diff --git a/.gitignore b/.gitignore
index f777364050f38eddf7f7867a0326b5dd3199074c..247edda4ab41b5110b3af96f7d2ecd4660970a0c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -27,5 +27,8 @@ tangostationcontrol/docs/build
 **/pending_log_messages.db
 **/.eggs
 
+deploy/*.retry
+deploy/hosts
+
 docker-compose/alerta-web/alerta-secrets.json
 docker-compose/tmp
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index d6f41a10fbc5cce06611f64a5e1e13e49c901fd5..15263eb7d76f9153f2cf0a286e295cd6fe36ba30 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -668,14 +668,28 @@ stages:
   rules:
 #    - if: ($CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH) && $CI_COMMIT_TAG
   - if: $CI_COMMIT_TAG
+  before_script:
+    # Use Gitlab protected variable to provide key
+    - echo "$DEPLOY_KEY" > id_rsa
+    - chmod 400 id_rsa
+    - ssh-keygen -y -f id_rsa > id_rsa.pub
+    # Add ssh key to agent
+    - eval $(ssh-agent)
+    - ssh-add id_rsa
+    # Prevent error of ansible being run in world writeable directory
+    - chmod o-w .
   script:
-    - echo "start"
-    - echo "ssh $DEPLOY_USER @ $DEPLOY_HOST"
+    - echo "Deploying version $CI_COMMIT_TAG"
+    - cd deploy || exit 1
+    - echo "[all]" > hosts
+    - echo "stat ansible_host=$DEPLOY_HOST ansible_user=$DEPLOY_USER" >> hosts
+    - ansible-playbook deploy.yml --extra-vars station_version=$CI_COMMIT_TAG
 .deploy_l2ts_base:
   extends: .base_deploy
   variables:
     DEPLOY_USER: $L2TS_USERNAME
     DEPLOY_HOST: $L2TS_HOSTNAME
+    DEPLOY_KEY: $L2TS_DEPLOY_KEY
 deploy_l2ts_stop:
   extends: .deploy_l2ts_base
   environment:
diff --git a/deploy/ansible.cfg b/deploy/ansible.cfg
new file mode 100644
index 0000000000000000000000000000000000000000..8da5e9439f11320c5e90d51bbe6ad7d7f8d9798c
--- /dev/null
+++ b/deploy/ansible.cfg
@@ -0,0 +1,3 @@
+[defaults]
+host_key_checking = False
+inventory = hosts
diff --git a/deploy/deploy.yml b/deploy/deploy.yml
new file mode 100644
index 0000000000000000000000000000000000000000..e89ae6cf657f1a2f257891cdf17ba5f551803077
--- /dev/null
+++ b/deploy/deploy.yml
@@ -0,0 +1,47 @@
+---
+- name: StationControl Early Deployment
+  hosts: all
+  tasks:
+     - name: Register git installation status
+       command: which git
+       changed_when: false
+       failed_when: git_installed.rc not in [0,1]
+       register: git_installed
+     - name: Register tango directory status
+       shell: cd ~/tango
+       args:
+         chdir: ~
+       changed_when: false
+       failed_when: tango_directory.rc not in [0,1]
+       register: tango_directory
+     - name: Register pending changes
+       changed_when: false
+       failed_when: pending_changes.rc not in [0,1]
+       shell: |
+         git status | grep Changes
+         ret=$?
+         echo $ret
+         if [ $ret -eq 0 ]; then
+           exit 1
+         fi
+         exit 0
+       args:
+         chdir: ~/tango
+       register: pending_changes
+     - name: Check git installation status
+       fail:
+         msg: "Git does not appear to be installed!"
+       when: git_installed.rc not in [0]
+     - name: Check tango directory status
+       fail:
+         msg: "Tango directory appears to be missing!"
+       when: tango_directory.rc not in [0]
+     - name: Check pending changes
+       fail:
+         msg: "Deployment repository seems to have pending changes!"
+       when: pending_changes not in [0]
+     - name: Update sources
+       changed_when: false
+       shell: "git checkout v{{ station_version }}"
+       args:
+         chdir: ~/tango
\ No newline at end of file