diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 25048fe25bd7eec8769506ceab1d1a7473070dc3..bdb25e04279e553cba47e983f01a49cdc78c9568 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -426,3 +426,56 @@ deploy_ood_node:
   rules:
     - if: $PIPELINE_TARGET == "deploy" && $OOD_IMAGE_ID
       when: always
+
+deploy_account_services_app:
+  stage: deploy
+  environment:
+    name: $ENV
+  tags:
+    - build
+  script:
+    - openstack image set --accept f10c29db-362e-440a-97b2-0230c316369f || true
+    - FAILED=false
+    - |
+      cat > user_data.txt <<EOF
+      #!/bin/bash
+      cat >> /etc/NetworkManager/conf.d/90-dns-none.conf<<EEOF
+      [main]
+      dns=none
+      EEOF
+      systemctl reload NetworkManager
+      echo "$DEV_KEY" >> /root/.ssh/authorized_keys
+      ip route replace default via ${DEFAULT_GATEWAY_IP} dev eth0
+      git clone ${CI_REPOSITORY_URL} /tmp/${CI_PROJECT_NAME}
+      cd /tmp/${CI_PROJECT_NAME}
+      git checkout ${CI_COMMIT_REF_NAME}
+      cat >> ansible/hosts<<EEOF
+      [$ENV]
+      127.0.0.1
+      EEOF
+      ansible-playbook -c local -i ansible/hosts --extra-vars="$EXTRA_VARS" ansible/accountservices.yml | tee -a /tmp/ansible.log
+      rm -rf /tmp/${CI_PROJECT_NAME}
+      EOF
+    - |
+      export cmd="openstack server create"
+      cmd+=" -c id -f value --image f10c29db-362e-440a-97b2-0230c316369f"
+      cmd+=" --flavor $INSTANCE_FLAVOR"
+      for security_group in ${SECURITY_GROUP_LIST[@]};
+      do
+        cmd+=" --security-group $security_group"
+      done
+      cmd+=" --user-data user_data.txt"
+      if [ -n "$INSTANCE_NETWORK" ];then cmd+=" --network $INSTANCE_NETWORK"; fi
+      if [ -n "$ACCOUNT_SERVICES_APP_PORT" ];then cmd+=" --port $ACCOUNT_SERVICES_APP_PORT"; fi
+      cmd+=" --wait account-services-app"
+    - export ACCOUNT_SERVICES_APP_INSTANCE_ID=$(bash -c "$cmd")
+    - |
+      # Associate the floating IP(s) with the Account Services App instance
+      for ACCOUNT_SERVICES_APP_FLOATING_IP in ${ACCOUNT_SERVICES_APP_FLOATING_IP_LIST[@]};
+      do
+        echo "Associating FLOATING_IP $ACCOUNT_SERVICES_APP_FLOATING_IP with ACCOUNT_SERVICES_APP_INSTANCE_ID $ACCOUNT_SERVICES_APP_INSTANCE_ID"
+        openstack server add floating ip $ACCOUNT_SERVICES_APP_INSTANCE_ID $ACCOUNT_SERVICES_APP_FLOATING_IP
+      done
+  rules:
+    - if: $PIPELINE_TARGET == "deploy" && $DEPLOY_ACCOUNT_SERVICES_APP == "true"
+      when: always
diff --git a/ansible/accountservices.yml b/ansible/accountservices.yml
new file mode 100644
index 0000000000000000000000000000000000000000..ea5286678f67c534b974919c14bc7966c8aed42c
--- /dev/null
+++ b/ansible/accountservices.yml
@@ -0,0 +1,7 @@
+---
+- name: Setup node to run account services app
+  hosts: default
+  become: true
+  roles:
+    - { name: 'install_accountapp', tags: 'install_accountapp' }
+
diff --git a/ansible/roles/install_accountapp b/ansible/roles/install_accountapp
new file mode 100644
index 0000000000000000000000000000000000000000..5cbbfbca1583f3ba71e4e21072ef8aa4d8500bfc
--- /dev/null
+++ b/ansible/roles/install_accountapp
@@ -0,0 +1,143 @@
+---
+- name: Install packages via yum
+  yum:
+    name:
+      - python3-pip
+      - python3-devel
+    state: latest
+
+- name: Remove existing user register app install
+  file:
+    path: "{{ user_register_app_path }}"
+    state: absent
+
+- name: Clone user register app form from gitlab
+  git:
+    repo: "{{ user_register_app_repo }}"
+    dest: "{{ user_register_app_path }}"
+    refspec: "{{ user_register_app_refspec }}"
+    version: "{{ user_register_app_tag }}"
+
+- name: Change ownership of directory
+  file:
+    path: "{{ user_register_app_path }}"
+    owner: root
+    group: root
+    state: directory
+    recurse: yes
+
+- name: Create __pycache__ in app dir
+  file:
+    path: "{{ user_register_app_path }}/__pycache__"
+    owner: "{{ RegUser_app_user }}"
+    group: "{{ RegUser_app_user }}"
+    state: directory
+
+- name: Create  __pycache__ in app dir
+  file:
+    path: "{{ user_register_app_path }}/app/__pycache__"
+    owner: "{{ RegUser_app_user }}"
+    group: "{{ RegUser_app_user }}"
+    state: directory
+
+- name: Copy Self-Reg app variables file
+  template:
+    src: app_vars.j2
+    dest: "{{ user_register_app_path }}/app_vars.py"
+
+- name: Install requirements in virtualenv
+  pip:
+    requirements: requirements.txt
+    virtualenv: venv
+    virtualenv_command: /usr/bin/python3 -m venv
+    chdir: "{{ user_register_app_path }}"
+
+- name: Install gunicorn in virtualenv
+  pip:
+    name: gunicorn
+    virtualenv: venv
+    virtualenv_command: /usr/bin/python3 -m venv
+    chdir: "{{ user_register_app_path }}"
+
+- name: Create log directory
+  file:
+    path: "/var/log/{{ user_register_app }}"
+    owner: "{{ RegUser_app_user }}"
+    group: "{{ RegUser_app_user }}"
+    state: directory
+
+- name: Set up log rotate for module usage
+  template:
+    src: logrotate.j2
+    dest: "/etc/logrotate.d/{{ user_register_app }}"
+
+- name: Copy Celery service template
+  template:
+    src: celery.service.j2
+    dest: "/etc/systemd/system/celery-{{ user_register_app }}.service"
+
+- name: Enable celery.service
+  systemd:
+    name: celery-{{ user_register_app }}.service
+    enabled: yes
+
+- name: Put apache config file in place (user-reg_conf_shib.j2 in case of shib)
+  template:
+    src: user-reg_conf_shib.j2
+    dest: "/opt/rh/httpd24/root/etc/httpd/conf.d/user-reg-{{ user_register_app }}.conf"
+  when: configure_shib
+
+- name: Put apache config file in place (user-reg_conf.j2 in case of basicauth)
+  template:
+    src: user-reg_conf.j2
+    dest: "/opt/rh/httpd24/root/etc/httpd/conf.d/user-reg.conf"
+  when: not configure_shib
+
+- name: Put wsgi file in place
+  template:
+    src: wsgi.j2
+    dest: "{{ user_register_app_path }}/wsgi.py"
+
+- name: Put gunicorn config file in place
+  template:
+    src: ini.j2
+    dest: "{{ user_register_app_path }}/{{ user_register_app }}.ini"
+
+- name: Create gunicorn system service
+  template:
+    src: service.j2
+    dest: "/etc/systemd/system/{{ user_register_app }}.service"
+
+- name: Enable user registration redirect
+  replace:
+    path: /etc/ood/config/ood_portal.yml
+    regexp: '{{ item.regexp }}'
+    replace: '{{ item.replace }}'
+    backup: yes
+  with_items:
+      - { regexp: "^#?(user_map_cmd:).*", replace: "\\1 '/opt/ood/ood_auth_map/bin/user_auth.py'" }
+      - { regexp: "^#?(map_fail_uri:).*", replace: "\\1 '/{{ user_register_app }}'" }
+      - { regexp: "^#?(register_uri:).*", replace: "\\1 '/{{ user_register_app }}'" }
+  when: activate_namespace
+
+- name: Stage regex file for ood
+  template:
+    src: user_auth_py.j2
+    dest: /opt/ood/ood_auth_map/bin/user_auth.py
+    owner: root
+    group: root
+    mode: 0755
+
+- name: Build the updated Apache config
+  command: /opt/ood/ood-portal-generator/sbin/update_ood_portal
+  ignore_errors: yes
+
+- name: Enable apache service
+  systemd:
+    name: httpd24-httpd
+    enabled: yes
+
+- name: Start and enable flask app gunicorn service
+  service:
+    name: "{{ user_register_app }}"
+    enabled: yes
\ No newline at end of file