diff --git a/communitarian/deployment-api.yaml b/communitarian/deployment-api.yaml
new file mode 100644
index 0000000..7a70e14
--- /dev/null
+++ b/communitarian/deployment-api.yaml
@@ -0,0 +1,75 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: communitarian-api
+  namespace: "{{ .namespace }}"
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: api
+  template:
+    metadata:
+      labels:
+        component: api
+    spec:
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
+        fsGroup: 1000
+        seccompProfile:
+          type: RuntimeDefault
+      initContainers:
+      - name: fix-permissions
+        image: busybox:1.36
+        command: ['sh', '-c']
+        args:
+        - |
+          mkdir -p /app/data/citizens /app/data/communities /app/data/content
+          chmod -R 777 /app/data
+          echo "Permissions fixed"
+        volumeMounts:
+        - name: data
+          mountPath: /app/data
+        securityContext:
+          runAsUser: 0
+          runAsNonRoot: false
+      containers:
+      - name: communitarian-api
+        image: "{{ .apiImage }}"
+        ports:
+        - containerPort: {{ .apiPort }}
+          name: http
+        env:
+        - name: TZ
+          value: "{{ .timezone }}"
+        - name: API_KEY
+          valueFrom:
+            secretKeyRef:
+              name: communitarian-secrets
+              key: apiKey
+        - name: JWT_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: communitarian-secrets
+              key: jwtSecret
+        volumeMounts:
+        - name: data
+          mountPath: /app/data
+        resources:
+          requests:
+            memory: "256Mi"
+            cpu: "100m"
+          limits:
+            memory: "1Gi"
+            cpu: "500m"
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop: [ALL]
+          readOnlyRootFilesystem: false
+      volumes:
+      - name: data
+        persistentVolumeClaim:
+          claimName: communitarian-data
\ No newline at end of file
diff --git a/communitarian/deployment-app.yaml b/communitarian/deployment-app.yaml
new file mode 100644
index 0000000..5364590
--- /dev/null
+++ b/communitarian/deployment-app.yaml
@@ -0,0 +1,47 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: communitarian-app
+  namespace: "{{ .namespace }}"
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: app
+  template:
+    metadata:
+      labels:
+        component: app
+    spec:
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
+        fsGroup: 1000
+        seccompProfile:
+          type: RuntimeDefault
+      containers:
+      - name: communitarian-app
+        image: "{{ .appImage }}"
+        ports:
+        - containerPort: {{ .appPort }}
+          name: http
+        env:
+        - name: TZ
+          value: "{{ .timezone }}"
+        - name: API_URL
+          value: "http://communitarian-api:{{ .apiPort }}"
+        - name: NEXT_PUBLIC_API_URL
+          value: "/api"
+        resources:
+          requests:
+            memory: "128Mi"
+            cpu: "100m"
+          limits:
+            memory: "512Mi"
+            cpu: "500m"
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop: [ALL]
+          readOnlyRootFilesystem: false
\ No newline at end of file
diff --git a/communitarian/ingress.yaml b/communitarian/ingress.yaml
new file mode 100644
index 0000000..6f97ec3
--- /dev/null
+++ b/communitarian/ingress.yaml
@@ -0,0 +1,33 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: communitarian
+  namespace: "{{ .namespace }}"
+  annotations:
+    external-dns.alpha.kubernetes.io/target: "{{ .externalDnsDomain }}"
+    external-dns.alpha.kubernetes.io/cloudflare-proxied: "false"
+    traefik.ingress.kubernetes.io/router.middlewares: "{{ .namespace }}-strip-api@kubernetescrd"
+spec:
+  ingressClassName: traefik
+  tls:
+  - hosts:
+    - "{{ .domain }}"
+    secretName: "{{ .tlsSecretName }}"
+  rules:
+  - host: "{{ .domain }}"
+    http:
+      paths:
+      - path: /api
+        pathType: Prefix
+        backend:
+          service:
+            name: communitarian-api
+            port:
+              number: {{ .apiPort }}
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: communitarian-app
+            port:
+              number: {{ .appPort }}
\ No newline at end of file
diff --git a/communitarian/kustomization.yaml b/communitarian/kustomization.yaml
new file mode 100644
index 0000000..acc4e0e
--- /dev/null
+++ b/communitarian/kustomization.yaml
@@ -0,0 +1,18 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: "{{ .namespace }}"
+labels:
+  - includeSelectors: true
+    pairs:
+      app: communitarian
+      managedBy: kustomize
+      partOf: wild-cloud
+resources:
+  - namespace.yaml
+  - deployment-app.yaml
+  - deployment-api.yaml
+  - service-app.yaml
+  - service-api.yaml
+  - middleware.yaml
+  - ingress.yaml
+  - pvc.yaml
\ No newline at end of file
diff --git a/communitarian/manifest.yaml b/communitarian/manifest.yaml
new file mode 100644
index 0000000..bcf3a30
--- /dev/null
+++ b/communitarian/manifest.yaml
@@ -0,0 +1,19 @@
+name: communitarian
+is: communitarian
+description: Communitarian is a community-focused application with a web frontend and API backend for collaborative features.
+version: 1.0.0
+icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/community.svg
+defaultConfig:
+  namespace: communitarian
+  appImage: payneio/communitarian-app:latest
+  apiImage: payneio/communitarian-api:latest
+  appPort: 3000
+  apiPort: 8000
+  domain: communitarian.{{ .cloud.domain }}
+  externalDnsDomain: "{{ .cloud.domain }}"
+  tlsSecretName: wildcard-wild-cloud-tls
+  storage: 10Gi
+  timezone: UTC
+defaultSecrets:
+  - key: apiKey
+  - key: jwtSecret
\ No newline at end of file
diff --git a/communitarian/middleware.yaml b/communitarian/middleware.yaml
new file mode 100644
index 0000000..8f894db
--- /dev/null
+++ b/communitarian/middleware.yaml
@@ -0,0 +1,9 @@
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+  name: strip-api
+  namespace: "{{ .namespace }}"
+spec:
+  stripPrefix:
+    prefixes:
+      - /api
\ No newline at end of file
diff --git a/communitarian/namespace.yaml b/communitarian/namespace.yaml
new file mode 100644
index 0000000..ef059b8
--- /dev/null
+++ b/communitarian/namespace.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: "{{ .namespace }}"
\ No newline at end of file
diff --git a/communitarian/pvc.yaml b/communitarian/pvc.yaml
new file mode 100644
index 0000000..bfb2a4f
--- /dev/null
+++ b/communitarian/pvc.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: communitarian-data
+  namespace: "{{ .namespace }}"
+spec:
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: "{{ .storage }}"
\ No newline at end of file
diff --git a/communitarian/service-api.yaml b/communitarian/service-api.yaml
new file mode 100644
index 0000000..4896f0b
--- /dev/null
+++ b/communitarian/service-api.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: communitarian-api
+  namespace: "{{ .namespace }}"
+spec:
+  selector:
+    component: api
+  ports:
+  - port: {{ .apiPort }}
+    targetPort: {{ .apiPort }}
+    protocol: TCP
+    name: http
\ No newline at end of file
diff --git a/communitarian/service-app.yaml b/communitarian/service-app.yaml
new file mode 100644
index 0000000..278ac0a
--- /dev/null
+++ b/communitarian/service-app.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: communitarian-app
+  namespace: "{{ .namespace }}"
+spec:
+  selector:
+    component: app
+  ports:
+  - port: {{ .appPort }}
+    targetPort: {{ .appPort }}
+    protocol: TCP
+    name: http
\ No newline at end of file