diff --git a/kubernetes/apps/default/nitter/app/externalsecret.yaml b/kubernetes/apps/default/nitter/app/externalsecret.yaml
new file mode 100644
index 000000000..961f26e47
--- /dev/null
+++ b/kubernetes/apps/default/nitter/app/externalsecret.yaml
@@ -0,0 +1,27 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: gatus
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: onepassword-connect
+  target:
+    name: gatus-secret
+    template:
+      engineVersion: v2
+      data:
+        CUSTOM_PUSHOVER_TOKEN: "{{ .GATUS_PUSHOVER_TOKEN }}"
+        CUSTOM_PUSHOVER_USER_KEY: "{{ .PUSHOVER_USER_KEY }}"
+        # INIT_POSTGRES_DBNAME: gatus
+        # INIT_POSTGRES_HOST: postgres16-rw.database.svc.cluster.local
+        # INIT_POSTGRES_USER: "{{ .GATUS_POSTGRES_USER }}"
+        # INIT_POSTGRES_PASS: "{{ .GATUS_POSTGRES_PASS }}"
+        # INIT_POSTGRES_SUPER_PASS: "{{ .POSTGRES_SUPER_PASS }}"
+  dataFrom:
+    # - extract:
+    #     key: cloudnative-pg
+    - extract:
+        key: gatus
diff --git a/kubernetes/apps/default/nitter/app/helmrelease.yaml b/kubernetes/apps/default/nitter/app/helmrelease.yaml
new file mode 100644
index 000000000..315c8935c
--- /dev/null
+++ b/kubernetes/apps/default/nitter/app/helmrelease.yaml
@@ -0,0 +1,100 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: &app nitter
+  namespace: services
+spec:
+  interval: 15m
+  chart:
+    spec:
+      chart: app-template
+      version: 2.6.0
+      sourceRef:
+        kind: HelmRepository
+        name: bjw-s-charts
+        namespace: flux-system
+  install:
+    createNamespace: true
+    remediation:
+      retries: 5
+  upgrade:
+    remediation:
+      retries: 5
+  values:
+    controller:
+      replicas: 2
+      strategy: RollingUpdate
+    fullNameOverride: *app
+    image:
+      repository: registry.skysolutions.fi/library/nitter
+      tag: guest-accounts
+    service:
+      main:
+        ports:
+          http:
+            port: &port 8080
+    ingress:
+      main:
+        enabled: true
+        ingressClassName: 'nginx'
+        annotations:
+          external-dns-cf/is-public: "true"
+          external-dns-cf/is-dns-public: "true"
+          external-dns.alpha.kubernetes.io/cloudflare-proxied: "true"
+          external-dns.alpha.kubernetes.io/target: "ingress-cf.skylab.fi"
+          hajimari.io/icon: 'twitter'
+        hosts:
+          - host: &host 'nitter.${SECRET_DOMAIN}'
+            paths:
+              - path: /
+                pathType: Prefix
+        tls:
+          - hosts:
+              - *host
+    topologySpreadConstraints:
+      - maxSkew: 1
+        topologyKey: kubernetes.io/hostname
+        whenUnsatisfiable: DoNotSchedule
+        labelSelector:
+          matchLabels:
+            app.kubernetes.io/name: *app
+    probes:
+      liveness: &probes
+        enabled: false
+        custom: true
+        spec:
+          httpGet:
+            path: /settings
+            port: *port
+          initialDelaySeconds: 0
+          periodSeconds: 10
+          timeoutSeconds: 1
+          failureThreshold: 3
+      readiness: *probes
+      startup:
+        enabled: false
+    persistence:
+      config:
+        enabled: true
+        type: configMap
+        name: *app
+        subPath: config.ini
+        mountPath: /src/nitter.conf
+        readOnly: false
+    podAnnotations:
+      secret.reloader.stakater.com/reload: *app
+    resources:
+      requests:
+        memory: 50Mi
+      limits:
+        memory: 250Mi
+    affinity:
+      nodeAffinity:
+        requiredDuringSchedulingIgnoredDuringExecution:
+          nodeSelectorTerms:
+            - matchExpressions:
+                - key: kubernetes.io/arch
+                  operator: In
+                  values:
+                    - "amd64"
diff --git a/kubernetes/apps/default/nitter/app/kustomization.yaml b/kubernetes/apps/default/nitter/app/kustomization.yaml
new file mode 100644
index 000000000..3e5aa6244
--- /dev/null
+++ b/kubernetes/apps/default/nitter/app/kustomization.yaml
@@ -0,0 +1,6 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ./helmrelease.yaml
+  - ./externalsecret.yaml
diff --git a/kubernetes/apps/default/nitter/ks.yaml b/kubernetes/apps/default/nitter/ks.yaml
new file mode 100644
index 000000000..03ab9d771
--- /dev/null
+++ b/kubernetes/apps/default/nitter/ks.yaml
@@ -0,0 +1,19 @@
+---
+# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/kustomization-kustomize-v1.json
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: &app nitter
+  namespace: flux-system
+spec:
+  targetNamespace: default
+  commonMetadata:
+    labels:
+      app.kubernetes.io/name: *app
+  interval: 10m
+  path: ./kubernetes/apps/default/nitter/app
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: home-kubernetes
+  wait: false