diff --git a/inventories/thinkcccentre/host_vars/zigbee2mqtt.yml b/inventories/thinkcccentre/host_vars/zigbee2mqtt.yml
new file mode 100644
index 0000000..3a32acc
--- /dev/null
+++ b/inventories/thinkcccentre/host_vars/zigbee2mqtt.yml
@@ -0,0 +1,16 @@
+zigbee2mqtt__version: "1.28.4"
+zigbee2mqtt__network_key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          61633839396136633962393266643139333961613566396231343061383363393132393333313230
+          6461656564363565623730353138613537643266323438390a363937616136353334333732366233
+          65316234656235333931373135366665353763393439633866373336656266363761383262386534
+          6461396438316236340a323365373739633235356266653864366434386234653235333036346235
+          33633834326534313965626231336633623036613433306436613038363333306432393662653737
+          63343465333062636637313130306434623565623561303835303934306239623035323333323333
+          30303031306635313764323434333465353465366633376432326563666264386431623335613636
+          64643434666433363865
+zigbee2mqtt__config: "{{ lookup('ansible.builtin.template', 'configs/zigbee2mqtt/zigbee2mqtt/configuration.yaml.j2') }}"
+nginx__configs:
+  - name: zigbee2mqtt
+    content: "{{ lookup('ansible.builtin.file', 'configs/zigbee2mqtt/nginx/zigbee2mqtt.conf') }}"
+nginx__enable_https_redirect: true
diff --git a/inventories/thinkcccentre/hosts.yml b/inventories/thinkcccentre/hosts.yml
index 43692d2..3d257c5 100644
--- a/inventories/thinkcccentre/hosts.yml
+++ b/inventories/thinkcccentre/hosts.yml
@@ -8,3 +8,5 @@ all:
           ansible_host: automation.z9
         esphome:
           ansible_host: esphome.z9
+        zigbee2mqtt:
+          ansible_host: zigbee2mqtt.z9
diff --git a/playbooks/deploy_zigbee2mqtt.yml b/playbooks/deploy_zigbee2mqtt.yml
new file mode 100644
index 0000000..ef9464b
--- /dev/null
+++ b/playbooks/deploy_zigbee2mqtt.yml
@@ -0,0 +1,7 @@
+---
+- name: Deploy zigbee2mqtt on zigbee2mqtt.z9
+  become: true
+  hosts: zigbee2mqtt
+  roles:
+    - zigbee2mqtt
+    - nginx
diff --git a/playbooks/files/configs/zigbee2mqtt/nginx/zigbee2mqtt.conf b/playbooks/files/configs/zigbee2mqtt/nginx/zigbee2mqtt.conf
new file mode 100644
index 0000000..05a7525
--- /dev/null
+++ b/playbooks/files/configs/zigbee2mqtt/nginx/zigbee2mqtt.conf
@@ -0,0 +1,25 @@
+server {
+    listen      443 ssl http2;
+    listen      [::]:443 ssl http2;
+
+    ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
+	ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
+
+    server_name zigbee2mqtt.z9;
+
+    location / {
+        proxy_pass http://localhost:8080/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+    location /api {
+        proxy_pass         http://localhost:8080/api;
+        proxy_set_header Host $host;
+
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+    }
+}
diff --git a/playbooks/roles/nodejs/meta/argument_specs.yml b/playbooks/roles/nodejs/meta/argument_specs.yml
new file mode 100644
index 0000000..e950b49
--- /dev/null
+++ b/playbooks/roles/nodejs/meta/argument_specs.yml
@@ -0,0 +1,8 @@
+---
+argument_specs:
+  main:
+    options:
+      nodejs__major_version:
+        description: Major version of nodejs to install
+        type: int
+        required: true
diff --git a/playbooks/roles/nodejs/meta/main.yml b/playbooks/roles/nodejs/meta/main.yml
new file mode 100644
index 0000000..cf4a717
--- /dev/null
+++ b/playbooks/roles/nodejs/meta/main.yml
@@ -0,0 +1,16 @@
+---
+dependencies:
+  - role: distribution_check
+    vars:
+      distribution_check__supported_distributions:
+        - name: Debian
+          versions:
+            - "11"
+  - role: add_apt_repository
+    vars:
+      add_apt_repository__https_repo: true
+      add_apt_repository__keyring_url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
+      add_apt_repository__keyring_path: /usr/share/keyrings/nodesource.gpg
+      add_apt_repository__repo: "deb [signed-by=/usr/share/keyrings/nodesource.gpg] https://deb.nodesource.com/node_\
+        {{ nodejs__major_version }}.x {{ ansible_facts.lsb.codename }} main"
+      add_apt_repository__filename: nodesource.list
diff --git a/playbooks/roles/nodejs/tasks/main.yml b/playbooks/roles/nodejs/tasks/main.yml
new file mode 100644
index 0000000..84950f6
--- /dev/null
+++ b/playbooks/roles/nodejs/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+- name: Ensure nodejs is installed
+  ansible.builtin.apt:
+    name: nodejs
diff --git a/playbooks/roles/zigbee2mqtt/files/zigbee2mqtt.service b/playbooks/roles/zigbee2mqtt/files/zigbee2mqtt.service
new file mode 100644
index 0000000..389e7a0
--- /dev/null
+++ b/playbooks/roles/zigbee2mqtt/files/zigbee2mqtt.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=zigbee2mqtt
+After=network.target
+
+[Service]
+Environment=ZIGBEE2MQTT_DATA=/home/zigbee2mqtt/zigbee2mqtt_data
+Environment=NODE_ENV=production
+ExecStart=/usr/bin/npm start
+WorkingDirectory=/opt/zigbee2mqtt
+StandardOutput=inherit
+# Or use StandardOutput=null if you don't want Zigbee2MQTT messages filling syslog, for more options see systemd.exec(5)
+StandardError=inherit
+Restart=always
+RestartSec=10s
+User=zigbee2mqtt
+
+[Install]
+WantedBy=multi-user.target
diff --git a/playbooks/roles/zigbee2mqtt/handlers/main.yml b/playbooks/roles/zigbee2mqtt/handlers/main.yml
new file mode 100644
index 0000000..db98544
--- /dev/null
+++ b/playbooks/roles/zigbee2mqtt/handlers/main.yml
@@ -0,0 +1,9 @@
+- name: Restart zigbee2mqtt
+  ansible.builtin.systemd:
+    name: zigbee2mqtt
+    state: restarted
+- name: Reload systemd-daemon and restart zigbee2mqtt
+  ansible.builtin.systemd:
+    name: zigbee2mqtt
+    state: restarted
+    daemon_reload: true
diff --git a/playbooks/roles/zigbee2mqtt/meta/argument_specs.yml b/playbooks/roles/zigbee2mqtt/meta/argument_specs.yml
new file mode 100644
index 0000000..d0aab1f
--- /dev/null
+++ b/playbooks/roles/zigbee2mqtt/meta/argument_specs.yml
@@ -0,0 +1,12 @@
+---
+argument_specs:
+  main:
+    options:
+      zigbee2mqtt__version:
+        description: zigbee2mqtt version to install
+        type: str
+        required: true
+      zigbee2mqtt__config:
+        description: Configuration file content
+        type: str
+        required: true
diff --git a/playbooks/roles/zigbee2mqtt/meta/main.yml b/playbooks/roles/zigbee2mqtt/meta/main.yml
new file mode 100644
index 0000000..0bb7752
--- /dev/null
+++ b/playbooks/roles/zigbee2mqtt/meta/main.yml
@@ -0,0 +1,11 @@
+---
+dependencies:
+  - role: distribution_check
+    vars:
+      distribution_check__supported_distributions:
+        - name: Debian
+          versions:
+            - "11"
+  - role: nodejs
+    vars:
+      nodejs__major_version: 16
diff --git a/playbooks/roles/zigbee2mqtt/tasks/main.yml b/playbooks/roles/zigbee2mqtt/tasks/main.yml
new file mode 100644
index 0000000..619e108
--- /dev/null
+++ b/playbooks/roles/zigbee2mqtt/tasks/main.yml
@@ -0,0 +1,62 @@
+- name: Ensure acl is installed
+  ansible.builtin.apt:
+    name: acl
+- name: Ensure git is installed
+  ansible.builtin.apt:
+    name: git
+- name: Ensure zigbee2mqtt user exists
+  ansible.builtin.user:
+    name: zigbee2mqtt
+    groups:
+      - zigbee2mqtt
+      - dialout
+    group: zigbee2mqtt
+- name: Ensure installation dirrectory exists
+  ansible.builtin.file:
+    dest: /opt/zigbee2mqtt
+    state: directory
+    mode: 0755
+    owner: zigbee2mqtt
+    group: zigbee2mqtt
+- name: Ensure zigbee2mqtt repository is cloned
+  become_user: zigbee2mqtt
+  ansible.builtin.git:
+    repo: https://github.com/Koenkk/zigbee2mqtt.git
+    depth: 1
+    dest: /opt/zigbee2mqtt
+    version: "{{ zigbee2mqtt__version }}"
+  notify: Restart zigbee2mqtt
+- name: Ensure npm dependencies are installed
+  become_user: zigbee2mqtt
+  community.general.npm:
+    path: /opt/zigbee2mqtt
+    ci: true
+  changed_when: false # installs packages according to package-lock.json, but always reports a change
+- name: Ensure custom zigbee2mqtt data directory exists
+  ansible.builtin.file:
+    dest: /home/zigbee2mqtt/zigbee2mqtt_data
+    state: directory
+    mode: 0755
+    owner: zigbee2mqtt
+    group: zigbee2mqtt
+- name: Ensure configuration file is deployed
+  ansible.builtin.copy:
+    content: "{{ zigbee2mqtt__config }}"
+    dest: /home/zigbee2mqtt/zigbee2mqtt_data/configuration.yaml
+    mode: 0640
+    owner: zigbee2mqtt
+    group: zigbee2mqtt
+  notify: Restart zigbee2mqtt
+- name: Ensure zigbee2mqtt service file is deployed
+  ansible.builtin.copy:
+    src: zigbee2mqtt.service
+    dest: /etc/systemd/system/zigbee2mqtt.service
+    mode: 0644
+    owner: root
+    group: root
+  notify: Reload systemd-daemon and restart zigbee2mqtt
+- name: Ensure zigbee2mqtt is enabled and started
+  ansible.builtin.systemd:
+    service: zigbee2mqtt
+    enabled: true
+    state: started
diff --git a/playbooks/templates/configs/zigbee2mqtt/zigbee2mqtt/configuration.yaml.j2 b/playbooks/templates/configs/zigbee2mqtt/zigbee2mqtt/configuration.yaml.j2
new file mode 100644
index 0000000..183543a
--- /dev/null
+++ b/playbooks/templates/configs/zigbee2mqtt/zigbee2mqtt/configuration.yaml.j2
@@ -0,0 +1,21 @@
+homeassistant: true
+
+permit_join: false
+
+mqtt:
+  base_topic: zigbee2mqtt
+  server: 'mqtt://mqtt.z9'
+
+serial:
+  port: /dev/serial/by-id/usb-Texas_Instruments_TI_CC2531_USB_CDC___0X00124B0014DBC72F-if00
+
+advanced:
+  network_key: [{{ zigbee2mqtt__network_key }}]
+  pan_id: 32673
+  ext_pan_id: [58, 76, 37, 2, 22, 198, 237, 124]
+  channel: 11
+
+frontend:
+  port: 8080
+  host: localhost
+  url: https://zigbee2mqtt.z9