diff --git a/cluster/apps/gluetun/gluetun-configmap.yml b/cluster/apps/gluetun/gluetun-configmap.yml
new file mode 100644
index 0000000..15eca92
--- /dev/null
+++ b/cluster/apps/gluetun/gluetun-configmap.yml
@@ -0,0 +1,13 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: gluetun-config
+  namespace: default
+data:
+  VPN_SERVICE_PROVIDER: "surfshark"
+  SERVER_COUNTRIES: "Netherlands"
+  HTTPPROXY: "ON"
+  FIREWALL_INPUT_PORTS: "8080,7878,8989,8191,5055,6881"
+  FIREWALL_VPN_INPUT_PORTS: "8080,7878,8989,8191,5055,6881"
+  FIREWALL_OUTBOUND_SUBNETS: "192.168.1.0/24"
diff --git a/cluster/apps/gluetun/gluetun-svc.yml b/cluster/apps/gluetun/gluetun-svc.yml
new file mode 100644
index 0000000..e2396e1
--- /dev/null
+++ b/cluster/apps/gluetun/gluetun-svc.yml
@@ -0,0 +1,31 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: gluetun-service
+  namespace: default
+spec:
+  type: NodePort
+  selector:
+    app: gluetun
+  ports:
+  - port: 8888
+    targetPort: 8888
+    nodePort: 8388
+    protocol: TCP
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: gluetun-p2p-service
+  namespace: default
+spec:
+  type: NodePort
+  selector:
+    app: gluetun
+  ports:
+  - port: 6881
+    targetPort: 6881
+    nodePort: 30881
+    protocol: TCP
diff --git a/cluster/apps/gluetun/gluetun.yml b/cluster/apps/gluetun/gluetun.yml
new file mode 100644
index 0000000..8abf2a4
--- /dev/null
+++ b/cluster/apps/gluetun/gluetun.yml
@@ -0,0 +1,50 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gluetun
+  namespace: default
+spec:
+  selector:
+    matchLabels:
+      app: gluetun
+  template:
+    metadata:
+      labels:
+        app: gluetun
+    spec:
+      containers:
+      - name: vpn
+        image: qmcgaw/gluetun:v3.40.0
+        securityContext:
+          capabilities:
+            add:
+            - NET_ADMIN
+        ports:
+        - containerPort: 8888
+        - containerPort: 8388
+        - containerPort: 8080
+        - containerPort: 6881
+        env:
+        - name: OPENVPN_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: openvpn-secrets
+              key: OPENVPN_PASSWORD
+        - name: OPENVPN_USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: openvpn-secrets
+              key: OPENVPN_USERNAME
+        - name: HTTPPROXY_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: http-secrets
+              key: HTTPPROXY_PASSWORD
+        - name: HTTPPROXY_USER
+          valueFrom:
+            secretKeyRef:
+              name: http-secrets
+              key: HTTPPROXY_USER
+        envFrom:
+        - configMapRef:
+            name: gluetun-config