diff --git a/playbooks/groups/certgetter.yml b/playbooks/groups/certgetter.yml
new file mode 100644
index 0000000000..2a7362e57e
--- /dev/null
+++ b/playbooks/groups/certgetter.yml
@@ -0,0 +1,30 @@
+- include: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=certgetter"
+
+- name: make the box be real
+  hosts: certgetter
+  user: root
+  gather_facts: True
+
+  vars_files:
+   - /srv/web/infra/ansible/vars/global.yml
+   - "/srv/private/ansible/vars.yml"
+   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  roles:
+  - base
+  - rkhunter
+  - nagios_client
+  - hosts
+  - fas_client
+  - rsyncd
+  - sudo
+  - { role: openvpn/client,
+      when: env != "staging" }
+
+  tasks:
+  - include: "{{ tasks_path }}/yumrepos.yml"
+  - include: "{{ tasks_path }}/2fa_client.yml"
+  - include: "{{ tasks_path }}/motd.yml"
+
+  handlers:
+  - include: "{{ handlers_path }}/restart_services.yml"