diff --git a/roles/dehydrated/defaults/main.yml b/roles/dehydrated/defaults/main.yml
new file mode 100644
index 0000000..2403f57
--- /dev/null
+++ b/roles/dehydrated/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+dehydrated_version: "v0.7.0"
+dehydrated_location: /usr/local/share/dehydrated
+dehydrated_path: /usr/local/bin/dehydrated
+dehydrated_config: /usr/local/etc/dehydrated/
diff --git a/roles/dehydrated/tasks/main.yml b/roles/dehydrated/tasks/main.yml
new file mode 100644
index 0000000..74102e6
--- /dev/null
+++ b/roles/dehydrated/tasks/main.yml
@@ -0,0 +1,27 @@
+---
+- name: Gather package facts.
+  package_facts:
+    manager: "auto"
+
+- name: Clone dehydrated repo.
+  ansible.builtin.git:
+    repo: git@github.com:dehydrated-io/dehydrated.git
+    dest: "{{ dehydrated_location }}"
+    version: "{{ dehydrated_version }}"
+
+- name: Ensure dehydrated symlink is present.
+  ansible.builtin.file:
+    src: "{{ dehydrated_location }}/dehydrated"
+    dest: "{{ dehydrated_path }}"
+    state: link
+
+# copy config
+- name: Ensure domains.txt is present.
+  ansible.builtin.template:
+    src: /templates/domains.txt.j2
+    dest: "{{ dehydrated_config }}/domains.txt"
+
+- name: Ensure config is present.
+  ansible.builtin.template:
+    src: /templates/config.j2
+    dest: "{{ dehydrated_config }}/config"
diff --git a/roles/dehydrated/templates/config.j2 b/roles/dehydrated/templates/config.j2
new file mode 100644
index 0000000..e9f67f9
--- /dev/null
+++ b/roles/dehydrated/templates/config.j2
@@ -0,0 +1,2 @@
+HOOK={{ dehydrated_location }}/hook.sh
+WELLKNOWN=/var/www/letsencrypt
\ No newline at end of file
diff --git a/roles/dehydrated/templates/domains.txt.j2 b/roles/dehydrated/templates/domains.txt.j2
new file mode 100644
index 0000000..6ab2713
--- /dev/null
+++ b/roles/dehydrated/templates/domains.txt.j2
@@ -0,0 +1,6 @@
+{{ inventory_hostname }}
+{% if extra_hostnames is defined %}
+{% for hostname in extra_hostnames %} 
+{{ hostname }}
+{% endfor %}
+{% endif %}
\ No newline at end of file