diff --git a/roles/websites/nratonpass.com/files/nratonpass.com.httpd.conf b/roles/websites/nratonpass.com/files/nratonpass.com.httpd.conf
new file mode 100644
index 0000000..72fec40
--- /dev/null
+++ b/roles/websites/nratonpass.com/files/nratonpass.com.httpd.conf
@@ -0,0 +1,9 @@
+<VirtualHost _default_:80>
+ServerName nratonpass.com
+ServerAlias www.nratonpass.com
+
+DocumentRoot /srv/www/nratonpass.com/htdocs
+<Directory /srv/www/nratonpass.com/htdocs>
+	Require all granted
+</Directory>
+</VirtualHost>
diff --git a/roles/websites/nratonpass.com/handlers/main.yml b/roles/websites/nratonpass.com/handlers/main.yml
new file mode 100644
index 0000000..09fd3c8
--- /dev/null
+++ b/roles/websites/nratonpass.com/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: reload httpd
+  service:
+    name=httpd
+    state=reloaded
diff --git a/roles/websites/nratonpass.com/tasks/main.yml b/roles/websites/nratonpass.com/tasks/main.yml
new file mode 100644
index 0000000..88fa827
--- /dev/null
+++ b/roles/websites/nratonpass.com/tasks/main.yml
@@ -0,0 +1,37 @@
+- name: ensure rsync is installed
+  package:
+    name=rsync
+    state=present
+  tags:
+  - install
+
+- name: ensure app group exists
+  group:
+    name=webapp.nratonpass
+    state=present
+- name: ensure app user exists
+  user:
+    name=webapp.nratonpass
+    group=webapp.nratonpass
+    home=/srv/www/nratonpass.com
+    createhome=yes
+    state=present
+
+- name: ensure app home directory permissions are set
+  file:
+    path=/srv/www/nratonpass.com
+    mode=0755
+    state=directory
+
+- name: ensure publisher keys are trusted
+  authorized_key:
+    key: "{{ nratonpass_publisher_keys|join('\n') }}"
+    user: webapp.nratonpass
+    exclusive: true
+
+- name: ensure apache is configured to serve nratonpass.com
+  copy:
+    src=nratonpass.com.httpd.conf
+    dest=/etc/httpd/conf.d/nratonpass.com.conf
+    mode=0644
+  notify: reload httpd