diff --git a/roles/websites/ebonfire.com/files/ebonfire.com.httpd.conf b/roles/websites/ebonfire.com/files/ebonfire.com.httpd.conf
new file mode 100644
index 0000000..670d635
--- /dev/null
+++ b/roles/websites/ebonfire.com/files/ebonfire.com.httpd.conf
@@ -0,0 +1,9 @@
+<VirtualHost _default_:80>
+ServerName ebonfire.com
+ServerAlias www.ebonfire.com
+
+DocumentRoot /srv/www/ebonfire.com/htdocs
+<Directory /srv/www/ebonfire.com/htdocs>
+	Require all granted
+</Directory>
+</VirtualHost>
diff --git a/roles/websites/ebonfire.com/handlers/main.yml b/roles/websites/ebonfire.com/handlers/main.yml
new file mode 100644
index 0000000..09fd3c8
--- /dev/null
+++ b/roles/websites/ebonfire.com/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: reload httpd
+  service:
+    name=httpd
+    state=reloaded
diff --git a/roles/websites/ebonfire.com/tasks/main.yml b/roles/websites/ebonfire.com/tasks/main.yml
new file mode 100644
index 0000000..238642f
--- /dev/null
+++ b/roles/websites/ebonfire.com/tasks/main.yml
@@ -0,0 +1,37 @@
+- name: ensure rsync is installed
+  package:
+    name=rsync
+    state=present
+  tags:
+  - install
+
+- name: ensure app group exists
+  group:
+    name=webapp.ebonfire
+    state=present
+- name: ensure app user exists
+  user:
+    name=webapp.ebonfire
+    group=webapp.ebonfire
+    home=/srv/www/ebonfire.com
+    createhome=yes
+    state=present
+
+- name: ensure app home directory permissions are set
+  file:
+    path=/srv/www/ebonfire.com
+    mode=0755
+    state=directory
+
+- name: ensure publisher keys are trusted
+  authorized_key:
+    key: "{{ ebonfire_publisher_keys|join('\n') }}"
+    user: webapp.ebonfire
+    exclusive: true
+
+- name: ensure apache is configured to serve ebonfire.com
+  copy:
+    src=ebonfire.com.httpd.conf
+    dest=/etc/httpd/conf.d/ebonfire.com.conf
+    mode=0644
+  notify: reload httpd