diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..0e3d081
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,104 @@
+# Changelog
+
+All notable changes to this Ansible infrastructure automation project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [0.1.0] - 2025-11-10
+
+### Added
+- Initial project setup with Ansible infrastructure automation framework
+- Comprehensive Ansible guidelines and best practices (CLAUDE.md)
+  - Security-first approach with CIS Benchmarks and NIST guidelines
+  - Dynamic inventory requirements and best practices
+  - OS-specific configuration for Debian and RHEL families
+  - Role development standards and testing strategies
+- Infrastructure inventory documentation (INFRASTRUCTURE_INVENTORY.md)
+- VM deployment automation
+  - `deploy_linux_vm` role with LVM support and SSH hardening
+  - Multi-distribution support (Debian, Ubuntu, RHEL, AlmaLinux, Rocky Linux)
+  - Automated partitioning with LVM configuration
+  - Security hardening (SELinux/AppArmor, firewall, fail2ban)
+  - Test playbook for role validation
+- Dynamic inventory plugins
+  - `libvirt_kvm.py` - KVM/libvirt dynamic inventory
+  - `ssh_config_inventory.py` - SSH config-based inventory
+- Unattended deployment configurations
+  - Cloud-init templates (user-data, meta-data)
+  - Debian preseed configuration
+  - Bash configuration script for Debian VMs
+- Comprehensive documentation
+  - Role documentation (ROLE.md)
+  - Setup summary (SETUP_SUMMARY.md)
+  - Quick reference cheatsheets for all playbooks
+  - README.md with project overview
+- Git repository structure
+  - Main repository: `ansible/infra-automation` (public)
+  - Secrets submodule: `ansible/secrets` (private)
+  - Proper .gitmodules configuration
+
+### Security
+- Implemented secrets management using private git submodule
+- SSH key-based authentication for Gitea repository access
+- Security-first configuration templates following industry standards
+- Ansible user with passwordless sudo and SSH key authentication
+- SELinux/AppArmor enforcement configurations
+- Firewall configurations (firewalld/ufw)
+- Fail2ban integration for SSH protection
+
+### Infrastructure
+- Git repository hosting on Gitea (git.mymx.me:2222)
+- SSH configuration for git.mymx.me with dedicated key
+- Dynamic inventory support for multiple sources (AWS, Azure, VMware, libvirt)
+- LVM-based storage configuration for all deployed systems
+
+## [0.0.1] - 2025-11-10
+
+### Added
+- Initial repository creation
+- Basic project structure
+- Infrastructure configuration files
+- Dynamic inventory configuration
+- Multi-distribution VM deployment playbooks
+
+---
+
+## Release Notes
+
+### Version 0.1.0 - Initial Release
+
+This is the first official release of the Ansible infrastructure automation project. It provides a complete framework for deploying and managing Linux virtual machines with security-first principles.
+
+**Key Features:**
+- Automated VM deployment with LVM configuration
+- Multi-distribution support (Debian/Ubuntu and RHEL families)
+- Security hardening out of the box
+- Dynamic inventory support
+- Comprehensive documentation and cheatsheets
+
+**Requirements:**
+- Ansible 2.9 or higher
+- Python 3.6 or higher
+- SSH access to target systems
+- For VM deployment: libvirt/KVM hypervisor
+
+**Getting Started:**
+```bash
+# Clone with submodules
+git clone --recursive ssh://git@git.mymx.me:2222/ansible/infra-automation.git
+
+# Review documentation
+cat docs/README.md
+
+# Check available cheatsheets
+ls cheatsheets/
+```
+
+---
+
+[Unreleased]: https://git.mymx.me/ansible/infra-automation/compare/v0.1.0...HEAD
+[0.1.0]: https://git.mymx.me/ansible/infra-automation/releases/tag/v0.1.0
+[0.0.1]: https://git.mymx.me/ansible/infra-automation/commits/77d3dda