diff --git a/.actrc b/.actrc
new file mode 100644
index 0000000..5ca197f
--- /dev/null
+++ b/.actrc
@@ -0,0 +1,7 @@
+--action-cache-path .github/cache/act/actions
+--artifact-server-path .github/cache/act/artifacts
+--artifact-server-port 18412
+--cache-server-path .github/cache/act/cache
+--use-new-action-cache
+--pull=false
+--platform ubuntu-latest=ghcr.io/catthehacker/ubuntu:act-latest
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
new file mode 100644
index 0000000..bc5a900
--- /dev/null
+++ b/.github/workflows/deploy.yml
@@ -0,0 +1,20 @@
+name: Deploy
+
+on:
+  push:
+    branches:
+      - main
+
+concurrency:
+  group: ${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  deploy:
+    name: Deploy
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - uses: opentofu/setup-opentofu@v1
+    - run: tofu init
+    - run: tofu apply -no-color
diff --git a/.gitignore b/.gitignore
index b0afff3..072c29b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,4 @@
 /.terraform
 /terraform.tfstate*
 /.terraform.tfstate*
+/.github/cache
diff --git a/README.md b/README.md
index 6ee48f6..ed24311 100644
--- a/README.md
+++ b/README.md
@@ -9,6 +9,7 @@ We're gonna need some tools:
 
 * OpenTofu, the replacement for Terraform since Hashicorp changed the licence terms: https://opentofu.org/docs/intro/install/.
   * As Tofu is a drop in replacement for Terraform, you can use Terraform if you prefer, and I'll refer to them interchangeably.
+* Nektos/Act so we can run our GitHub Actions locally.  https://github.com/nektos/act/releases
 
 ## What have we got going on in here?
 The main players:
diff --git a/docker.tf b/docker.tf
index fcad5df..5b268cb 100644
--- a/docker.tf
+++ b/docker.tf
@@ -1,3 +1,17 @@
-provider "docker" {
-  host = "ssh://california.ti"
+provider "ssh" {
+  server = "california.ti"
+  user   = "techinc"
+  auth   = {
+    private_key = {
+      content = file("~/.ssh/keys/exploding_bolts_2_rsa")
+    }
+  }
+}
+data "ssh_tunnel" "docker" {
+  remote = {
+    socket = "/var/run/docker.sock"
+  }
+}
+provider "docker" {
+  host = "tcp://${data.ssh_tunnel.docker.local.address}"
 }
diff --git a/terraform.tf b/terraform.tf
index 448ac0b..4804aa2 100644
--- a/terraform.tf
+++ b/terraform.tf
@@ -8,5 +8,9 @@ terraform {
       source  = "hashicorp/random"
       version = "~>3.3"
     }
+    ssh = {
+      source  = "matthewbaggett/ssh"
+      version = "~> 0.1.0"
+    }
   }
 }