diff --git a/cluster/apps/data/piped/deployment.yaml b/cluster/apps/data/piped/deployment.yaml
new file mode 100644
index 000000000..4fd1f9417
--- /dev/null
+++ b/cluster/apps/data/piped/deployment.yaml
@@ -0,0 +1,193 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: piped
+  namespace: data
+  labels:
+    app.kubernetes.io/instance: piped
+    app.kubernetes.io/name: piped
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: piped
+      app.kubernetes.io/name: piped
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/instance: piped
+        app.kubernetes.io/name: piped
+    spec:
+      containers:
+        - image: 1337kavin/piped-fronted:latest
+          imagePullPolicy: Always
+          name: fronted
+          ports:
+            - containerPort: 8080
+              name: piped-fronted
+        - image: 1337kavin/ytproxy:latest
+          imagePullPolicy: Always
+          name: ytproxy
+        - image: 1337kavin/piped:latest
+          imagePullPolicy: Always
+          name: piped
+          volumeMounts:
+            - name: config
+              mountPath: /app/config.properties
+              subPath: config.properties
+        - image: varnish:6.6-alpine
+          imagePullPolicy: IfNotPresent
+          name: varnish
+          volumeMounts:
+            - name: config
+              mountPath: /etc/varnish/default.vcl
+              subPath: default.vcl
+        - image: caddy:2-alpine
+          imagePullPolicy: IfNotPresent
+          name: caddy
+          ports:
+            - containerPort: 443
+              name: https
+      volumes:
+        - name: config
+          configMap:
+            name: piped-config
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: piped-config
+  namespace: data
+data:
+  config.properties: |
+    # The port to Listen on.
+    PORT: 8080
+
+    # The number of workers to use for the server
+    HTTP_WORKERS: 1
+
+    # Proxy
+    PROXY_PART: https://pipedproxy-ams.kavin.rocks
+
+    # Outgoing HTTP Proxy - eg: 127.0.0.1:8118
+    # HTTP_PROXY: 127.0.0.1:8118
+
+    # Captcha Parameters
+    CAPTCHA_BASE_URL: https://api.capmonster.cloud/
+    CAPTCHA_API_KEY: INSERT_HERE
+
+    # Public API URL
+    API_URL: https://pipedapi.kavin.rocks
+
+    # Hibernate properties
+    hibernate.connection.url: jdbc:postgresql://postgresql-kube.data.svc.cluster.local:5432/piped
+    hibernate.connection.driver_class: org.postgresql.Driver
+    hibernate.dialect: org.hibernate.dialect.PostgreSQL10Dialect
+    hibernate.connection.username: piped
+    hibernate.connection.password: ${SECRET_PIPED_DB_PASSWORD}
+  default.vcl: |
+    vcl 4.0;
+
+    backend default {
+      .host = "localhost:8080";
+    }
+  Caddyfile: |
+    {
+      servers :443 {
+        protocol {
+          experimental_http3
+        }
+      }
+    }
+
+    FRONTEND_HOSTNAME {
+      reverse_proxy localhost:80
+    }
+
+    BACKEND_HOSTNAME {
+      reverse_proxy localhost:80
+    }
+
+    PROXY_HOSTNAME {
+
+      @ytproxy path /videoplayback* /api/v4/* /api/manifest/*
+
+      @optionscall {
+        method OPTIONS
+      }
+
+      header Access-Control-Allow-Origin *
+      header Access-Control-Allow-Headers *
+
+      route {
+
+        header @ytproxy {
+          Cache-Control private always
+        }
+
+        header / {
+          Cache-Control "public, max-age=604800"
+        }
+
+        respond @optionscall 200
+
+        reverse_proxy unix//var/run/ytproxy/http-proxy.sock {
+          header_up -CF-Connecting-IP
+          header_up -X-Forwarded-For
+          header_down -Access-Control-Allow-Origin
+          header_down -etag
+          header_down -alt-svc
+        }
+      }
+    }
+---
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    prometheus.io/probe: "true"
+    prometheus.io/protocol: tcp
+  labels:
+    app.kubernetes.io/instance: piped
+    app.kubernetes.io/name: piped
+  name: piped
+  namespace: data
+spec:
+  ports:
+    - name: http
+      port: 8080
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    app.kubernetes.io/instance: piped
+    app.kubernetes.io/name: piped
+  type: ClusterIP
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  # annotations:
+    # traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
+  labels:
+    app.kubernetes.io/instance: piped
+    app.kubernetes.io/name: piped
+  name: piped
+  namespace: data
+spec:
+  ingressClassName: "nginx"
+  rules:
+    - host: "piped.${SECRET_CLUSTER_DOMAIN}"
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: piped
+                port:
+                  number: 8080
+  tls:
+    - hosts:
+        - "piped.${SECRET_CLUSTER_DOMAIN}"
+      secretName: "${SECRET_CLUSTER_CERTIFICATE_DEFAULT}"
diff --git a/cluster/apps/data/piped/kustomization.yaml b/cluster/apps/data/piped/kustomization.yaml
new file mode 100644
index 000000000..9c2d28b0c
--- /dev/null
+++ b/cluster/apps/data/piped/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - deployment.yaml
diff --git a/cluster/apps/data/redis/helm-release.yaml b/cluster/apps/data/redis/helm-release.yaml
index 2e56d2a20..f538c8a08 100644
--- a/cluster/apps/data/redis/helm-release.yaml
+++ b/cluster/apps/data/redis/helm-release.yaml
@@ -17,13 +17,17 @@ spec:
         namespace: flux-system
       interval: 5m
   values:
+    architecture: standalone
+
     auth:
       password: ${SECRET_REDIS_PASSWORD}
+
     master:
       service:
         annotations:
           prometheus.io/probe: "true"
           prometheus.io/protocol: tcp
+
     replica:
       persistence:
         enabled: false