diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml
index 132bbaa..0c197bc 100644
--- a/ansible/group_vars/all.yml
+++ b/ansible/group_vars/all.yml
@@ -9,3 +9,5 @@ timezone: "America/New_York"
 
 # Globals
 personal_domain: "mjwilson.org"
+
+data_dir: "/mnt/tank/appdata"
diff --git a/ansible/group_vars/pve.yml b/ansible/group_vars/pve.yml
index fc8af50..9f82f4d 100644
--- a/ansible/group_vars/pve.yml
+++ b/ansible/group_vars/pve.yml
@@ -1 +1,2 @@
 media_storage_mnt: /mnt/storage
+media_gid: 997
diff --git a/ansible/main.yml b/ansible/main.yml
index fff14d4..518a0c4 100644
--- a/ansible/main.yml
+++ b/ansible/main.yml
@@ -4,5 +4,8 @@
 
 - hosts: pve-docker
   roles:
+    - pve-docker
     - docker-compose
-  become: true
+    - prowlarr
+    - sonarr
+    - radarr
diff --git a/ansible/roles/prowlarr/tasks/main.yml b/ansible/roles/prowlarr/tasks/main.yml
new file mode 100644
index 0000000..caa7fda
--- /dev/null
+++ b/ansible/roles/prowlarr/tasks/main.yml
@@ -0,0 +1,21 @@
+- name: Create install directory
+  file:
+    path: "{{ install_directory }}/prowlarr"
+    state: directory
+    owner: "{{ docker_user }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Copy docker-compose file to destination
+  template:
+    src: docker-compose.yml
+    dest: "{{ install_directory }}/prowlarr/docker-compose.yml"
+    mode: "{{ docker_compose_file_mask }}"
+    validate: docker-compose -f %s config
+  become: true
+
+- name: Start docker container
+  community.docker.docker_compose:
+    project_src: "{{ install_directory }}/prowlarr"
+    pull: true
+    remove_orphans: yes
diff --git a/ansible/roles/prowlarr/templates/docker-compose.yml b/ansible/roles/prowlarr/templates/docker-compose.yml
new file mode 100644
index 0000000..971fa8e
--- /dev/null
+++ b/ansible/roles/prowlarr/templates/docker-compose.yml
@@ -0,0 +1,24 @@
+version: "{{ docker_compose_version }}"
+
+networks:
+  traefik:
+    external: true
+
+services:
+  prowlarr:
+    container_name: prowlarr
+    image: lscr.io/linuxserver/prowlarr:latest
+    restart: unless-stopped
+    networks:
+      - traefik
+    environment:
+      - PUID={{ primary_uid }}
+      - PGID={{ media_gid }}
+      - TZ={{ timezone }}
+    volumes:
+      - "{{ data_dir }}/prowlarr:/config"
+      - "{{ media_storage_mnt }}/data:/data"
+    labels:
+      traefik.enable: true
+      traefik.http.routers.prowlarr.rule: "Host(`prowlarr.local.{{ personal_domain }}`)"
+      traefik.http.routers.prowlarr.middlewares: lan-whitelist@file
diff --git a/ansible/roles/pve-docker/tasks/main.yml b/ansible/roles/pve-docker/tasks/main.yml
index 7728c28..01388da 100644
--- a/ansible/roles/pve-docker/tasks/main.yml
+++ b/ansible/roles/pve-docker/tasks/main.yml
@@ -1,8 +1,8 @@
 - name: Install basic packages
-  package:
+  ansible.builtin.package:
     name: "{{ item }}"
-    become: true
-    loop:
-      - vim
-      - doas
-      - git
+  loop:
+    - vim
+    - doas
+    - git
+  become: true
diff --git a/ansible/roles/pve/tasks/media-share.yml b/ansible/roles/pve/tasks/media-share.yml
index 1090444..1452ed9 100644
--- a/ansible/roles/pve/tasks/media-share.yml
+++ b/ansible/roles/pve/tasks/media-share.yml
@@ -1,9 +1,9 @@
 - name: Create media group
   ansible.builtin.group:
     name: media
+    gid: 997
     system: true
     state: present
-  register: media_gid
 
 - name: Set media directory permissions
   ansible.builtin.file:
diff --git a/ansible/roles/radarr/tasks/main.yml b/ansible/roles/radarr/tasks/main.yml
index 1e261b1..9e6d113 100644
--- a/ansible/roles/radarr/tasks/main.yml
+++ b/ansible/roles/radarr/tasks/main.yml
@@ -10,7 +10,7 @@
   template:
     src: docker-compose.yml
     dest: "{{ install_directory }}/radarr/docker-compose.yml"
-    mode: {{ docker_compose_file_mask }}
+    mode: "{{ docker_compose_file_mask }}"
     validate: docker-compose -f %s config
   become: true
 
diff --git a/ansible/roles/sonarr/tasks/main.yml b/ansible/roles/sonarr/tasks/main.yml
new file mode 100644
index 0000000..39212b1
--- /dev/null
+++ b/ansible/roles/sonarr/tasks/main.yml
@@ -0,0 +1,21 @@
+- name: Create install directory
+  file:
+    path: "{{ install_directory }}/sonarr"
+    state: directory
+    owner: "{{ docker_user }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Copy docker-compose file to destination
+  template:
+    src: docker-compose.yml
+    dest: "{{ install_directory }}/sonarr/docker-compose.yml"
+    mode: "{{ docker_compose_file_mask }}"
+    validate: docker-compose -f %s config
+  become: true
+
+- name: Start docker container
+  community.docker.docker_compose:
+    project_src: "{{ install_directory }}/sonarr"
+    pull: true
+    remove_orphans: yes
diff --git a/ansible/roles/sonarr/templates/docker-compose.yml b/ansible/roles/sonarr/templates/docker-compose.yml
new file mode 100644
index 0000000..456073a
--- /dev/null
+++ b/ansible/roles/sonarr/templates/docker-compose.yml
@@ -0,0 +1,24 @@
+version: "{{ docker_compose_version }}"
+
+networks:
+  traefik:
+    external: true
+
+services:
+  sonarr:
+    container_name: sonarr
+    image: lscr.io/linuxserver/sonarr:develop
+    restart: unless-stopped
+    networks:
+      - traefik
+    environment:
+      - PUID={{ primary_uid }}
+      - PGID={{ media_gid }}
+      - TZ={{ timezone }}
+    volumes:
+      - "{{ data_dir }}/sonarr:/config"
+      - "{{ media_storage_mnt }}/data:/data"
+    labels:
+      traefik.enable: true
+      traefik.http.routers.sonarr.rule: "Host(`sonarr.local.{{ personal_domain }}`)"
+      traefik.http.routers.sonarr.middlewares: lan-whitelist@file