diff --git a/nodes/.gitignore b/nodes/.gitignore
new file mode 100644
index 00000000..f3afa4e7
--- /dev/null
+++ b/nodes/.gitignore
@@ -0,0 +1,5 @@
+# Custom
+.secrets/*
+dev.env
+prod.env
+test.env
\ No newline at end of file
diff --git a/nodes/deploy/deploy.bash b/nodes/deploy/deploy.bash
index bd314b9b..b0801ab5 100755
--- a/nodes/deploy/deploy.bash
+++ b/nodes/deploy/deploy.bash
@@ -3,6 +3,9 @@
 # Deployment script - intended to run on Moonstream node control server
 
 # Main
+AWS_DEFAULT_REGION="${AWS_DEFAULT_REGION:-us-east-1}"
+SECRETS_DIR="${SECRETS_DIR:-/home/ubuntu/moonstream-secrets}"
+NODE_PARAMETERS_ENV_PATH="${SECRETS_DIR}/node.env"
 SCRIPT_DIR="$(realpath $(dirname $0))"
 ETHEREUM_GETH_SERVICE="ethereum-node.service"
 
@@ -10,16 +13,36 @@ set -eu
 
 echo
 echo
-echo "Deploy Geth service if not running already"
+echo "Retrieving deployment parameters"
+mkdir -p "${SECRETS_DIR}"
+> "${NODE_PARAMETERS_ENV_PATH}"
+ENV_PARAMETERS=$(aws ssm describe-parameters \
+  --parameter-filters Key=tag:Product,Values=moonstream Key=tag:Blockchain,Values=ethereum \
+  | jq -r .Parameters[].Name)
+ENV_PARAMETERS_VALUES=$(aws ssm get-parameters \
+  --names $ENV_PARAMETERS \
+  --query "Parameters[*].{Name:Name,Value:Value}")
+ENV_PARAMETERS_VALUES_LENGTH=$(($(echo $ENV_PARAMETERS_VALUES | jq length) - 1))
+for i in $(seq 0 $ENV_PARAMETERS_VALUES_LENGTH)
+do
+  param_key=$(echo $ENV_PARAMETERS_VALUES | jq -r .[$i].Name)
+  param_value=$(echo $ENV_PARAMETERS_VALUES | jq .[$i].Value)
+  echo "export $param_key=$param_value" >> "${NODE_PARAMETERS_ENV_PATH}"
+done
+
+echo
+echo
+echo "Replacing Ethereum Geth service definition with ${ETHEREUM_GETH_SERVICE}"
+chmod 644 "${SCRIPT_DIR}/${ETHEREUM_GETH_SERVICE}"
+cp "${SCRIPT_DIR}/${ETHEREUM_GETH_SERVICE}" "/etc/systemd/system/${ETHEREUM_GETH_SERVICE}"
+systemctl daemon-reload
+systemctl disable "${ETHEREUM_GETH_SERVICE}"
+
 if systemctl is-active --quiet "${ETHEREUM_GETH_SERVICE}"
 then
     echo "Ethereum Geth service ${ETHEREUM_GETH_SERVICE} already running"
 else
-    echo "Replacing Ethereum Geth service definition with ${ETHEREUM_GETH_SERVICE}"
-    chmod 644 "${SCRIPT_DIR}/${ETHEREUM_GETH_SERVICE}"
-    cp "${SCRIPT_DIR}/${ETHEREUM_GETH_SERVICE}" "/etc/systemd/system/${ETHEREUM_GETH_SERVICE}"
-    systemctl daemon-reload
-    systemctl disable "${ETHEREUM_GETH_SERVICE}"
+    echo "Restart Geth service ${ETHEREUM_GETH_SERVICE}"
     systemctl restart "${ETHEREUM_GETH_SERVICE}"
     sleep 10
 fi
diff --git a/nodes/deploy/ethereum-node.service b/nodes/deploy/ethereum-node.service
index 1305e7d1..22cd22ea 100644
--- a/nodes/deploy/ethereum-node.service
+++ b/nodes/deploy/ethereum-node.service
@@ -5,10 +5,11 @@ After=network.target
 [Service]
 User=ubuntu
 Group=www-data
+EnvironmentFile=/home/ubuntu/moonstream-secrets/node.env
 ExecStart=/usr/bin/geth --syncmode snap --cache 4096 \
-    --port 41380 --datadir /mnt/disks/nodes/ethereum \
+    --port "${MOONSTREAM_NODE_ETHEREUM_LISTENING_PORT}" --datadir /mnt/disks/nodes/ethereum \
     --txpool.globalslots 153600 --txpool.globalqueue 3072 \
-    --http --http.port 18370 --http.api eth,web3,txpool
+    --http --http.addr "${MOONSTREAM_NODE_ETHEREUM_IPC_ADDR}" --http.port "${MOONSTREAM_NODE_ETHEREUM_IPC_PORT}" --http.api eth,web3,txpool
 ExecStop=/bin/kill -s SIGINT -$MAINPID
 TimeoutStopSec=300
 SyslogIdentifier=ethereum-node
diff --git a/nodes/sample.env b/nodes/sample.env
new file mode 100644
index 00000000..cb472d80
--- /dev/null
+++ b/nodes/sample.env
@@ -0,0 +1,3 @@
+export MOONSTREAM_NODE_ETHEREUM_IPC_ADDR="<internal_ip_addr_for_geth_http_access>"
+export MOONSTREAM_NODE_ETHEREUM_IPC_PORT="<geth_http_port>"
+export MOONSTREAM_NODE_ETHEREUM_LISTENING_PORT="<geth_listening_port>"