diff --git a/cluster/pastebin/deployment.yaml b/cluster/pastebin/deployment.yaml
new file mode 100644
index 0000000..06c5185
--- /dev/null
+++ b/cluster/pastebin/deployment.yaml
@@ -0,0 +1,53 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: pastebin
+  name: pastebin
+  namespace: pastebin
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: pastebin
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 25%
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: pastebin
+    spec:
+      volumes:
+        - name: pastebin-pv
+          persistentVolumeClaim:
+            claimName: pastebin-pvc
+      containers:
+        - image: ghcr.io/robherley/snips.sh:latest
+          imagePullPolicy: IfNotPresent
+          name: pastebin
+          ports:
+            - containerPort: 8080
+              protocol: TCP
+            - containerPort: 2222
+              protocol: TCP
+          # livenessProbe:
+          #   httpGet:
+          #     path: /
+          #     port: 8080
+          volumeMounts:
+            - mountPath: "/data"
+              name: pastebin-pv
+          env:
+            - name: SNIPS_HTTP_EXTERNAL
+              value: "https://paste.goudham.com"
+            - name: SNIPS_SSH_EXTERNAL
+              value: "ssh://paste.goudham.com:2222"
+            - name: SNIPS_HMACKEY
+              valueFrom:
+                secretKeyRef:
+                  name: hmac
+                  key: signing-key
+          resources: {}
diff --git a/cluster/pastebin/ingress.yaml b/cluster/pastebin/ingress.yaml
new file mode 100644
index 0000000..0071bda
--- /dev/null
+++ b/cluster/pastebin/ingress.yaml
@@ -0,0 +1,23 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  labels:
+    app: pastebin-ingress
+  name: pastebin-ingress
+  namespace: pastebin
+spec:
+  ingressClassName: traefik
+  rules:
+    - host: paste.goudham.com
+      http:
+        paths:
+          - backend:
+              service:
+                name: pastebin-http
+                port:
+                  number: 8080
+            path: /
+            pathType: Prefix
+  tls:
+    - hosts:
+        - paste.goudham.com
\ No newline at end of file
diff --git a/cluster/pastebin/pvc.yaml b/cluster/pastebin/pvc.yaml
new file mode 100644
index 0000000..abb2a6e
--- /dev/null
+++ b/cluster/pastebin/pvc.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  labels:
+    app: pastebin-pvc
+  name: pastebin-pvc
+  namespace: pastebin
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 30Gi
diff --git a/cluster/pastebin/secrets/hmac-signing-key.sealed.json b/cluster/pastebin/secrets/hmac-signing-key.sealed.json
new file mode 100644
index 0000000..b5585f7
--- /dev/null
+++ b/cluster/pastebin/secrets/hmac-signing-key.sealed.json
@@ -0,0 +1,22 @@
+{
+  "kind": "SealedSecret",
+  "apiVersion": "bitnami.com/v1alpha1",
+  "metadata": {
+    "name": "hmac",
+    "namespace": "pastebin",
+    "creationTimestamp": null
+  },
+  "spec": {
+    "template": {
+      "metadata": {
+        "name": "hmac",
+        "namespace": "pastebin",
+        "creationTimestamp": null
+      },
+      "type": "Opaque"
+    },
+    "encryptedData": {
+      "signing-key": "AgC4RHpNs2/ovDqN5CY4CflgDYNH2CjlB3dTO3gWgXm/PFuTWRbI1MWQDJmCvGGYfzWXgEUFsn0m7GbHh0OBbkLW9gUuqnQBJO74gFDckg4mOWZtnicP/uMqqrx49MovCZjmnEMhYvIIdF5cBIsBV0uFw+RIOGvjcx4pJx80jH4zDobobiHkFaMYZ1aTkiQZOsN3iCPhjZIq5i0nFNe2v0B/OzDbh1JbN61EndhXZieRh6Dbii9BE8OhV2NDLzqQdKH4tCMli1wzLg09rEVPNg4k0XqwIK7gdFBNSh1ex2mcTRmpmg4/2hSfCRP54yusR7kf74VjbA1LsUQMnXyE/GdHZLvYqkQc5EPY09TlA3qc9A53oZ51hPmFX/KoS+rghielfKsfzEr3o/H/dOYNPAYSiuLK0vPLG9QenTyRO/8JvDJf9SCfTpthfBoun+OxOL0mX++WE5lgnme5ZbP8nslmV1lv7HFp7I82jsgdBKNG5wfudLzyiw5KhpjyHf6kq9AVI+Toy15OBURsvJw9kXSUrC+TFFJ2Q716A4IpLEuskCHHaZVKjVgnXhyEgELmAwjUSaB5G7HgVXnYy1CZ7lQatLop6stqIEyMfc1mE18+BnHyZOV9cc9X2Y1cV3uuX60WvmPadaniMJvoBI2RPaPBP2hiHTcyHULRcLd5L0JPGSV7qgiN0fQXYKsBniku7iCMi+0KD7eoCpyXWUT/yYzWFmxfCrxqpHNPg3BjA8r0wrc="
+    }
+  }
+}
diff --git a/cluster/pastebin/service.yaml b/cluster/pastebin/service.yaml
new file mode 100644
index 0000000..b1bda68
--- /dev/null
+++ b/cluster/pastebin/service.yaml
@@ -0,0 +1,37 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: pastebin-http
+  name: pastebin-http
+  namespace: pastebin
+spec:
+  type: ClusterIP
+  ipFamilies:
+    - IPv4
+  ports:
+    - port: 8080
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    app: pastebin
+  sessionAffinity: None
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: pastebin-ssh
+  name: pastebin-ssh
+  namespace: pastebin
+spec:
+  type: LoadBalancer
+  ipFamilies:
+    - IPv4
+  ports:
+    - port: 2222
+      protocol: TCP
+      targetPort: 2222
+  selector:
+    app: pastebin
+  sessionAffinity: None