diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..607e7e1
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,8 @@
+# Set update schedule for GitHub Actions
+---
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..bcdcdc1
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,67 @@
+---
+name: CI
+"on":
+  pull_request:
+  push:
+    branches:
+      - main
+    tags:
+      - "v*"
+
+defaults:
+  run:
+    working-directory: ngine_io.syncthing
+
+jobs:
+  lint:
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out the codebase.
+        uses: actions/checkout@v4
+        with:
+          path: ngine_io.syncthing
+
+      - name: Set up Python 3.
+        uses: actions/setup-python@v5
+        with:
+          python-version: 3.x
+
+      - name: Install test dependencies.
+        run: pip3 install ansible ansible-lint
+
+      - name: Lint code.
+        run: |
+          ansible-lint .
+
+  molecule:
+    name: Molecule
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - distro: debian12
+            playbook: converge.yml
+    steps:
+      - name: Check out the codebase.
+        uses: actions/checkout@v4
+        with:
+          path: ngine_io.syncthing
+
+      - name: Set up Python 3.
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.x"
+
+      - name: Install test dependencies.
+        run: |
+          python3 -m pip install ansible molecule molecule-docker docker
+          python3 -m pip install -r requirements.txt
+
+      - name: Run Molecule tests.
+        run: molecule test
+        env:
+          PY_COLORS: "1"
+          ANSIBLE_FORCE_COLOR: "1"
+          MOLECULE_DISTRO: ${{ matrix.distro }}
+          MOLECULE_PLAYBOOK: ${{ matrix.playbook }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..692aa86
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,40 @@
+---
+# This workflow requires a GALAXY_API_KEY secret present in the GitHub
+# repository or organization.
+
+name: Release
+"on":
+  release:
+    types: [created]
+
+defaults:
+  run:
+    working-directory: ngine_io.syncthing
+
+jobs:
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out the codebase.
+        uses: actions/checkout@v4
+        with:
+          path: ngine_io.syncthing
+
+      - name: Set up Python 3.
+        uses: actions/setup-python@v5
+        with:
+          python-version: 3.x
+
+      - name: Install Ansible.
+        run: pip3 install ansible-core
+
+      - name: Trigger a new import on Galaxy.
+        env:
+          ANSIBLE_GALAXY_API_KEY: ${{ secrets.ANSIBLE_GALAXY_API_KEY }}
+        run: >-
+          ansible-galaxy role import
+          --token "$ANSIBLE_GALAXY_API_KEY"
+          --role-name syncthing
+          $(echo ${{ github.repository }} | cut -d/ -f1)
+          $(echo ${{ github.repository }} | cut -d/ -f2)
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..38f8e88
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+dev
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..ca9e2dd
--- /dev/null
+++ b/README.md
@@ -0,0 +1,34 @@
+[![CI](https://github.com/ngine-io/ansible-role-syncthing/actions/workflows/ci.yml/badge.svg)](https://github.com/ngine-io/ansible-role-syncthing/actions/workflows/ci.yml)
+
+# Ansible Role: syncthing
+
+Installs [syncthing](https://syncthing.net) on Debian Linux.
+
+## Requirements
+
+See `requirements.txt`.
+
+## Installation
+
+Via `requirements.yml`:
+
+```yaml
+---
+# file: requirements.yml
+roles:
+  - name: ngine_io.syncthing
+    version: v0.1.0
+```
+
+To install:
+
+```
+ansible-galaxy install -r requirements.yml
+```
+## License
+
+MIT / Apache2
+
+## Author Information
+
+This role was created in 2024 by [René Moser](https://renemoser.net).
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..dfd2533
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,10 @@
+---
+syncthing__apt_key_url: https://syncthing.net/release-key.txt
+syncthing__apt_repository_host: apt.syncthing.net
+syncthing__apt_repository_url: https://{{ syncthing__apt_repository_host }}
+syncthing__version: ""
+syncthing__package: syncthing
+syncthing__home_path: /usr/local/share/syncthing
+syncthing__user: nobody
+syncthing__group: nogroup
+syncthing__wait_for_port: 22000
diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100644
index 0000000..8e8b805
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: Restart syncthing
+  ansible.builtin.systemd:
+    name: syncthing
+    state: restarted
diff --git a/meta/main.yml b/meta/main.yml
new file mode 100644
index 0000000..1131d5a
--- /dev/null
+++ b/meta/main.yml
@@ -0,0 +1,17 @@
+---
+galaxy_info:
+  role_name: syncthing
+  namespace: ngine_io
+  author: René Moser
+  company: renemoser.net / ngine.io
+  description: Manage Syncthing Open Source Continuous File Synchronization
+  license: "license (Apache2, MIT)"
+  min_ansible_version: "2.17"
+  platforms:
+    - name: Debian
+      versions:
+        # 12
+        - bookworm
+  galaxy_tags:
+    - filesync
+    - syncthing
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
new file mode 100644
index 0000000..ae6095b
--- /dev/null
+++ b/molecule/default/converge.yml
@@ -0,0 +1,13 @@
+---
+- name: Converge
+  hosts: all
+  become: true
+  pre_tasks:
+    - name: Update apt cache
+      ansible.builtin.apt:
+        update_cache: true
+        cache_valid_time: 600
+      when: ansible_os_family == "Debian"
+      changed_when: false
+  roles:
+    - role: ngine_io.syncthing
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
new file mode 100644
index 0000000..14d97d1
--- /dev/null
+++ b/molecule/default/molecule.yml
@@ -0,0 +1,18 @@
+---
+dependency:
+  name: galaxy
+driver:
+  name: docker
+platforms:
+  - name: instance
+    image: "geerlingguy/docker-${MOLECULE_DISTRO:-debian12}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:rw
+    cgroupns_mode: host
+    privileged: true
+    pre_build_image: true
+provisioner:
+  name: ansible
+  playbooks:
+    converge: ${MOLECULE_PLAYBOOK:-converge.yml}
diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..e69de29
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..ca718b7
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,67 @@
+---
+- name: Install HTTPS transport for apt
+  ansible.builtin.apt:
+    name:
+      - apt-transport-https
+      - ca-certificates
+  when: syncthing__apt_repository_url.startswith('https')
+  register: result
+  until: result is succeeded
+  retries: 5
+  delay: 2
+
+- name: Import syncthing GPG key to apt
+  ansible.builtin.get_url:
+    url: "{{ syncthing__apt_key_url }}"
+    dest: /etc/apt/keyrings/syncthing.asc
+    owner: root
+    group: root
+    mode: "0644"
+  register: result
+  until: result is succeeded
+  retries: 5
+  delay: 2
+
+- name: Add syncthing repository
+  ansible.builtin.apt_repository:
+    repo: deb [signed-by=/etc/apt/keyrings/syncthing.asc] {{ syncthing__apt_repository_url }} syncthing release
+
+- name: Install syncthing
+  ansible.builtin.apt:
+    name: "{{ syncthing__package + '=' + syncthing__version if syncthing__version else syncthing__package }}"
+  register: result
+  until: result is succeeded
+  retries: 5
+  delay: 2
+
+- name: Create syncthing service unit file
+  ansible.builtin.template:
+    src: syncthing.service.j2
+    dest: /etc/systemd/system/syncthing.service
+    owner: root
+    group: root
+    mode: "0644"
+  notify: Restart syncthing
+
+- name: Create syncthing home
+  ansible.builtin.file:
+    path: "{{ syncthing__home_path }}"
+    owner: "{{ syncthing__user }}"
+    group: "{{ syncthing__group }}"
+    state: directory
+    mode: "0700"
+  notify: Restart syncthing
+
+- name: Start and enable syncthing
+  ansible.builtin.systemd:
+    name: syncthing.service
+    state: started
+    daemon_reload: true
+    enabled: true
+
+- name: Flush Handlers
+  ansible.builtin.meta: flush_handlers
+
+- name: Verify syncthing is running
+  ansible.builtin.wait_for:
+    port: "{{ syncthing__wait_for_port }}"
diff --git a/templates/syncthing.service.j2 b/templates/syncthing.service.j2
new file mode 100644
index 0000000..c86cdeb
--- /dev/null
+++ b/templates/syncthing.service.j2
@@ -0,0 +1,27 @@
+# {{ ansible_managed }}
+[Unit]
+Description=Syncthing - Open Source Continuous File Synchronization
+Documentation=man:syncthing(1)
+After=network.target
+StartLimitIntervalSec=60
+StartLimitBurst=4
+
+[Service]
+Environment=HOME={{ syncthing__home_path }}
+ExecStart=/usr/bin/syncthing serve --no-browser --no-restart --logflags=0 --home {{ syncthing__home_path }}
+User={{ syncthing__user }}
+Group={{ syncthing__group }}
+Restart=on-failure
+RestartSec=1
+SuccessExitStatus=3 4
+RestartForceExitStatus=3 4
+
+# Hardening
+ProtectSystem=off
+PrivateTmp=true
+SystemCallArchitectures=native
+MemoryDenyWriteExecute=true
+NoNewPrivileges=true
+
+[Install]
+WantedBy=multi-user.target