diff --git a/defaults/main.yml b/defaults/main.yml
index a4f4b1d6c43fb888025eda31cf5b179598dcc818..26d690939613ebc078b868996bdda715990bb4ee 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,10 +1,19 @@
 ---
 # defaults file for funkwhale
 funkwhale_install_path: /srv/funkwhale
-funkwhale_data_path: /srv/funkwhale/data
+funkwhale_media_path: /srv/funkwhale/data/media
+funkwhale_static_path: /srv/funkwhale/data/static
+funkwhale_music_path: /srv/funkwhale/data/music
+funkwhale_config_path: /srv/funkwhale/config
+funkwhale_frontend_path: /srv/funkwhale/frontend/dist
 funkwhale_username: funkwhale
 funkwhale_database_managed: true
 funkwhale_database_name: funkwhale
 funkwhale_database_user: funkwhale
 funkwhale_nginx_managed: true
+funkwhale_nginx_max_body_size: 100M
 funkwhale_redis_managed: true
+funkwhale_api_ip: 127.0.0.1
+funkwhale_api_port: 5000
+funkwhale_settings_module: config.settings.production
+funkwhale_env_vars: []
diff --git a/molecule/default/playbook.yml b/molecule/default/playbook.yml
index 9d960513b0ecf76251e5e8012fe297daaccda87f..09a690e664f3e5098f0e054a18738e9214337e83 100644
--- a/molecule/default/playbook.yml
+++ b/molecule/default/playbook.yml
@@ -5,3 +5,11 @@
     # our directory name is not "funkwhale" so molecule can't find the role
     # https://github.com/ansible/molecule/issues/1567#issuecomment-436876722
     - role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+      vars:
+        funkwhale_hostname: yourdomain.funkwhale
+        funkwhale_protocol: https
+        funkwhale_env_vars:
+          - EMAIL_CONFIG=smtp+tls://user@:password@youremail.host:587
+          - DEFAULT_FROM_EMAIL=noreply@yourdomain
+          - ADDITIONAL_VAR=1
+          - ADDITIONAL_VAR=2
diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py
index 025ae96e27bf939d3433d29852427d430996a94c..f918a94318da0a5022ef44fbb014cb1951646407 100644
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@@ -8,38 +8,6 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 ).get_hosts("all")
 
 
-def test_hosts_file(host):
-    f = host.file("/etc/hosts")
-
-    assert f.exists
-    assert f.user == "root"
-    assert f.group == "root"
-
-
-@pytest.mark.parametrize(
-    "package",
-    [
-        "python3",
-        "python3-dev",
-        "python3-pip",
-        "python3-venv",
-        "libldap2-dev",
-        "libsasl2-dev",
-        "git",
-        "unzip",
-        "build-essential",
-        "ffmpeg",
-        "libjpeg-dev",
-        "libmagic-dev",
-        "libpq-dev",
-        "postgresql-client",
-    ],
-)
-def test_installed_mandatory_packages(host, package):
-    package = host.package(package)
-    assert package.is_installed
-
-
 @pytest.mark.parametrize("service", ["redis-server", "postgresql", "nginx"])
 def test_installed_services(host, service):
     service = host.service(service)
@@ -62,3 +30,57 @@ def test_database_user_created(host):
     """
     result = host.run(cmd)
     assert result.stdout == "1"
+
+
+def test_funkwhale_user_creation(host):
+    user = host.user("funkwhale")
+    assert user.home == "/srv/funkwhale"
+    assert user.shell == "/bin/false"
+
+
+@pytest.mark.parametrize(
+    "path",
+    [
+        "/srv/funkwhale/",
+        "/srv/funkwhale/data/media",
+        "/srv/funkwhale/data/static",
+        "/srv/funkwhale/data/music",
+    ],
+)
+def test_funkwhale_directories_creation(path, host):
+    dir = host.file(path)
+
+    assert dir.exists is True
+    assert dir.is_directory is True
+
+
+def test_funkwhale_env_file(host):
+    f = host.file("/srv/funkwhale/config/.env")
+
+    assert f.contains("MEDIA_ROOT=/srv/funkwhale/data/media") is True
+    assert f.contains("STATIC_ROOT=/srv/funkwhale/data/static") is True
+    assert f.contains("MUSIC_DIRECTORY_PATH=/srv/funkwhale/data/music") is True
+    assert f.contains("MUSIC_DIRECTORY_SERVE_PATH=/srv/funkwhale/data/music") is True
+    assert f.contains("FUNKWHALE_HOSTNAME=yourdomain.funkwhale") is True
+    assert f.contains("FUNKWHALE_PROTOCOL=https") is True
+    assert f.contains("DJANGO_SECRET_KEY=") is True
+    assert f.contains("FUNKWHALE_API_IP=127.0.0.1") is True
+    assert f.contains("FUNKWHALE_API_PORT=5000") is True
+    assert f.contains("REVERSE_PROXY_TYPE=nginx") is True
+    assert f.contains("DATABASE_URL=postgresql://funkwhale@:5432/funkwhale") is True
+    assert f.contains("CACHE_URL=redis://127.0.0.1:6379/0") is True
+    assert (
+        f.contains("EMAIL_CONFIG=smtp+tls://user@:password@youremail.host:587") is True
+    )
+    assert f.contains("DEFAULT_FROM_EMAIL=noreply@yourdomain") is True
+    assert f.contains("FUNKWHALE_FRONTEND_PATH=/srv/funkwhale/frontend/dist") is True
+    assert (
+        f.contains("FUNKWHALE_SPA_HTML_ROOT=/srv/funkwhale/frontend/dist/index.html")
+        is True
+    )
+    assert f.contains("NGINX_MAX_BODY_SIZE=100M") is True
+    assert f.contains("DJANGO_SETTINGS_MODULE=config.settings.production") is True
+
+    # additional vars
+    assert f.contains("ADDITIONAL_VAR=1") is True
+    assert f.contains("ADDITIONAL_VAR=2") is True
diff --git a/tasks/funkwhale.yml b/tasks/funkwhale.yml
new file mode 100644
index 0000000000000000000000000000000000000000..8cd5dc19f88df317095f186596f963b965594ae3
--- /dev/null
+++ b/tasks/funkwhale.yml
@@ -0,0 +1,32 @@
+---
+
+
+
+- name: "Create funkwhale user"
+  user:
+    name: "{{ funkwhale_username }}"
+    shell: /bin/false
+    home: "{{ funkwhale_install_path }}"
+
+- name: "Create funkwhale directories"
+  become: true
+  file:
+    path: "{{ item }}"
+    owner: "{{ funkwhale_username }}"
+    state: directory
+    recurse: true
+  with_items:
+    - "{{ funkwhale_install_path }}"
+    - "{{ funkwhale_media_path }}"
+    - "{{ funkwhale_static_path }}"
+    - "{{ funkwhale_music_path }}"
+    - "{{ funkwhale_config_path }}"
+
+- name: "Create funkwhale configuration file"
+  become: true
+  template:
+    src: env.j2
+    dest: "{{ funkwhale_config_path }}/.env"
+    owner: "{{ funkwhale_username }}"
+  vars:
+    secret_key: secret_key
diff --git a/tasks/main.yml b/tasks/main.yml
index 4fe6c253c614fc07076afe3813414905f62d3c21..f22e3acfdf026f4975466fc166ba2dc50df76ad4 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,5 +1,6 @@
 ---
-- include: packages.yml
-- include: db.yml
-- include: redis.yml
+# - include: packages.yml
+# - include: db.yml
+# - include: redis.yml
+- include: funkwhale.yml
 - include: nginx.yml
diff --git a/templates/env.j2 b/templates/env.j2
new file mode 100644
index 0000000000000000000000000000000000000000..848ccfbc470eb9267c22ed0cc5fa4ac13f5000ef
--- /dev/null
+++ b/templates/env.j2
@@ -0,0 +1,36 @@
+{{ ansible_managed }}
+
+
+FUNKWHALE_HOSTNAME={{ funkwhale_hostname }}
+FUNKWHALE_PROTOCOL={{ funkwhale_protocol }}
+DJANGO_SECRET_KEY={{ secret_key }}
+
+FUNKWHALE_API_IP={{ funkwhale_api_ip }}
+FUNKWHALE_API_PORT={{ funkwhale_api_port }}
+REVERSE_PROXY_TYPE=nginx
+
+{% if funkwhale_database_managed %}
+DATABASE_URL=postgresql://{{ funkwhale_database_user }}@:5432/{{ funkwhale_database_name }}
+{% else %}
+DATABASE_URL={{ funkwhale_database_url }}
+{% endif %}
+{% if funkwhale_redis_managed %}
+CACHE_URL=redis://127.0.0.1:6379/0
+{% else %}
+CACHE_URL={{ funkwhale_redis_url }}
+{% endif %}
+
+MEDIA_ROOT={{ funkwhale_media_path }}
+STATIC_ROOT={{ funkwhale_static_path }}
+MUSIC_DIRECTORY_PATH={{ funkwhale_music_path }}
+MUSIC_DIRECTORY_SERVE_PATH={{ funkwhale_music_path }}
+FUNKWHALE_FRONTEND_PATH={{ funkwhale_frontend_path }}
+FUNKWHALE_SPA_HTML_ROOT={{ funkwhale_frontend_path }}/index.html
+{% if funkwhale_nginx_managed %}
+NGINX_MAX_BODY_SIZE={{ funkwhale_nginx_max_body_size }}
+{% endif %}
+DJANGO_SETTINGS_MODULE={{ funkwhale_settings_module }}
+
+{% for v in funkwhale_env_vars %}
+{{ v }}
+{% endfor %}