diff --git a/playbooks/groups/tagger.yml b/playbooks/groups/tagger.yml
index bd35e46ae5..201d4b7ae0 100644
--- a/playbooks/groups/tagger.yml
+++ b/playbooks/groups/tagger.yml
@@ -52,31 +52,31 @@
   handlers:
   - include: "{{ handlers }}/restart_services.yml"
 
-#- name: dole out the service specific config
-#  hosts: tagger;tagger-stg
-#  user: root
-#  gather_facts: True
-#  accelerate: True
-#
-#  vars_files: 
-#   - /srv/web/infra/ansible/vars/global.yml
-#   - "{{ private }}/vars.yml"
-#   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
-#
-#  roles:
-#  - tagger
-#
-## This comes last because it relies on a group created by the tagger role.
-#- name: setup fedmsg
-#  hosts: tagger;tagger-stg
-#  user: root
-#  gather_facts: True
-#  accelerate: True
-#
-#  vars_files: 
-#   - /srv/web/infra/ansible/vars/global.yml
-#   - "{{ private }}/vars.yml"
-#   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
-#
-#  roles:
-#  - fedmsg_base
+- name: dole out the service specific config
+  hosts: tagger;tagger-stg
+  user: root
+  gather_facts: True
+  accelerate: True
+
+  vars_files: 
+   - /srv/web/infra/ansible/vars/global.yml
+   - "{{ private }}/vars.yml"
+   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  roles:
+  - tagger
+
+# This comes last because it relies on a group created by the tagger role.
+- name: setup fedmsg
+  hosts: tagger;tagger-stg
+  user: root
+  gather_facts: True
+  accelerate: True
+
+  vars_files: 
+   - /srv/web/infra/ansible/vars/global.yml
+   - "{{ private }}/vars.yml"
+   - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  roles:
+  - fedmsg_base
diff --git a/roles/tagger/files/cron-tagger-update-db b/roles/tagger/files/cron-tagger-update-db
new file mode 100644
index 0000000000..57a030d42a
--- /dev/null
+++ b/roles/tagger/files/cron-tagger-update-db
@@ -0,0 +1,2 @@
+# Pull in new packages from koji and pkgdb every other hour at 19 minutes past.
+19 */2 * * * apache FEDORATAGGER_CONFIG=/etc/fedoratagger/fedoratagger.cfg /usr/bin/fedoratagger-update-db >> /var/log/fedoratagger.log 2>&1
diff --git a/roles/tagger/files/fedoratagger-app.conf b/roles/tagger/files/fedoratagger-app.conf
new file mode 100644
index 0000000000..2c8183b6ce
--- /dev/null
+++ b/roles/tagger/files/fedoratagger-app.conf
@@ -0,0 +1,43 @@
+LoadModule expires_module modules/mod_expires.so
+LoadModule headers_module modules/mod_headers.so
+LoadModule deflate_module modules/mod_deflate.so
+
+ExpiresActive On
+#ExpiresDefault "access plus 300 seconds"
+
+ErrorLog logs/fedoracommunity_error_log
+CustomLog logs/fedoracommunity_access_log combined
+
+AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css application/x-javascript
+
+# This caching may not necessarily be ideal, or even correct.
+# However, it was the only I could get firebug to show me 302's for
+# my ToscaWidget resources.
+<filesmatch ".(gif|jpe?g|png|css|js)$">
+   Header unset Cache-Control
+   Header unset Etag
+   Header add Cache-Control "max-age=2592000"
+   #ExpiresDefault A2592000
+</filesmatch>
+
+# Lots of static resources for the tagger app.
+Alias /tagger/css /usr/lib/python2.6/site-packages/fedoratagger/frontend/static/css
+Alias /tagger/javascript /usr/lib/python2.6/site-packages/fedoratagger/frontend/static/javascript
+Alias /tagger/images /usr/lib/python2.6/site-packages/fedoratagger/frontend/static/images/
+Alias /tagger/rating /usr/lib/python2.6/site-packages/fedoratagger/frontend/static/rating/
+Alias /tagger/_res /usr/share/fedoratagger/toscawidgets/resources
+
+WSGIPythonEggs /var/cache/fedoracommunity/.python-eggs
+WSGIDaemonProcess fedoratagger user=apache group=fedoratagger maximum-requests=50000 display-name=fedoratagger processes=8 threads=4 inactivity-timeout=300
+WSGISocketPrefix run/wsgi
+WSGIRestrictStdout Off
+WSGIRestrictSignal Off
+WSGIPythonOptimize 1
+
+WSGIScriptAlias /tagger /usr/share/fedoratagger/fedoratagger.wsgi
+
+<Directory /usr/share/fedoratagger/>
+  WSGIProcessGroup fedoratagger
+  Order deny,allow
+  Allow from all
+</Directory>
diff --git a/roles/tagger/tasks/main.yml b/roles/tagger/tasks/main.yml
new file mode 100644
index 0000000000..abcc3e26bf
--- /dev/null
+++ b/roles/tagger/tasks/main.yml
@@ -0,0 +1,68 @@
+---
+# Configuration for the tahrir webapp
+
+
+# TODO -- add the cronjob
+
+
+- name: install needed packages
+  yum: pkg={{ item }} state=installed
+  with_items:
+  - fedora-tagger
+  - python-psycopg2
+  - python-memcached
+  - python-sqlalchemy0.8
+  tags:
+  - packages
+
+- name: make the cache directory
+  file: >
+    path=/var/cache/fedoratagger
+    state=directory
+    owner=apache group=apache mode=0755
+  tags:
+  - config
+
+- name: copy tagger app configuration
+  template: >
+    src=fedoratagger.cfg.j2
+    dest=/etc/fedoratagger/fedoratagger.cfg
+    owner=apache
+    group=apache
+    mode=0600
+  tags:
+  - config
+  notify:
+  - restart apache
+
+- name: copy tagger httpd config
+  copy: >
+    src=fedoratagger-app.conf
+    dest=/etc/httpd/conf.d/fedoratagger.conf
+    owner=apache
+    group=apache
+    mode=0644
+  tags:
+  - config
+  notify:
+  - restart apache
+
+- name: ensure selinux lets httpd talk to postgres
+  seboolean: name=httpd_can_network_connect_db persistent=yes state=yes
+
+- name: ensure cronjob log file is writable
+  file: >
+    path=/var/log/fedoratagger.log
+    owner=apache group=apache mode=0755
+  tags:
+  - cron
+  - config
+
+- name: setup the cronjob
+  copy: >
+    src=cron-tagger-update-db
+    dest=/etc/cron.d/cron-tagger-update-db
+  tags:
+  - cron
+  - config
+  when: install_cron
diff --git a/roles/tagger/templates/fedoratagger.cfg.j2 b/roles/tagger/templates/fedoratagger.cfg.j2
new file mode 100644
index 0000000000..879f6f1b47
--- /dev/null
+++ b/roles/tagger/templates/fedoratagger.cfg.j2
@@ -0,0 +1,20 @@
+### Secret key for the Flask application
+SECRET_KEY = 'wat {{taggerCookieSecret}}'
+
+### url to the database server:
+{% if env == "staging" %}
+DB_URL = 'postgres://fedoratagger:{{taggerDBPassword}}@db-community.stg/fedoratagger'
+FAS_OPENID_ENDPOINT = 'http://id.stg.fedoraproject.org'
+{% else %}
+DB_URL = 'postgres://fedoratagger:{{taggerDBPassword}}@db-community/fedoratagger'
+FAS_OPENID_ENDPOINT = 'http://id.fedoraproject.org'
+{% endif %}
+
+# This is required for openid to work in stg.  Might as well for prod too.
+PREFERRED_URL_SCHEME = 'https'
+
+# Stuff for toscawidgets2
+RES_PREFIX = '/tagger/_res/'
+
+### Unhappy mako
+MAKO_OUTPUT_ENCODING='utf-8'