diff --git a/ansible/inventory/host_vars/manager.yml b/ansible/inventory/host_vars/manager.yml
index 1d3628d..5edb04a 100644
--- a/ansible/inventory/host_vars/manager.yml
+++ b/ansible/inventory/host_vars/manager.yml
@@ -22,3 +22,4 @@ docker_node_labels:
       seafile: "true"
       freshrss: "true"
       pihole: "true"
+      discourse: "true"
diff --git a/ansible/playbooks/stacks.yml b/ansible/playbooks/stacks.yml
index c77bcad..dad95ac 100644
--- a/ansible/playbooks/stacks.yml
+++ b/ansible/playbooks/stacks.yml
@@ -17,3 +17,4 @@
     - {role: shephard, tags: shephard}
     - {role: jitsi, tags: jitsi}
     - {role: pihole, tags: pihole}
+    - {role: discourse, tags: discourse}
diff --git a/ansible/roles/discourse/docker-stack.yml.j2 b/ansible/roles/discourse/docker-stack.yml.j2
new file mode 100644
index 0000000..4736a50
--- /dev/null
+++ b/ansible/roles/discourse/docker-stack.yml.j2
@@ -0,0 +1,106 @@
+# vi: ft=yaml
+version: '3'
+
+networks:
+  traefik:
+    external: true
+  discourse:
+
+services:
+  discourse-app:
+    image: tiredofit/discourse:latest
+    deploy:
+      placement:
+        constraints:
+          - "node.labels.discourse == true"
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.discourse.entrypoints=localsecure
+        - traefik.http.routers.discourse.rule=Host(`tuindersweijde.geokunis2.nl`)
+        - traefik.http.services.discourse.loadbalancer.server.port=3000
+        - traefik.http.routers.discourse.tls=true
+        - traefik.http.routers.discourse.tls.certresolver=letsencrypt
+    volumes:
+      - type: bind
+        source: /mnt/data/discourse/logs
+        target: /data/logs
+      - type: bind
+        source: /mnt/data/discourse/uploads
+        target: /data/uploads
+      - type: bind
+        source: /mnt/data/discourse/backups
+        target: /data/backups
+    environment:
+      - TIMEZONE=Europe/Amsterdam
+      - CONTAINER_NAME=discourse-app
+
+      - DB_HOST=discourse-db
+      - DB_NAME=discourse
+      - DB_USER=discourse
+      - DB_PASS={{ database_password }}
+
+      - REDIS_HOST=discourse-redis
+      - SITE_HOSTNAME=discourse.pim.kunis.nl
+
+      - SMTP_PORT=25
+      - SMTP_HOST=smtp.tweak.nl
+
+      - DEVELOPER_EMAILS=niels@kunis.nl
+    networks:
+      - traefik
+      - discourse
+
+  discourse-db:
+    image: tiredofit/postgres:15-latest
+    deploy:
+      placement:
+        constraints:
+          - "node.labels.discourse == true"
+    volumes:
+      - type: bind
+        source: /mnt/data/discourse/database
+        target: /var/lib/postgresql/data
+    environment:
+      - TIMEZONE=Europe/Amsterdam
+      - CONTAINER_NAME=discourse-db
+
+      - POSTGRES_DB=discourse
+      - POSTGRES_USER=discourse
+      - POSTGRES_PASSWORD={{ database_password }}
+      - SUPERUSER_PASS={{ database_password }}
+    networks:
+      - discourse
+
+  discourse-redis:
+    image: tiredofit/redis:7
+    deploy:
+      placement:
+        constraints:
+          - "node.labels.discourse == true"
+    volumes:
+      - type: bind
+        source: /mnt/data/discourse/redis
+        target: /var/lib/redis
+    environment:
+      - TIMEZONE=Europe/Amsterdam
+      - CONTAINER_NAME=discourse-redis
+    networks:
+      - discourse
+
+  # discourse-db-backup:
+  #   image: tiredofit/db-backup
+  #   volumes:
+  #     - ./dbbackup:/backup
+  #   environment:
+  #     - TIMEZONE=America/Vancouver
+  #     - CONTAINER_NAME=discourse-db-backup
+  #     - DB_HOST=discourse-db
+  #     - DB_TYPE=postgres
+  #     - DB_NAME=discourse
+  #     - DB_USER=discourse
+  #     - DB_PASS=password
+  #     - DB_DUMP_FREQ=1440
+  #     - DB_DUMP_BEGIN=0000
+  #     - DB_CLEANUP_TIME=8640
+  #   networks:
+  #     - discourse
\ No newline at end of file
diff --git a/ansible/roles/discourse/tasks/main.yml b/ansible/roles/discourse/tasks/main.yml
new file mode 100644
index 0000000..c7c9a16
--- /dev/null
+++ b/ansible/roles/discourse/tasks/main.yml
@@ -0,0 +1,5 @@
+- name: Deploy Docker stack
+  docker_stack:
+    name: discourse
+    compose:
+      - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
diff --git a/ansible/roles/discourse/vars/main.yml b/ansible/roles/discourse/vars/main.yml
new file mode 100644
index 0000000..05d4fef
--- /dev/null
+++ b/ansible/roles/discourse/vars/main.yml
@@ -0,0 +1,7 @@
+database_password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  32323538323136633363393961343364363933396431376437633361333232383938336531396537
+  3730306164303364363739376633633431383534646135380a326663396338396461623037613637
+  37666630333433393764373864346262383536656664343631386234386438333263626166363633
+  3735633562323361330a353735366562663631363634343438326562646533663839383932343263
+  38366538336466373733313130616330326238653966623037343336326132356565
diff --git a/terraform/main.tf b/terraform/main.tf
index 73028ad..16addd2 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -70,6 +70,7 @@ module "swarmpriv2" {
   name        = "swarmpriv2"
   domain_name = "tf-swarmpriv2"
   memory      = 1024 * 3
+  disk_size   = 25
   hypervisor_host = "jefke.hyp"
   providers = {
     libvirt = libvirt.jefke