diff --git a/ansible/main.yml b/ansible/main.yml
index 3c711b5..436b29c 100644
--- a/ansible/main.yml
+++ b/ansible/main.yml
@@ -102,6 +102,7 @@
     - plausible
     - pages
     - restic
+    - commento
 
 - hosts: jellyfin
   roles:
diff --git a/ansible/roles/commento/files/docker-compose.yml b/ansible/roles/commento/files/docker-compose.yml
new file mode 100644
index 0000000..1a3975b
--- /dev/null
+++ b/ansible/roles/commento/files/docker-compose.yml
@@ -0,0 +1,41 @@
+version: "2.3"
+
+services:
+  commento:
+    image: ghcr.io/souramoo/commentoplusplus:latest
+    restart: unless-stopped
+    depends_on:
+      - db
+    networks:
+      - default
+      - traefik
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.commento.rule=Host(`commento.theorangeone.net`)
+    environment:
+      - COMMENTO_POSTGRES=postgres://commento:commento@db:5432/commento?sslmode=disable
+      - COMMENTO_ORIGIN=https://commento.theorangeone.net
+      - COMMENTO_GZIP_STATIC=true
+      - COMMENTO_FORBID_NEW_OWNERS=true
+      - COMMENTO_GITHUB_KEY={{ commento_github_client_id }}
+      - COMMENTO_GITHUB_SECRET={{ commento_github_client_secret }}
+      - COMMENTO_SMTP_HOST=smtp.fastmail.com
+      - COMMENTO_SMTP_PORT=465
+      - COMMENTO_SMTP_USERNAME={{ commento_smtp_username }}
+      - COMMENTO_SMTP_PASSWORD={{ commento_smtp_password }}
+      - COMMENTO_SMTP_FROM_ADDRESS={{ commento_from_email }}
+      - COMMENTO_GITLAB_KEY={{ commento_gitlab_application_id }}
+      - COMMENTO_GITLAB_SECRET={{ commento_gitlab_application_secret }}
+
+  db:
+    image: postgres:14-alpine
+    restart: unless-stopped
+    volumes:
+      - ./postgres:/var/lib/postgresql/data
+    environment:
+      - POSTGRES_PASSWORD=commento
+      - POSTGRES_USER=commento
+
+networks:
+  traefik:
+    external: true
diff --git a/ansible/roles/commento/handlers/main.yml b/ansible/roles/commento/handlers/main.yml
new file mode 100644
index 0000000..58a1e1e
--- /dev/null
+++ b/ansible/roles/commento/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: restart commento
+  shell:
+    chdir: /opt/commento
+    cmd: "{{ docker_update_command }}"
diff --git a/ansible/roles/commento/tasks/main.yml b/ansible/roles/commento/tasks/main.yml
new file mode 100644
index 0000000..8f89a17
--- /dev/null
+++ b/ansible/roles/commento/tasks/main.yml
@@ -0,0 +1,20 @@
+- name: Include vault
+  include_vars: vault.yml
+
+- name: Create install directory
+  file:
+    path: /opt/commento
+    state: directory
+    owner: "{{ docker_user.name }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Install compose file
+  template:
+    src: files/docker-compose.yml
+    dest: /opt/commento/docker-compose.yml
+    mode: "{{ docker_compose_file_mask }}"
+    owner: "{{ docker_user.name }}"
+    validate: docker-compose -f %s config
+  notify: restart commento
+  become: true
diff --git a/ansible/roles/commento/vars/main.yml b/ansible/roles/commento/vars/main.yml
new file mode 100644
index 0000000..7c6266b
--- /dev/null
+++ b/ansible/roles/commento/vars/main.yml
@@ -0,0 +1,7 @@
+commento_github_client_id: "{{ vault_commento_github_client_id }}"
+commento_github_client_secret: "{{ vault_commento_github_client_secret }}"
+commento_smtp_username: "{{ vault_commento_smtp_username }}"
+commento_smtp_password: "{{ vault_commento_smtp_password }}"
+commento_from_email: "{{ vault_commento_from_email }}"
+commento_gitlab_application_id: "{{ vault_commento_gitlab_application_id }}"
+commento_gitlab_application_secret: "{{ vault_commento_gitlab_application_secret }}"
diff --git a/ansible/roles/commento/vars/vault.yml b/ansible/roles/commento/vars/vault.yml
new file mode 100644
index 0000000..a95aa49
--- /dev/null
+++ b/ansible/roles/commento/vars/vault.yml
@@ -0,0 +1,30 @@
+$ANSIBLE_VAULT;1.1;AES256
+32613464653730393936353335646331666561303566653539346266313037336665666635633361
+3264636138613363616236363438363331363733646530610a623037373337616330643263363834
+39303232646264383339303834316534313831323066343562303961306434633866366633376532
+3835326135383061320a373164313061626433393066613765363231623965353339633633343235
+64636164336534303938643162643165646437646461303831356237633136383434386230373237
+37666236666339313636623037323739333931343937616362323536313936376165656135653463
+30363632613662616364613731316239326436363132333338666433336531316537356633373061
+66656466316331376339323665613934666564316564353566303738336531633064333735646163
+35366133353266653030316262353733643739663135613562323462313236646431643466383063
+32326338646238636436616163346239633162663762623337626633373730666461653762653266
+31326639613334356138386565353038313864336535313462346130646566383333653839306563
+32313133326134363762363062363765623862363430613462366431353564656530633832346665
+34383465306261633662376561336165613134623034643633323938363130656333643638623236
+39353164613865303561393630326335663235656334643536313130386439323964366434656437
+35663838306534326335366338356632636162656138356230303464333133303663623066306438
+38626230643362366632303332383265343133653663396636313433303837376430376364303064
+65663064356431663839663037663336323537363234373135316531663334616135663432643739
+35623734653032336263393261623735316663353836366139616335653061313037636562666339
+39633035653336623761666563623834323034376234353164346137383163373837363335323965
+39363264396334353963303465386635613066636436656336363466393666353233343739636239
+39336239636134333137393063633462623965626365386537626366306262303938623661343435
+61306130366336336366376366633338396161333366633236646232366666343731346562313635
+33646565633862616430323239626233376532656563323836336138393139316263373539363434
+36396637623830643339393433313732376439363130656636306135306432303234616633383035
+62336563343331633036363136383664643635643131623936656663373063623865643866643238
+61646437383230653165373663663362363031643933663766393163356261646535313662316430
+31316233646233656333316239666436306334356234626233636165383237653865393432353664
+32303933306438363736346136306336366261316662323265636263656164363132313230663162
+6435
diff --git a/terraform/theorangeone.net.tf b/terraform/theorangeone.net.tf
index 6cfdaba..0dcc409 100644
--- a/terraform/theorangeone.net.tf
+++ b/terraform/theorangeone.net.tf
@@ -212,3 +212,11 @@ resource "cloudflare_record" "theorangeonenet_google_site_verification" {
   type    = "TXT"
   ttl     = 1
 }
+
+resource "cloudflare_record" "theorangeonenet_commento" {
+  zone_id = cloudflare_zone.theorangeonenet.id
+  name    = "commento"
+  value   = vultr_instance.walker.main_ip
+  type    = "A"
+  ttl     = 1
+}