diff --git a/Deployments.ol/firefox.yaml b/Deployments.ol/firefox.yaml
new file mode 100644
index 0000000..e4c5543
--- /dev/null
+++ b/Deployments.ol/firefox.yaml
@@ -0,0 +1,85 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: firefox
+spec:
+  replicas: 1
+  revisionHistoryLimit: 3
+  selector:
+    matchLabels:
+      app: firefox
+  template:
+    metadata:
+      labels:
+        app: firefox
+    spec:
+      containers:
+        - image: lscr.io/linuxserver/firefox:101.0.1-r0-ls69
+          name: firefox
+          resources:
+            limits:
+              cpu: "1200m"
+              memory: "2000Mi"
+            requests:
+              cpu: "300m"
+              memory: "40Mi"
+          env:
+            - name: TZ
+              value: Europe/Oslo
+            - name: PUID
+              value: "1000"
+            - name: PGID
+              value: "1000"
+            - name: S6_VERBOSITY
+              value: "5"
+          ports:
+            - containerPort: 3000
+          volumeMounts:
+            - name: vol
+              mountPath: /config
+            - name: dshm
+              mountPath: /dev/shm
+            - mountPath: /etc/s6-overlay/s6-rc.d/svc-xrdp-sesman/run
+              subPath: run
+              name: config
+
+      volumes:
+        - name: vol
+          emptyDir:
+        - name: dshm
+          emptyDir:
+            medium: Memory
+        - name: config
+          configMap:
+            name: firefox-edit
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: firefox-svc
+  labels:
+    app: firefox
+spec:
+  type: NodePort
+  ports:
+    - port: 3000
+      targetPort: 3000
+      nodePort: 30104
+  selector:
+    app: firefox
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: firefox-edit
+data:
+  run: |
+    #! /usr/bin/execlineb -P
+
+    # Redirect stderr to stdout.
+    fdmove -c 2 1
+
+    # Notify service manager when xrdp is up
+    #s6-notifyoncheck -w 500 -c "nc -z localhost 3350"
+
+    /usr/sbin/xrdp-sesman --nodaemon
diff --git a/apps/templates/cert-manager.yaml b/apps/templates/cert-manager.yaml
index 4e8c85d..bb13eb8 100644
--- a/apps/templates/cert-manager.yaml
+++ b/apps/templates/cert-manager.yaml
@@ -42,4 +42,22 @@ spec:
         cloudflare:
           apiTokenSecretRef:
             name: cloudflare-api-token-secret
-            key: CLOUDFLARE_API_KEY
\ No newline at end of file
+            key: CLOUDFLARE_API_KEY
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: test-roxedus-com
+  namespace: default
+spec:
+  # Secret names are always required.
+  secretName: example-com-tls
+
+  # The use of the common name field has been deprecated since 2000 and is
+  # discouraged from being used.
+  commonName: test.example.com
+  issuerRef:
+    name: roxedus.com-cloudflare
+    # We can reference ClusterIssuers by changing the kind here.
+    # The default value is Issuer (i.e. a locally namespaced Issuer)
+    kind: ClusterIssuer
\ No newline at end of file