diff --git a/inventory.yaml b/inventory.yaml
new file mode 100644
index 0000000..9089e99
--- /dev/null
+++ b/inventory.yaml
@@ -0,0 +1,5 @@
+proxmox_vms:
+  hosts:
+    jellyfin:
+      ansible_host: 10.0.1.193
+      ansible_user: root
diff --git a/provision.yaml b/provision.yaml
new file mode 100644
index 0000000..33b9d35
--- /dev/null
+++ b/provision.yaml
@@ -0,0 +1,60 @@
+- name: Configure SSH and gvisor
+  hosts: proxmox_vms
+  tasks:
+   - name: Copy over SSHD config file
+     ansible.builtin.copy:
+       src: ./files/sshd_config
+       dest: /etc/ssh/sshd_config
+       owner: root
+       group: root
+       mode: '0600'
+
+   - name: Restart SSHD
+     ansible.builtin.systemd_service:
+       name: sshd
+       state: reloaded
+   
+   - name: Download gvisor
+     ansible.builtin.get_url:
+       url: https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/runsc
+       dest: /usr/local/bin/runsc
+       force: yes
+       mode: a+x
+
+   - name: Copy over dnf5-automatic config
+     ansible.builtin.copy:
+      src: ./files/automatic.conf
+      dest: /etc/dnf/automatic.conf
+      owner: root
+      group: root
+      mode: '0644'
+
+   - name: Add dnf5-automatic overrides dir
+     ansible.builtin.file:
+      path: /etc/systemd/system/dnf5-automatic.service.d
+      state: directory
+      mode: '0644'
+
+   - name: Add override.conf
+     ansible.builtin.copy:
+      src: ./files/override.conf
+      dest: /etc/systemd/system/dnf5-automatic.service.d/override.conf
+      owner: root
+      group: root
+      mode: '0644'
+
+   - name: Add gvisor update service
+     ansible.builtin.copy:
+      src: ./files/gvisor-update.service
+      dest: /etc/systemd/system/gvisor-update.service
+      owner: root
+      group: root
+      mode: '0644'
+
+   - name: Enable dnf5 auto updates
+     ansible.builtin.systemd_service:
+      name: dnf5-automatic.timer
+      state: started
+      enabled: true
+
+