diff --git a/playbooks/mastodon.yml b/playbooks/mastodon.yml
new file mode 100644
index 0000000..d9e28f2
--- /dev/null
+++ b/playbooks/mastodon.yml
@@ -0,0 +1,4 @@
+- name: Install Mastodon
+  hosts: nucs
+  roles:
+    - mastodon
diff --git a/roles/mastodon/files/.env.production b/roles/mastodon/files/.env.production
new file mode 100644
index 0000000..eae9165
--- /dev/null
+++ b/roles/mastodon/files/.env.production
@@ -0,0 +1,126 @@
+$ANSIBLE_VAULT;1.1;AES256
+33633034363064383430636634353165363033316134356162393730323138613732353738636339
+3430363364643762363438393537626465636632343266310a336530666662303732323666383337
+30363864363938613234336534616633643863356333323163343638333464386437376664376131
+3763626338316539640a346338663538656466623333356461383931363036666338613863363831
+39663339626131383637313138346533306632336639303836393936636239633433656139666362
+64316161666430643139326565376561353666353139356233373534333263363932323761303930
+33383730663735616463653037626661333338323563643166306661366639613361323430373737
+38376334323032626630326465316662663635356138613036656436623934323232396437623639
+32356233323532316536316237316363303263633362313138346631663566636533356163393433
+34383439663161316434336366336235653237633262643466613362376136336533353330333165
+34366537303261373836626262393833346262663533383235656239373338336531653062636166
+37343632656539663761393139393064623534393862386531633137316235663461653161333730
+33626433663336653965633165323931653362386364343132336534376366356434393634633561
+64343035313365356332303633386665666363623934383437383235336532643664353930323365
+64336635653937323535326338346633393066316434326431626334353934333861366434393336
+34343563363730306561393166373564373632313463623832356134386531363730356139313966
+32376664393231323636396139633136626366343931643431646463666237343464633034353462
+34636238386432313633326663363462366530396563373734643561326264653536356239653633
+63323838643137633439626330363865323237616265303464343833306530643163666164663936
+39393039343330333962373761626466326364613562383733623235656131666531666333353462
+37303161653563316139613330323865323865313961343631383464323933326132383134313464
+61613065323665333463366536366564623737323065373730636565393333613166653164303564
+32353237306363346237313564363865343230316562383737343637363463383532333238326364
+34656337313235613236653430333831303262316637386130326433636230623632366532333234
+63376434366133363937336335336334663962636237353435323736373839626636343635316466
+35393337373637306631386562343530356130636661396265653035366162336362626331383931
+35396534346335383465616438333666623738633435636235623165363762353862636333353062
+65613537346232336537623364663038393437626636343961623164376463303638643732353830
+38366439663562326633653966323636646239383135356237666434386638666432653236666264
+61646134656333373365323966636634666130336639633763653634656134613535303635373737
+64303462633034346665333666373561326131366131343138386137376432653031643835656438
+34656332346133666437656266363762363065666534353836623331313466613236636464633235
+62303931373137393235663636613063376666356638346262653132656636363835623531623964
+64336264626633353061653932643231373036343131326363366539353039313939303233343961
+37303538306638626565303963303766303261333765303335393635336264366632656431306434
+36363438643361343263623465323664623530663436353436366563343533646237303437656564
+32633431623337326233643862326264356331653138316639653861306265363131376263386439
+63363962393734316633363466353130326663373430356432633031623234373136343061366661
+31356538376430623331313230366530333530373162393830343437643165393339653365373634
+62313062383962653433323862646265353936396561393139643131633731306137646561373139
+34386633323061636165313063303035353365343862353835373064303433646565346262343361
+33306235643463353734613032616633646361396334303064633063336231653838353561336532
+66663536633363386137313065343266643661616361393335643039303938346662306561323865
+32303133346338636361333964383961643537303662303365616162636133383064613337616132
+66393864373031646131393732616536613732636632646135393939393339616462373261373533
+32336434313665633063366137626162393366386166353362653836383935356134316533336337
+39366364653838326634303233393164636238383332393762666365636439353830336134396236
+31313239323135666136343633346239653666303364363631623439383533323061666436666366
+30633764623834353032376263353534663932393932616430316334653631656465636131653936
+35303535623232666233666334373663616235313134373961613237306538323761393939333233
+35323535356561383230636464363338353136313238393932313932663631303464633734376438
+62373366646136343336386263393562366466376231306366393637383130333864303532633332
+31396236343863316436633734633865633262323231643730643366633830663564636534316338
+62643561343234393364636633663935653537316565316364303163303663316261333361346363
+63323665373738626234313431303530333364643631323635373832633138623465613661343166
+65663565336139323362323264346430343030646465353661346538643837353834333231616265
+35636431343665383338633864646135323736343632383737326431306263393935633963323362
+63666431333438376565643935373965613463323831633933343131643032666135383938323364
+31326431646439636262373138303735626461323563643463656166346138356565383233393334
+39333637363861323233303430336564623437323364396365336431313965303866326336306463
+38376339346337383535653837656163656163646537303963373230613130643235623333326661
+32393462346639333338383634623564626166323664623663666230666633623761356333633837
+64343464636535313862366364376338623161643238656161323238656335626261623539303161
+62643531313535643262656631313334366638633735303234656366636336363637626536373434
+33646462306633626563326164316137366535356530626639633966653436326161633761653936
+37376162386462353163386466633638386662306364353132356433643532336564656331646236
+61373732663961616362326363653638393933353331323339653830383230316434643531373138
+31653732333037303865376335633261333135643837613638353135373832303037326434643337
+37353635316236343530326261393736613466623434643663343936646132313432343163633766
+63633065353539326264643531306637613839353262326261306132636565646330303961353834
+35303733373735646561333039636437363937326136656263306462643939623634623630356462
+31633635636531393030383036666138373032336435346166333433396262306632323934326630
+62366365303139646233626639366637616333313839383835636430636462313035623835653861
+66633232663431376231363965306364383432616262636530616431353836643237333834636233
+32363933323935353733626262626661366564646135356661656538383365646339336231633762
+65303530333131346662376165333030316263333633313063343361313731313163316632663437
+30353237633965613933666631633136646363353864376163363734306365353730346233343436
+33643738653531303333386462363936346536643438313365303466343235393662366663633261
+38373232373535336633383930343330623131656637623232336665383465303433313066363734
+34323535666530313534373262636561636265376165303465396430383138396538303561303663
+64633164333938303666616538346233623363313938383534363232356463633931636135663561
+33373132646361643664326138306336353166333734663430346137313830316538343965306433
+39613262656461613835393335393332313861383566356431396438303738663265653061323635
+33323137346436356663633234383137616130356263613164333836636565306333333065356161
+61613465313463333063343739333332626661306566313437343734313231316637323361626632
+38613832303464393164626236633233383664313133653866316436613437636237623732303830
+38383464653262666636343963366338656662633863666362646537363264383932333062623465
+33376539383265346131306262323034613864303138353231306462376530356430393064306239
+33653338386263373461353130366130646265343230313635363863623632396130666532356362
+61613561373039616561666337333463636333353866396631323262346363643330646264636637
+30623438316633623262653065386262643935373539633835393735376533626634633830633936
+37623837376165666639643239616163316536373032623330373765363130306235636466643631
+65363233393235653166326164366639373733646638313335636661666639663339386130353039
+30663533323935643864326639636431643937333938336637663336313962373262613366313135
+66373664653763333535336565623361616665636366633834366230393630303761646536376332
+35653337343532376433393961343162303239386134643632373661373762383839383738626564
+66393138373830326234663666313431633736326263386531323730366232616139653336653632
+37393737363938636239363066393335306431666364313336316461366530303234663630643461
+62393536333436633338616564386530333538393332643665646531613636646632386361396661
+65666539326165656663343364646134306262623465316632356161613262373833303835376533
+66656265316661646638303666373839323666383864323439666638653964383462626665646538
+61386131646662633461333934636662343831306430386362363462366134313938636461383761
+36373135393062356638316331383639393066626533346563623164626666333866333062646539
+35613266323863383431366332316565376263343964613335303335303533393037303566333466
+66303434393737643834386339623936356166333432366638383733326161653430353966303634
+37623932303935616135663964316261386561393665626338373337306163396339326634363338
+65303032663862303964353631363735646336613436356436396331356333336363366565363566
+32353738653863353464333262636339613930343437636166393336383135653930623632353038
+38303866313831663432383061353134303262653035326331326236326139383333616531393139
+62643563663531626131643563616264636264653434326666323633626563346237613161396633
+34666338303262326431383363636564356439343338623362346335303662383064646162643362
+33373066353039353131316162323532666434313465326665373836623033383638316365353265
+31396438306433633638626233333834376633393661643939386138616164323432656463313030
+36623665373064383537396638393438316438306332646530306334376438633963313337323966
+34643633633733383166636566316138376135656263653334616463373636616666356533616630
+30376635353161366262623932623831646633366139636664333531633439383330656235373637
+31316236306364613530316264646139633836656431363834353966653163323434323865303930
+31313333663430616162346331663761393262653038643264353636396430643539306434386639
+35653932393064393632376537383735396633316461363937306535663436663430353430376139
+62303634646332636339643034323336626364393031343365343332663039636566343962626132
+65383432316235376237613131333737653433613938363938643564633965306563666232666230
+38333838316237356334323331366131643231643063363632303066666434646164383031303736
+36396531636536613764366661613766343335313963646635363666626130313637383566643335
+33396233623532333734363963636630623466376666643162376337303232373432303630626162
+31616630636632656633303330653062383338343764646139393730333135653561
diff --git a/roles/mastodon/tasks/main.yml b/roles/mastodon/tasks/main.yml
new file mode 100644
index 0000000..6c90df0
--- /dev/null
+++ b/roles/mastodon/tasks/main.yml
@@ -0,0 +1,22 @@
+- name: Create Mastodon app directory
+  file:
+    path: /apps/mastodon
+    state: directory
+- name: Copy .env.production
+  copy:
+    src: "{{ role_path }}/files/.env.production"
+    dest: /apps/mastodon/.env.production
+- name: Copy Docker Compose script
+  template:
+    src: "{{ role_path }}/templates/docker-compose.yml.j2"
+    dest: /apps/mastodon/docker-compose.yml
+- name: Create Mastodon data directory
+  file:
+    path: /data/mastodon
+    state: directory
+    mode: 0777
+- name: Start Docker Compose
+  docker_compose:
+    project_src: /apps/mastodon
+    pull: true
+    remove_orphans: true
diff --git a/roles/mastodon/templates/docker-compose.yml.j2 b/roles/mastodon/templates/docker-compose.yml.j2
new file mode 100644
index 0000000..255c2b2
--- /dev/null
+++ b/roles/mastodon/templates/docker-compose.yml.j2
@@ -0,0 +1,89 @@
+version: '3'
+services:
+  db:
+    restart: always
+    image: postgres:14-alpine
+    shm_size: 256mb
+    networks:
+      - internal_network
+    healthcheck:
+      test: ['CMD', 'pg_isready', '-U', 'postgres']
+    volumes:
+      - /data/mastodon/postgres14:/var/lib/postgresql/data
+    environment:
+      - 'POSTGRES_HOST_AUTH_METHOD=trust'
+      - 'POSTGRES_PASSWORD={{ mastodon_postgres_password }}'
+      - 'POSTGRES_DB=mastodon_production'
+      - 'POSTGRES_USER=mastodon'
+
+  redis:
+    restart: always
+    image: redis:7-alpine
+    networks:
+      - internal_network
+    healthcheck:
+      test: ['CMD', 'redis-cli', 'ping']
+    volumes:
+      - /data/mastodon/redis:/data
+    environment:
+      - 'REDIS_PASSWORD={{ mastodon_redis_password }}'
+
+  web:
+    image: tootsuite/mastodon:v3.5.3
+    restart: always
+    env_file: .env.production
+    command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
+    networks:
+      - external_network
+      - internal_network
+    healthcheck:
+      # prettier-ignore
+      test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1']
+    ports:
+      - '0.0.0.0:3000:3000'
+      - '[::]:3000:3000'
+    depends_on:
+      - db
+      - redis
+      # - es
+    volumes:
+      - /data/mastodon/public/system:/mastodon/public/system
+
+  streaming:
+    image: tootsuite/mastodon:v3.5.3
+    restart: always
+    env_file: .env.production
+    command: node ./streaming
+    networks:
+      - external_network
+      - internal_network
+    healthcheck:
+      # prettier-ignore
+      test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1']
+    ports:
+      - '0.0.0.0:4000:4000'
+      - '[::]:4000:4000'
+    depends_on:
+      - db
+      - redis
+
+  sidekiq:
+    image: tootsuite/mastodon:v3.5.3
+    restart: always
+    env_file: .env.production
+    command: bundle exec sidekiq
+    depends_on:
+      - db
+      - redis
+    networks:
+      - external_network
+      - internal_network
+    volumes:
+      - /data/mastodon/public/system:/mastodon/public/system
+    healthcheck:
+      test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"]
+
+networks:
+  external_network:
+  internal_network:
+    internal: true
diff --git a/roles/mastodon/vars/main.yml b/roles/mastodon/vars/main.yml
new file mode 100644
index 0000000..505d001
--- /dev/null
+++ b/roles/mastodon/vars/main.yml
@@ -0,0 +1,16 @@
+mastodon_postgres_password: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          34643131323762373635383736636432643161646130373565333432323337646435656233383131
+          3066353734373938353162656335666536323265643162620a663562303636383737393061396331
+          30353538326333393031373736363933666636383866373763303237376561333061323131303062
+          3532316632613062310a343566393237363364613931353062636537663864383839623930383836
+          32613634616335616462336261303632646266326663383166366236643438616538626263343835
+          6539616439636364626466333163316164633631616132623665
+mastodon_redis_password: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          35643365666261333939303162366366393933613034306438323031393763343065613034366331
+          3537383364313562623234363465363937613736616536360a323664306562653337616534313737
+          62343433333033376363386333663632663965373963386432316136376563383763623631326133
+          3430346364303334380a613932336534346437346539623864306233626265336663343565303866
+          33393665633236653536383636616537396432366532366438316135303437313736336536336264
+          3366643332306236376466386630666230366235333662663161
diff --git a/roles/syncthing/tasks/main.yml b/roles/syncthing/tasks/main.yml
index a371b19..15069c7 100644
--- a/roles/syncthing/tasks/main.yml
+++ b/roles/syncthing/tasks/main.yml
@@ -23,7 +23,7 @@
     path: /data/syncthing
     state: directory
     mode: 0777
-- name: Copy docker compose script
+- name: Copy Docker Compose script
   copy:
     src: "{{ role_path }}/files/docker-compose.yml"
     dest: /apps/syncthing/docker-compose.yml