diff --git a/README.md b/README.md
index 3c7b3d7..f00deb5 100644
--- a/README.md
+++ b/README.md
@@ -43,3 +43,4 @@
 - [nitro-node-setup](./nitro-nodes-setup/README.md)
 - [nitro-bridge-setup](./nitro-bridge-setup/README.md)
 - [nitro-contracts-setup](./nitro-contracts-setup/README.md)
+- [service-provider-setup](./service-provider-setup/README.md)
diff --git a/service-provider-setup/README.md b/service-provider-setup/README.md
index 4cec153..da7ec96 100644
--- a/service-provider-setup/README.md
+++ b/service-provider-setup/README.md
@@ -1,5 +1,9 @@
 # service-provider-setup
 
+## Setup Ansible
+
+To get started, follow the [installation](../README.md#installation) guide to setup ansible on your machine
+
 ## Configure DNS
 
 ### Prerequisites
diff --git a/service-provider-setup/setup-dns.yml b/service-provider-setup/setup-dns.yml
index a8c5248..3317745 100644
--- a/service-provider-setup/setup-dns.yml
+++ b/service-provider-setup/setup-dns.yml
@@ -1,6 +1,6 @@
 - name: Configure DNS records
   hosts: localhost
-  gather_facts: no
+
   vars_files:
     - dns-vars.yml
 
diff --git a/service-provider-setup/setup-user.yml b/service-provider-setup/setup-user.yml
new file mode 100644
index 0000000..415966e
--- /dev/null
+++ b/service-provider-setup/setup-user.yml
@@ -0,0 +1,100 @@
+- name: Configure system
+  hosts: deployment_host
+  become: yes
+
+  tasks:
+    - name: Set unique hostname
+      hostname:
+        name: "{{ inventory_hostname }}"
+      when: ansible_hostname != inventory_hostname
+
+    - name: Install additional packages
+      apt:
+        name:
+          - doas
+          - zsh
+          - tmux
+          - git
+          - jq
+          - acl
+          - curl
+          - wget
+          - netcat-traditional
+          - fping
+          - rsync
+          - htop
+          - iotop
+          - iftop
+          - tar
+          - less
+          - firewalld
+          - sshguard
+          - wireguard
+          - iproute2
+          - iperf3
+          - zfsutils-linux
+          - net-tools
+          - ca-certificates
+          - gnupg
+          - sshpass
+        state: latest
+        update_cache: true
+
+    - name: Verify status of firewalld and enable sshguard
+      systemd:
+        name: "{{ item }}"
+        enabled: yes
+        state: started
+      loop:
+        - firewalld
+        - sshguard
+
+    - name: Disable and remove snapd
+      block:
+        - name: Disable snapd services
+          systemd:
+            name: "{{ item }}"
+            enabled: no
+            state: stopped
+          loop:
+            - snapd.service
+            - snapd.socket
+            - snapd.seeded
+            - snapd.snap-repair.timer
+
+        - name: Purge snapd
+          apt:
+            name: snapd
+            state: absent
+
+        - name: Remove snap directories
+          file:
+            path: "{{ item }}"
+            state: absent
+          loop:
+            - "{{ ansible_env.HOME }}/snap"
+            - /snap
+            - /var/snap
+            - /var/lib/snapd
+          become: yes
+
+    - name: Create a user named 'so'
+      user:
+        name: so
+        password: "{{ 'so-service-provider' | password_hash('sha512') }}"
+        shell: /bin/bash
+        state: present
+
+    - name: Add 'so' user to sudoers group
+      user:
+        name: so
+        groups: sudo
+        append: yes
+
+    - name: Ensure .ssh directory exists for 'so' user
+      file:
+        path: /home/so/.ssh
+        state: directory
+        owner: so
+        group: so
+        mode: '0700'