diff --git a/charts/apps/homarr/Chart.yaml b/charts/apps/homarr/Chart.yaml
new file mode 100644
index 0000000..5b46cef
--- /dev/null
+++ b/charts/apps/homarr/Chart.yaml
@@ -0,0 +1,3 @@
+apiVersion: v2
+version: 1.0.0
+name: openwebui
diff --git a/charts/apps/homarr/templates/client.yaml b/charts/apps/homarr/templates/client.yaml
new file mode 100644
index 0000000..747fe09
--- /dev/null
+++ b/charts/apps/homarr/templates/client.yaml
@@ -0,0 +1,10 @@
+apiVersion: homelab.mortenolsen.pro/v1
+kind: OidcClient
+metadata:
+  name: "{{ .Release.Name }}"
+spec:
+  environment: "{{ .Values.globals.environment }}"
+  redirectUris:
+    - path: /api/auth/callback/oidc
+      subdomain: "{{ .Values.subdomain }}"
+      matchingMode: strict
diff --git a/charts/apps/homarr/templates/deployment.yaml b/charts/apps/homarr/templates/deployment.yaml
new file mode 100644
index 0000000..5824df6
--- /dev/null
+++ b/charts/apps/homarr/templates/deployment.yaml
@@ -0,0 +1,83 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: "{{ .Release.Name }}"
+spec:
+  strategy:
+    type: Recreate
+  replicas: 1
+  selector:
+    matchLabels:
+      app: "{{ .Release.Name }}"
+  template:
+    metadata:
+      labels:
+        app: "{{ .Release.Name }}"
+    spec:
+      containers:
+        - name: "{{ .Release.Name }}"
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          imagePullPolicy: "{{ .Values.image.pullPolicy }}"
+          ports:
+            - name: http
+              containerPort: 7575
+              protocol: TCP
+          livenessProbe:
+            tcpSocket:
+              port: http
+          readinessProbe:
+            tcpSocket:
+              port: http
+          volumeMounts:
+            - mountPath: /appdata
+              name: data
+          env:
+            - name: BASE_URL
+              value: https://homarr.olsen.cloud # TODO
+
+            - name: NEXTAUTH_URL
+              value: https://homarr.olsen.cloud
+
+            - name: AUTH_PROVIDERS
+              value: oidc
+
+            - name: AUTH_OIDC_CLIENT_NAME
+              value: Authentik
+
+            - name: AUTH_OIDC_SCOPE_OVERWRITE
+              value: openid email profile
+
+            - name: AUTH_OIDC_GROUPS_ATTRIBUTE
+              value: groups
+
+            - name: AUTH_OIDC_AUTO_LOGIN
+              value: "true"
+
+            - name: SECRET_ENCRYPTION_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: "{{ .Release.Name }}-secrets"
+                  key: encryptionkey
+
+            - name: AUTH_OIDC_ISSUER
+              valueFrom:
+                secretKeyRef:
+                  name: "{{ .Release.Name }}-client"
+                  key: configurationIssuer
+
+            - name: AUTH_OIDC_CLIENT_ID
+              valueFrom:
+                secretKeyRef:
+                  name: "{{ .Release.Name }}-client"
+                  key: clientId
+
+            - name: AUTH_OIDC_CLIENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: "{{ .Release.Name }}-client"
+                  key: clientSecret
+
+      volumes:
+        - name: data
+          persistentVolumeClaim:
+            claimName: "{{ .Release.Name }}-data"
diff --git a/charts/apps/homarr/templates/external-http-service.yaml b/charts/apps/homarr/templates/external-http-service.yaml
new file mode 100644
index 0000000..e28916d
--- /dev/null
+++ b/charts/apps/homarr/templates/external-http-service.yaml
@@ -0,0 +1,11 @@
+apiVersion: homelab.mortenolsen.pro/v1
+kind: ExternalHttpService
+metadata:
+  name: '{{ .Release.Name }}'
+spec:
+  environment: '{{ .Values.globals.environment }}'
+  subdomain: '{{ .Values.subdomain }}'
+  destination:
+    host: '{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local'
+    port:
+      number: 80
diff --git a/charts/apps/homarr/templates/http-service.yaml b/charts/apps/homarr/templates/http-service.yaml
new file mode 100644
index 0000000..89df8bf
--- /dev/null
+++ b/charts/apps/homarr/templates/http-service.yaml
@@ -0,0 +1,11 @@
+apiVersion: homelab.mortenolsen.pro/v1
+kind: HttpService
+metadata:
+  name: "{{ .Release.Name }}"
+spec:
+  environment: "{{ .Values.globals.environment }}"
+  subdomain: "{{ .Values.subdomain }}"
+  destination:
+    host: "{{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local"
+    port:
+      number: 80
diff --git a/charts/apps/homarr/templates/pvc.yaml b/charts/apps/homarr/templates/pvc.yaml
new file mode 100644
index 0000000..bc1d0a6
--- /dev/null
+++ b/charts/apps/homarr/templates/pvc.yaml
@@ -0,0 +1,11 @@
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: '{{ .Release.Name }}-data'
+spec:
+  accessModes:
+    - 'ReadWriteOnce'
+  resources:
+    requests:
+      storage: '1Gi'
+  storageClassName: '{{ .Values.globals.environment }}'
diff --git a/charts/apps/homarr/templates/secret.yaml b/charts/apps/homarr/templates/secret.yaml
new file mode 100644
index 0000000..d086249
--- /dev/null
+++ b/charts/apps/homarr/templates/secret.yaml
@@ -0,0 +1,9 @@
+apiVersion: homelab.mortenolsen.pro/v1
+kind: GenerateSecret
+metadata:
+  name: "{{ .Release.Name }}-secrets"
+spec:
+  fields:
+    - name: encryptionkey
+      encoding: hex
+      length: 64
diff --git a/charts/apps/homarr/templates/service.yaml b/charts/apps/homarr/templates/service.yaml
new file mode 100644
index 0000000..73dd8e9
--- /dev/null
+++ b/charts/apps/homarr/templates/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: "{{ .Release.Name }}"
+  labels:
+    app: "{{ .Release.Name }}"
+spec:
+  type: ClusterIP
+  ports:
+    - port: 80
+      targetPort: 7575
+      protocol: TCP
+      name: http
+  selector:
+    app: "{{ .Release.Name }}"
diff --git a/charts/apps/homarr/values.yaml b/charts/apps/homarr/values.yaml
new file mode 100644
index 0000000..fb90c85
--- /dev/null
+++ b/charts/apps/homarr/values.yaml
@@ -0,0 +1,7 @@
+globals:
+  environment: prod
+image:
+  repository: ghcr.io/homarr-labs/homarr
+  tag: latest
+  pullPolicy: IfNotPresent
+subdomain: homarr