diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
new file mode 100644
index 0000000..cc9df17
--- /dev/null
+++ b/.github/workflows/deploy.yml
@@ -0,0 +1,63 @@
+name: Deploy
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+
+jobs:
+  Deploy:
+    environment: production
+    runs-on: ubuntu-latest
+    env:
+      AMBER_SECRET: ${{ secrets.AMBER_SECRET }}
+    steps:
+      - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
+      - run: echo "🐧 This job is now running on a ${{ runner.os }} server."
+      - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}."
+      - name: Check out repository code
+        uses: actions/checkout@v3
+      - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
+      - name: List files in the repository
+        run: |
+          ls ${{ github.workspace }}
+      - name: Deploy
+        run: |
+          set -x
+          echo Installing amber secrets manager
+          curl -L https://github.com/fpco/amber/releases/download/v0.1.3/amber-x86_64-unknown-linux-musl > amber
+          chmod +x ./amber
+          mv ./amber /usr/local/bin/amber
+          mkdir -p ~/.ssh
+          amber exec -- sh -c 'ssh-keyscan $DOKKU_HOST >> ~/.ssh/known_hosts'
+          eval `ssh-agent -s`
+          ssh-add - <<< "${{ secrets.DOKKU_SSH_PRIVATE_KEY}}"
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY dokku apps:create container-9ypfqd4 || true'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY dokku builder:set container-9ypfqd4 build-dir src'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY dokku builder-dockerfile:set container-9ypfqd4 dockerfile-path Dockerfile'
+
+          # Set common env settings
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DB_USER=$DB_USER"'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DB_PASSWORD=$DB_PASSWORD"'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DB_HOST=$DB_HOST"'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DB_PORT=$DB_PORT"'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DB_NAME=$DB_NAME"'
+
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 RAILS_DEVELOPMENT_HOSTS=container-9ypfqd4.containers.anotherwebservice.com"'
+          # Database connection string (rails)
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DATABASE_URL=$RAILS_DATABASE_URL"'
+          # Database connection string (django)
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 SECRET_KEY=$DJANGO_SECRET_KEY"'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 ALLOWED_HOSTS=$ALLOWED_HOSTS"'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DEBUG=$DJANGO_DEBUG"'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DB_ENGINE=$DJANGO_ENGINE"'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DB_NAME=$DJANGO_DB_NAME"'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DB_HOST=$DJANGO_DB_HOST"'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DB_USER=$DJANGO_DB_USER"'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DB_PASSWORD=$DJANGO_DB_PASSWORD"'
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY "dokku config:set --no-restart container-9ypfqd4 DB_PORT=$DJANGO_DB_PORT"'
+
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C $CONTAINER_HOSTING_API_KEY dokku git:sync --build container-9ypfqd4 https://github.com/chrisjsimpson/container-9ypfqd4.git main'
+          # Assign letsencrypt wildcard certificate
+          amber exec -- sh -c 'ssh dokku@$DOKKU_HOST -C "$CONTAINER_HOSTING_API_KEY dokku certs:add container-9ypfqd4 < cert-key.tar"'
+