diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 0000000..5f98854
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,7 @@
+root = true
+trim_trailing_whitespace = true
+
+[*.yml]
+insert_final_newline = true
+indent_style = space
+indent_size = 2
diff --git a/README.md b/README.md
index 9fd55ef..7d9dab5 100644
--- a/README.md
+++ b/README.md
@@ -37,6 +37,10 @@ The following should be present on the target system
 | matrix_synapse_signing_key_path | "/opt/synapse/ssl/{{ matrix_server_name }}.signing.key" |
 | matrix_synapse_version | "v0.99.1.1" |
 | matrix_synapse_log_days_keep | 30 |
+| matrix_synapse_deployment_method | pip | Either pip or docker [¹](#footnote_1) |
+| matrix_synapse_supervision_method | systemd | Either systemd, runit or docker [¹](#footnote_1) |
+
+<a name="footnote_1">¹</a>: Docker must be used for both or neither deployment and supervision
 
 ## Dependencies
 
diff --git a/defaults/main.yml b/defaults/main.yml
index 6af12ca..a95c8dc 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,5 +1,7 @@
 ---
 matrix_synapse_extra_config: {}
+matrix_synapse_deployment_method: pip
+matrix_synapse_supervision_method: systemd
 matrix_synapse_dh_path: "/opt/synapse/tls/{{ matrix_server_name }}.dh"
 matrix_synapse_baseurl: "https://{{ matrix_server_name }}"
 matrix_synapse_signing_key_path: "/opt/synapse/tls/{{ matrix_server_name }}.signing.key"
@@ -7,3 +9,5 @@ matrix_synapse_version: "v0.99.1.1"
 matrix_synapse_log_days_keep: 30
 matrix_synapse_skip_tls: false
 matrix_synapse_pid_file: /opt/synapse/synapse.pid
+matrix_synapse_docker_ports: ["8008:8008", "8448:8448"]
+matrix_synapse_docker_labels: {}
diff --git a/handlers/main.yml b/handlers/main.yml
index f37861a..937962a 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -3,14 +3,25 @@
   systemd:
     daemon_reload: yes
 
-- name: "restart matrix-synapse"
+- name: "restart matrix-synapse using systemd"
   service:
     name: "matrix-synapse"
     state: restarted
     enabled: yes
+  when: matrix_synapse_supervision_method == "systemd"
+  listen: "restart matrix-synapse"
+
+- name: "restart synapse using docker"
+  docker_container:
+    name: synapse
+    state: started
+    restart: yes
+  when: matrix_synapse_supervision_method == "docker"
+  listen: "restart matrix-synapse"
 
 - name: restart rsyslog
   become: yes
   service:
     name: rsyslog
     state: restarted
+  when: matrix_synapse_supervision_method == "systemd"
diff --git a/tasks/configure.yml b/tasks/configure.yml
index 9a6bed0..d5f1c94 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -1,4 +1,21 @@
 ---
+- name: create user
+  user:
+    name: synapse
+    state: present
+  register: synapse_user
+  tags:
+    - pre_install
+
+- name: create directory
+  file:
+    name: /opt/synapse
+    state: directory
+    owner: synapse
+    group: synapse
+  tags:
+    - pre_install
+
 - name: Create directory for media storage
   file:
     name: "{{ item }}"
@@ -8,7 +25,7 @@
   loop:
     - "{{ matrix_synapse_config.media_store_path }}"
     - "{{ matrix_synapse_config.uploads_path }}"
-    - /opt/synapse/tls 
+    - /opt/synapse/tls
 
 - name: Deploy config
   copy:
@@ -21,6 +38,8 @@
 
 - name: Configure logging
   import_tasks: logging.yml
+  when: matrix_synapse_supervision_method == "systemd"
+  # TODO: Figure out how to make sure that logging ends up in rsyslog no matter what system we run on
 
 - name: Create certificates
   include_tasks: crypto.yml
diff --git a/tasks/deployment.yml b/tasks/deployment.yml
index 89b5d49..6bdf6a8 100644
--- a/tasks/deployment.yml
+++ b/tasks/deployment.yml
@@ -1,71 +1,78 @@
 ---
-- name: create user
-  user:
+- name: install synapse with pip into virtualenv
+  block:
+    - name: Install dependencies
+      apt:
+        name:
+          - build-essential
+          - python2.7-dev
+          - libffi-dev
+          - python-pip
+          - python-setuptools
+          - sqlite3
+          - libssl-dev
+          - python-virtualenv
+          - libjpeg-dev
+          - libxslt1-dev
+          - git
+          - libpq-dev
+        state: present
+        cache_valid_time: 1800
+      tags:
+        - pre_install
+
+    - name: Create virtualenv
+      pip:
+        name:
+          - pip
+          - setuptools
+          - lxml
+          - psycopg2-binary
+          - mock
+        virtualenv: /opt/synapse/env
+        virtualenv_python: python2.7
+        extra_args: --upgrade
+      tags:
+        - pre_install
+
+    - name: Clone synapse
+      git:
+        repo: https://github.com/matrix-org/synapse
+        dest: /opt/synapse/synapse
+        accept_hostkey: yes
+        version: "{{ matrix_synapse_version }}"
+      register: clone_synapse
+      tags:
+        - pre_install
+
+    - name: Install Synapse
+      pip:
+        name: /opt/synapse/synapse
+        virtualenv: /opt/synapse/env
+        virtualenv_python: python2.7
+      when: clone_synapse.changed
+      tags:
+        - skip_ansible_lint # skip when clause
+        - pre_install
+  when: matrix_synapse_deployment_method == "pip"
+
+- name: install synapse with docker
+  docker_container:
     name: synapse
-    state: present
-  tags:
-    - pre_install
-
-- name: create directory
-  file:
-    name: /opt/synapse
-    state: directory
-    owner: synapse
-    group: synapse
-  tags:
-    - pre_install
-
-- name: Install dependencies
-  apt:
-    name:
-      - build-essential
-      - python2.7-dev
-      - libffi-dev
-      - python-pip
-      - python-setuptools
-      - sqlite3
-      - libssl-dev
-      - python-virtualenv
-      - libjpeg-dev
-      - libxslt1-dev
-      - git
-      - libpq-dev
-    state: present
-    cache_valid_time: 1800
-  tags:
-    - pre_install
-
-- name: Create virtualenv
-  pip:
-    name:
-      - pip
-      - setuptools
-      - lxml
-      - psycopg2-binary
-      - mock
-    virtualenv: /opt/synapse/env
-    virtualenv_python: python2.7
-    extra_args: --upgrade
-  tags:
-    - pre_install
-
-- name: Clone synapse
-  git:
-    repo: https://github.com/matrix-org/synapse
-    dest: /opt/synapse/synapse
-    accept_hostkey: yes
-    version: "{{ matrix_synapse_version }}"
-  register: clone_synapse
-  tags:
-    - pre_install
-
-- name: Install Synapse
-  pip:
-    name: /opt/synapse/synapse
-    virtualenv: /opt/synapse/env
-    virtualenv_python: python2.7
-  when: clone_synapse.changed
-  tags:
-    - skip_ansible_lint # skip when clause
-    - pre_install
-
+    image: "docker.io/matrixdotorg/synapse:{{ matrix_synapse_version }}"
+    ports: "{{ matrix_synapse_docker_ports }}"
+    labels: "{{ matrix_synapse_docker_labels }}"
+    restart_policy: unless-stopped
+    entrypoint: "python"
+    command:
+      - "-m"
+      - "synapse.app.homeserver"
+      - "-c"
+      - "/opt/synapse/homeserver.yaml"
+    user: "{{ synapse_user.uid }}:{{ synapse_user.group }}"
+    volumes:
+      - "{{ matrix_synapse_config.media_store_path }}:{{ matrix_synapse_config.media_store_path }}"
+      - "{{ matrix_synapse_config.uploads_path }}:{{ matrix_synapse_config.uploads_path }}"
+      - "/opt/synapse/homeserver.yaml:/opt/synapse/homeserver.yaml"
+      - "/opt/synapse/tls:/opt/synapse/tls"
+  when: matrix_synapse_deployment_method == "docker"
diff --git a/tasks/main.yml b/tasks/main.yml
index 3bb19c3..6ea1b0e 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,9 +1,15 @@
 ---
-- name: deploy synapse
-  import_tasks: deployment.yml
+- name: check that sypervision and deployment are compatible
+  fail:
+    msg: "Either both or neither of deployment and supervision method should be docker."
+  when: (matrix_synapse_supervision_method == "docker" and matrix_synapse_deployment_method != "docker") or (matrix_synapse_deployment_method == "docker" and matrix_synapse_supervision_method != "docker")
 
 - name: configure synapse
   import_tasks: configure.yml
 
+- name: deploy synapse
+  import_tasks: deployment.yml
+
 - name: configure service
   import_tasks: systemd.yml
+  when: matrix_synapse_supervision_method == "systemd"
diff --git a/tests/.gitignore b/tests/.gitignore
new file mode 100644
index 0000000..a058c8c
--- /dev/null
+++ b/tests/.gitignore
@@ -0,0 +1,2 @@
+.vagrant
+*.retry
diff --git a/tests/Vagrantfile b/tests/Vagrantfile
index bcb6cb0..132c5bd 100644
--- a/tests/Vagrantfile
+++ b/tests/Vagrantfile
@@ -2,12 +2,24 @@
 # vi: set ft=ruby :
 
 Vagrant.configure("2") do |config|
-  config.vm.box = "debian/stretch64"
+  config.vm.define "pip" do |pip| 
+    pip.vm.box = "debian/stretch64"
 
-  config.vm.network "forwarded_port", guest: 8008, host: 8008
-  config.vm.network "forwarded_port", guest: 8448, host: 8448
+    pip.vm.network "forwarded_port", guest: 8008, host: 8008
+    pip.vm.network "forwarded_port", guest: 8448, host: 8448
 
-  config.vm.provision "ansible" do |ansible|
-    ansible.playbook = "test.yml"
+    pip.vm.provision "ansible" do |ansible|
+      ansible.playbook = "test-pip.yml"
+    end
+  end
+  config.vm.define "docker" do |docker| 
+    docker.vm.box = "debian/stretch64"
+
+    docker.vm.network "forwarded_port", guest: 8008, host: 8009
+    docker.vm.network "forwarded_port", guest: 8448, host: 8449
+
+    docker.vm.provision "ansible" do |ansible|
+      ansible.playbook = "test-docker.yml"
+    end
   end
 end
diff --git a/tests/requirements.yml b/tests/requirements.yml
index 2ec5ee2..75f1808 100644
--- a/tests/requirements.yml
+++ b/tests/requirements.yml
@@ -1,2 +1,4 @@
 ---
+- role: geerlingguy.pip
+- role: geerlingguy.docker
 - role: geerlingguy.postgresql
diff --git a/tests/test-docker.yml b/tests/test-docker.yml
new file mode 100644
index 0000000..bb22b61
--- /dev/null
+++ b/tests/test-docker.yml
@@ -0,0 +1,37 @@
+---
+- hosts: all
+  become: true
+  vars:
+    dbname: synapse
+    dbuser: synapse_user
+    dbpw: synapse_password
+    matrix_synapse_deployment_method: docker
+    matrix_synapse_supervision_method: docker
+  roles:
+    - role: geerlingguy.pip
+      pip_install_packages:
+        - name: docker
+    - role: geerlingguy.docker
+    - role: geerlingguy.postgresql
+      postgresql_databases:
+        - name: "{{ dbname }}"
+      postgresql_users:
+        - name: "{{ dbuser }}"
+          password: "{{ dbpw }}"
+      postgresql_global_config_options:
+        - option: listen_addresses
+          value: "172.17.0.1"
+      postgresql_hba_entries:
+        - { type: local, database: all, user: all, auth_method: trust }
+        - { type: host, database: "{{ dbname }}", user: "{{ dbuser }}", address: "172.17.0.1/16", auth_method: md5 }
+    - role: matrix-ansible-synapse
+      matrix_server_name: localhost
+      matrix_synapse_report_stats: false
+      matrix_synapse_pg_host: 172.17.0.1
+      matrix_synapse_pg_user: "{{ dbuser }}"
+      matrix_synapse_pg_pass: "{{ dbpw }}"
+      matrix_synapse_pg_db: "{{ dbname }}"
+      matrix_synapse_macaroon_secret_key: "THIS_IS_TOTALLY_SECRET_1337_L33T_HaxXxOR"
+      matrix_synapse_registration_secret: "waewi7Joolae8Pahh1eePhaeJubairieFuhoorie3h"
+      matrix_synapse_extra_config:
+        no_tls: true
diff --git a/tests/test.yml b/tests/test-pip.yml
similarity index 80%
rename from tests/test.yml
rename to tests/test-pip.yml
index 4c24257..04883bf 100644
--- a/tests/test.yml
+++ b/tests/test-pip.yml
@@ -6,12 +6,16 @@
     dbuser: synapse_user
     dbpw: synapse_password
   roles:
+    - role: geerlingguy.pip
     - role: geerlingguy.postgresql
       postgresql_databases:
-        - name: "{{ dbname }}" 
+        - name: "{{ dbname }}"
       postgresql_users:
-        - name: "{{ dbuser }}" 
+        - name: "{{ dbuser }}"
           password: "{{ dbpw }}"
+      postgresql_global_config_options:
+        - option: listen_address
+          value: "*"
     - role: matrix-ansible-synapse
       matrix_server_name: localhost
       matrix_synapse_report_stats: false