diff --git a/ansible/group_vars/waku.connect.yml b/ansible/group_vars/waku.connect.yml
new file mode 100644
index 0000000..b5a710e
--- /dev/null
+++ b/ansible/group_vars/waku.connect.yml
@@ -0,0 +1,44 @@
+---
+nim_waku_cont_tag: 'deploy-v2-prod'
+nim_waku_cont_name: 'nim-waku'
+
+# Protocols
+nim_waku_protocols_enabled: ['relay', 'filter', 'lightpush']
+
+# Ports
+nim_waku_p2p_tcp_port: 30303
+nim_waku_p2p_udp_port: 30303
+nim_waku_metrics_port: 8008
+nim_waku_websock_port: 443
+nim_waku_rpc_tcp_port: 8545
+nim_waku_rpc_tcp_addr: 0.0.0.0
+
+# Limits
+nim_waku_p2p_max_connections: 150
+nim_waku_store_capacity: 10000
+
+# Enable websockets in Waku
+nim_waku_websocket_enabled: true
+nim_waku_websocket_secure_enabled: true
+nim_waku_websocket_cont_port: 8000
+nim_waku_websocket_domain: '{{ dns_entry }}'
+nim_waku_websocket_ssl_dir: '/etc/letsencrypt'
+nim_waku_websocket_ssl_cert: '/etc/letsencrypt/live/{{ nim_waku_websocket_domain }}/fullchain.pem'
+nim_waku_websocket_ssl_key: '/etc/letsencrypt/live/{{ nim_waku_websocket_domain }}/privkey.pem'
+
+# LetsEncrypt via Certbot
+certbot_docker_enabled: true
+certbot_admin_email: 'devops@status.im'
+certbot_certs:
+  - domains: [ '{{ nim_waku_websocket_domain }}' ]
+
+# Open LibP2P Ports
+open_ports_default_comment: '{{ nim_waku_cont_name }}'
+open_ports_default_protocol: 'tcp'
+open_ports_default_chain: 'SERVICES'
+open_ports_list:
+  - { port: '{{ nim_waku_p2p_tcp_port }}' }
+  - { port: '{{ nim_waku_p2p_udp_port }}', protocol: 'udp' }
+  - { port: '{{ nim_waku_websock_port }}' }
+  - { port: '{{ nim_waku_metrics_port }}', chain: 'VPN', ipset: 'metrics.hq' }
+  - { port: '{{ nim_waku_rpc_tcp_port }}', chain: 'VPN', ipset: '{{ env }}.{{ stage }}' }
diff --git a/ansible/main.yml b/ansible/main.yml
new file mode 100644
index 0000000..5a73823
--- /dev/null
+++ b/ansible/main.yml
@@ -0,0 +1,19 @@
+---
+- name: Verify Ansible versions
+  hosts: all
+  tags: always
+  become: false
+  run_once: true
+  gather_facts: false
+  tasks:
+    - local_action: command ./versioncheck.py
+      changed_when: false
+
+- name: Configure Waku Nodes
+  hosts:
+    - waku.connect
+  roles:
+    - { role: open-ports, tags: open-ports }
+    - { role: swap-file,  tags: swap-file }
+    - { role: certbot,    tags: certbot }
+    - { role: nim-waku,   tags: nim-waku }
diff --git a/ansible/requirements.yml b/ansible/requirements.yml
index fef2120..16c2369 100644
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@@ -21,7 +21,7 @@
 
 - name: consul-service
   src: git@github.com:status-im/infra-role-consul-service.git
-  version: 61a248a697d37c98b575be942bb6e86deb512380
+  version: ac9796d029298699abdd826d5775ceab3da55021
   scm: git
 
 - name: certbot