Pull Redis image
+ containers.podman.podman_image:
+ name: "{{ redis.image_name }}"
+ state: present
+ # Load SELinux policies
+ - name: Add firewall ports
+ block:
+ - name: Create a firewalld service file (if it doesn't exist)
+ ansible.posix.firewalld:
+ src: ./templates/firewall/peertube.xml
+ dest: /etc/firewalld/services/peertube.xml
+ state: enabled
+ notify: reload firewalld
+ handlers:
+ - name: reload firewalld
+ ansible.posix.firewalld:
+ state: reloaded
\ No newline at end of file
diff --git a/peertube-server/templates/cil/peertube.cil b/peertube-server/templates/cil/peertube.cil
new file mode 100644
index 0000000..3032b80
--- /dev/null
+++ b/peertube-server/templates/cil/peertube.cil
@@ -0,0 +1,23 @@
+(block peertube
+ (blockinherit container)
+ (blockinherit restricted_net_container)
+ (allow process process ( capability ( chown dac_override fowner fsetid kill net_bind_service setfcap setgid setpcap setuid sys_chroot )))
+
+ (allow process flash_port_t ( tcp_socket ( name_bind )))
+ (allow process http_port_t ( tcp_socket ( name_bind )))
+ (allow process unreserved_port_t (tcp_socket (name_connect) ) )
+ (allow process cifs_t (dir (setattr)))
+ (allow process redis_port_t (tcp_socket (name_connect)))
+ (allow process smtp_port_t (tcp_socket (name_connect)))
+ (allow process postgresql_port_t (tcp_socket (name_connect)))
+
+
+ (allow process container_file_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
+ (allow process container_file_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
+ (allow process container_file_t ( fifo_file ( getattr read write append ioctl lock open )))
+ (allow process container_file_t ( sock_file ( append getattr open read write )))
+ (allow process user_home_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
+ (allow process user_home_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
+ (allow process user_home_t ( fifo_file ( getattr read write append ioctl lock open )))
+ (allow process user_home_t ( sock_file ( append getattr open read write )))
+)
diff --git a/peertube-server/templates/cil/postgres.cil b/peertube-server/templates/cil/postgres.cil
new file mode 100644
index 0000000..c4b5ce8
--- /dev/null
+++ b/peertube-server/templates/cil/postgres.cil
@@ -0,0 +1,11 @@
+(block postgres
+ (blockinherit container)
+ (blockinherit restricted_net_container)
+ (allow process process ( capability ( chown dac_override fowner fsetid kill net_bind_service setfcap setgid setpcap setuid sys_chroot )))
+
+ (allow process postgresql_port_t ( tcp_socket ( name_bind )))
+ (allow process user_home_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
+ (allow process user_home_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write )))
+ (allow process user_home_t ( fifo_file ( getattr read write append ioctl lock open )))
+ (allow process user_home_t ( sock_file ( append getattr open read write )))
+)
\ No newline at end of file
diff --git a/peertube-server/templates/firewall/peertube.xml b/peertube-server/templates/firewall/peertube.xml
new file mode 100644
index 0000000..391f154
--- /dev/null
+++ b/peertube-server/templates/firewall/peertube.xml
@@ -0,0 +1,7 @@
+
+
+ PeerTube Service
+ PeerTube is a federated video sharing platform.
+
+
+
diff --git a/peertube-server/variables.yaml b/peertube-server/variables.yaml
new file mode 100644
index 0000000..3f0b56f
--- /dev/null
+++ b/peertube-server/variables.yaml
@@ -0,0 +1,9 @@
+peertube:
+ data_directory: "/peertube/data"
+ config_directory: "/peertube/config"
+ image_name: "docker.io/chocobozzz/peertube:v7.0.1-bookworm"
+postgres:
+ postgres_directory: "/peertube/postgres"
+ image_name: "docker.io/postgres:13-alpine"
+redis:
+ image_name: "docker.io/redis:6-alpine"
\ No newline at end of file