diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..a956fbb
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+/ansible/inventory
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
new file mode 100644
index 0000000..0171008
--- /dev/null
+++ b/ansible/ansible.cfg
@@ -0,0 +1,4 @@
+[defaults]
+remote_user = root
+inventory = inventory
+use_persistent_connections = True
diff --git a/ansible/group_vars/all/secrets.yml b/ansible/group_vars/all/secrets.yml
new file mode 100644
index 0000000..9a8bd2f
--- /dev/null
+++ b/ansible/group_vars/all/secrets.yml
@@ -0,0 +1,9 @@
+$ANSIBLE_VAULT;1.1;AES256
+61646431343934356439373261623036346335633430666537333165633934383032626664646330
+3862383035666261643338356366313665613965343536340a396232666265356530623930366230
+65363061323964386639623538363637396666353963366231643166396163623738633766306435
+6664383430353334380a383764373662613236353836643463623236353866383334366533373261
+36363439653064333836656330306235306535366364366636353535646337346636386531323637
+61633762653032363031363264626136626337323138623132343836663836313566616136633432
+32366330633964633537363434666565306132393530333264353538326439366532656362626531
+64366635326664636135
diff --git a/ansible/group_vars/all/vars.yml b/ansible/group_vars/all/vars.yml
new file mode 100644
index 0000000..a4f0205
--- /dev/null
+++ b/ansible/group_vars/all/vars.yml
@@ -0,0 +1,5 @@
+# vim: ft=yaml.ansible
+---
+username: mpc-player
+mp_spdz_dir: /home/{{ username }}/MP-SPDZ
+ssh_key: sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIFWZGLov8wPBNxuvnaPK+8vv6wK5hHUVEFzXKsN9QeuBAAAADHNzaDpzYW1zYXB0aQ== ssh:samsapti
diff --git a/ansible/playbook.yml b/ansible/playbook.yml
new file mode 100644
index 0000000..bb220c5
--- /dev/null
+++ b/ansible/playbook.yml
@@ -0,0 +1,25 @@
+# vim: ft=yaml.ansible
+---
+- name: Set up MPC players
+  hosts: all
+  gather_facts: true
+  become: true
+  tasks:
+    - name: Create user {{ username }}
+      ansible.builtin.user:
+        name: "{{ username }}"
+        password: "{{ secrets.user_password | password_hash('sha512') }}"
+        groups:
+          - sudo
+        state: present
+
+    - name: Add public SSH key to user {{ username }}
+      ansible.posix.authorized_key:
+        user: "{{ username }}"
+        key: "{{ ssh_key }}"
+        exclusive: true
+
+    - name: Run role mp_spdz
+      ansible.builtin.import_role:
+        name: mp_spdz
+      become_user: "{{ username }}"
diff --git a/ansible/roles/mp_spdz/tasks/main.yml b/ansible/roles/mp_spdz/tasks/main.yml
new file mode 100644
index 0000000..9b8961f
--- /dev/null
+++ b/ansible/roles/mp_spdz/tasks/main.yml
@@ -0,0 +1,49 @@
+# vim: ft=yaml.ansible
+---
+- name: Install dependencies via apt
+  ansible.builtin.apt:
+    name: "{{ pkgs }}"
+    state: present
+  become_user: root
+  vars:
+    pkgs:
+      - automake
+      - build-essential
+      - clang
+      - cmake
+      - git
+      - libntl-dev
+      - libsodium-dev
+      - libssl-dev
+      - libtool
+      - m4
+      - python3
+      - texinfo
+      - yasm
+
+- name: Clone MP-SPDZ
+  ansible.builtin.git:
+    repo: https://github.com/data61/MP-SPDZ
+    dest: "{{ mp_spdz_dir }}"
+    version: v0.3.5
+    clone: true
+    update: true
+    recursive: true
+    depth: 1
+
+- name: Patch CONFIG
+  ansible.builtin.lineinfile:
+    path: "{{ mp_spdz_dir }}/CONFIG"
+    regexp: '^ARCH = -march=native$'
+    state: absent
+
+- name: Build MP-SPDZ
+  community.general.make:
+    chdir: "{{ mp_spdz_dir }}"
+    jobs: "{{ ansible_processor_nproc }}"
+    target: "{{ item }}"
+  loop:
+    - boost
+    - libote
+    - mpir
+    - all