diff --git a/k8s/celery-beat/deployment.yml b/k8s/celery-beat/deployment.yml
new file mode 100644
index 000000000..eb403dff9
--- /dev/null
+++ b/k8s/celery-beat/deployment.yml
@@ -0,0 +1,79 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: celery-beat
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: celery-beat
+  template:
+    metadata:
+      labels:
+        app: celery-beat
+    spec:
+      containers:
+      - name: celery-beat
+        image: ghcr.io/0xtejas/rengine/celery-beat:latest
+        command: ["celery", "-A", "reNgine", "beat", "-l", "INFO", "--scheduler", "django_celery_beat.schedulers:DatabaseScheduler"]
+        env:
+          - name: CELERY_BROKER
+            value: redis://redis:6379/0
+          - name: CELERY_BACKEND
+            value: redis://redis:6379/0
+          - name: POSTGRES_DB
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_DB
+          - name: POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_USER
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_PASSWORD
+          - name: POSTGRES_HOST
+            value: db  # Name of the PostgreSQL service
+          - name: POSTGRES_PORT
+            value: "5432"
+        volumeMounts:
+        - name: github-repos
+          mountPath: /usr/src/github
+        - name: wordlist
+          mountPath: /usr/src/wordlist
+        - name: scan-results
+          mountPath: /usr/src/scan_results
+        - name: gf-patterns
+          mountPath: /root/.gf
+        - name: nuclei-templates
+          mountPath: /root/nuclei-templates
+        - name: tool-config
+          mountPath: /root/.config
+        - name: shared-data
+          mountPath: /usr/src/app
+      volumes:
+        - name: github-repos
+          persistentVolumeClaim:
+            claimName: github-repos-pvc
+        - name: wordlist
+          persistentVolumeClaim:
+            claimName: wordlist-pvc
+        - name: scan-results
+          persistentVolumeClaim:
+            claimName: scan-results-pvc
+        - name: gf-patterns
+          persistentVolumeClaim:
+            claimName: gf-patterns-pvc
+        - name: nuclei-templates
+          persistentVolumeClaim:
+            claimName: nuclei-templates-pvc
+        - name: tool-config
+          persistentVolumeClaim:
+            claimName: tool-config-pvc
+        - name: shared-data
+          persistentVolumeClaim:
+            claimName: shared-data-pvc
\ No newline at end of file
diff --git a/k8s/celery-beat/pvc.yml b/k8s/celery-beat/pvc.yml
new file mode 100644
index 000000000..a09a0362f
--- /dev/null
+++ b/k8s/celery-beat/pvc.yml
@@ -0,0 +1,65 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: github-repos-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: wordlist-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: scan-results-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 5Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: gf-patterns-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: nuclei-templates-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: tool-config-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
diff --git a/k8s/celery-beat/service.yml b/k8s/celery-beat/service.yml
new file mode 100644
index 000000000..5ae0621a6
--- /dev/null
+++ b/k8s/celery-beat/service.yml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: celery-beat
+spec:
+  selector:
+    app: celery-beat
+  ports:
+    - protocol: TCP
+      port: 5672  # Default Celery port (adjust as necessary)
+      targetPort: 5672
+  type: ClusterIP  # Change to NodePort or LoadBalancer if needed
diff --git a/k8s/celery/celery-config.yml b/k8s/celery/celery-config.yml
new file mode 100644
index 000000000..ffba68267
--- /dev/null
+++ b/k8s/celery/celery-config.yml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: celery-config
+data: 
+  MAX_CONCURRENCY: "10"
+  MIN_CONCURRENCY: "1"
diff --git a/k8s/celery/deployment.yml b/k8s/celery/deployment.yml
new file mode 100644
index 000000000..ab9db017b
--- /dev/null
+++ b/k8s/celery/deployment.yml
@@ -0,0 +1,69 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: celery
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: celery
+  template:
+    metadata:
+      labels:
+        app: celery
+    spec:
+      containers:
+      - name: celery
+        image: ghcr.io/0xtejas/rengine/celery:latest
+        command: ["/bin/bash", "-c", "/usr/src/app/celery-entrypoint.sh"]
+        env:
+          - name: DEBUG
+            value: "0"
+          - name: CELERY_BROKER
+            value: redis://redis:6379/0
+          - name: CELERY_BACKEND
+            value: redis://redis:6379/0
+          - name: DOMAIN_NAME
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: DOMAIN_NAME
+          - name: POSTGRES_DB
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_DB
+          - name: POSTGRES_PORT
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_PORT
+          - name: POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_USER
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_PASSWORD
+          - name: POSTGRES_HOST
+            value: db
+        envFrom:
+          - configMapRef:
+              name: celery-config
+        volumeMounts:
+          - mountPath: /usr/src/app
+            name: shared-data
+        resources:
+          requests:
+            memory: "2Gi"
+            cpu: "600m"
+          limits:
+            memory: "4Gi"
+            cpu: "1.5"
+      volumes:
+        - name: shared-data
+          persistentVolumeClaim:
+            claimName: shared-data-pvc
\ No newline at end of file
diff --git a/k8s/cert-manager/certificate.yaml b/k8s/cert-manager/certificate.yaml
new file mode 100644
index 000000000..39e46270c
--- /dev/null
+++ b/k8s/cert-manager/certificate.yaml
@@ -0,0 +1,12 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: rengine-cert
+  namespace: default
+spec:
+  secretName: rengine-tls
+  issuerRef:
+    name: letsencrypt-prod
+    kind: ClusterIssuer
+  dnsNames:
+  - rengine.example.com
diff --git a/k8s/cert-manager/cluster-issuer.yml b/k8s/cert-manager/cluster-issuer.yml
new file mode 100644
index 000000000..4f0d9d3cf
--- /dev/null
+++ b/k8s/cert-manager/cluster-issuer.yml
@@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-prod
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: rengine@example.com
+    privateKeySecretRef:
+      name: letsencrypt-prod
+    solvers:
+    - http01:
+        ingress:
+          class: nginx
\ No newline at end of file
diff --git a/k8s/nginx/configmap.yml b/k8s/nginx/configmap.yml
new file mode 100644
index 000000000..fda770dfc
--- /dev/null
+++ b/k8s/nginx/configmap.yml
@@ -0,0 +1,38 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: nginx-config
+data:
+  rengine.conf: |
+    server {
+        listen 80;
+        listen [::]:80;
+        server_name rengine.example.com;
+
+        charset utf-8;
+        keepalive_timeout 70;
+
+        client_max_body_size 800M;
+
+        location / {
+            proxy_read_timeout 300;
+            proxy_connect_timeout 300;
+            proxy_redirect off;
+
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_pass http://rengine:8000/;
+        }
+
+        location /staticfiles/ {
+            alias /usr/src/app/staticfiles/;
+        }
+
+        location /protected_media/ {
+            internal;
+            alias /usr/src/scan_results/;
+            autoindex off;
+        }
+    }
\ No newline at end of file
diff --git a/k8s/nginx/deployment.yml b/k8s/nginx/deployment.yml
new file mode 100644
index 000000000..72981d140
--- /dev/null
+++ b/k8s/nginx/deployment.yml
@@ -0,0 +1,38 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:alpine
+        volumeMounts:
+        - name: nginx-config-volume
+          mountPath: /etc/nginx/conf.d/rengine.conf
+          subPath: rengine.conf
+        - name: certs
+          mountPath: /etc/nginx/certs
+        - name: static-files
+          mountPath: /usr/src/app/staticfiles
+        ports:
+        - containerPort: 80
+        - containerPort: 443
+      volumes:
+        - name: nginx-config-volume
+          configMap:
+            name: nginx-config
+        - name: certs
+          secret:
+            secretName: nginx-certificates
+        - name: static-files
+          persistentVolumeClaim:
+            claimName: static-pvc
\ No newline at end of file
diff --git a/k8s/nginx/ingress.yml b/k8s/nginx/ingress.yml
new file mode 100644
index 000000000..fad6297d6
--- /dev/null
+++ b/k8s/nginx/ingress.yml
@@ -0,0 +1,30 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: nginx-ingress
+  annotations:
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/rewrite-target: /
+    nginx.ingress.kubernetes.io/proxy-body-size: "800m"
+    nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
+    nginx.ingress.kubernetes.io/proxy-connect-timeout: "300"
+    nginx.ingress.kubernetes.io/whitelist-source-range: "0.0.0.0/0"
+    acme.cert-manager.io/http01-edit-in-place: "true"
+    cert-manager.io/cluster-issuer: letsencrypt-prod  
+spec:
+  ingressClassName: nginx
+  tls:
+  - hosts:
+      - rengine.example.com
+    secretName: rengine-tls
+  rules:
+  - host: rengine.example.com
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: nginx
+            port:
+              number: 80
diff --git a/k8s/nginx/service.yml b/k8s/nginx/service.yml
new file mode 100644
index 000000000..94e728065
--- /dev/null
+++ b/k8s/nginx/service.yml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx
+spec:
+  type: ClusterIP
+  selector:
+    app: nginx
+  ports:
+  - name: http
+    port: 80
+    targetPort: 80
+  - name: https
+    port: 443
+    targetPort: 443
\ No newline at end of file
diff --git a/k8s/ollama/deployment.yml b/k8s/ollama/deployment.yml
new file mode 100644
index 000000000..8e131f248
--- /dev/null
+++ b/k8s/ollama/deployment.yml
@@ -0,0 +1,28 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ollama
+  labels:
+    app: ollama
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: ollama
+  template:
+    metadata:
+      labels:
+        app: ollama
+    spec:
+      containers:
+      - name: ollama
+        image: ollama/ollama:latest # Using the image from docker-compose
+        ports:
+        - containerPort: 11434 # Port used inside the container
+        volumeMounts:
+        - name: ollama-data
+          mountPath: /root/.ollama # Same mount path as in docker-compose
+      volumes:
+        - name: ollama-data
+          persistentVolumeClaim:
+            claimName: ollama-pvc
diff --git a/k8s/ollama/pvc.yml b/k8s/ollama/pvc.yml
new file mode 100644
index 000000000..2bdbbdeaa
--- /dev/null
+++ b/k8s/ollama/pvc.yml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: ollama-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 5Gi # Adjust storage size as needed
diff --git a/k8s/ollama/service.yml b/k8s/ollama/service.yml
new file mode 100644
index 000000000..cf0d4be19
--- /dev/null
+++ b/k8s/ollama/service.yml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: ollama
+  labels:
+    app: ollama
+spec:
+  selector:
+    app: ollama
+  ports:
+    - protocol: TCP
+      port: 11434  # Service port exposed
+      targetPort: 11434 # Port in the container
+  type: ClusterIP # Or LoadBalancer if you need external access
diff --git a/k8s/postgres/secret.yml b/k8s/postgres/secret.yml
new file mode 100644
index 000000000..abe6849d1
--- /dev/null
+++ b/k8s/postgres/secret.yml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: db-secret
+type: Opaque
+data:
+  POSTGRES_DB: cmVuZ2luZQ==
+  POSTGRES_USER: cmVuZ2luZQ==
+  POSTGRES_PASSWORD: aEUyYTVASyY5bkVZMWZ6Z0E2WA==
+  POSTGRES_PORT: NTQzMg==
+  DOMAIN_NAME: cmVuZ2luZS5leGFtcGxlLmNvbQ==
\ No newline at end of file
diff --git a/k8s/postgres/service.yml b/k8s/postgres/service.yml
new file mode 100644
index 000000000..41f82a20c
--- /dev/null
+++ b/k8s/postgres/service.yml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: db
+spec:
+  ports:
+    - port: 5432
+      targetPort: 5432
+  selector:
+    app: postgres
\ No newline at end of file
diff --git a/k8s/postgres/statefulset.yml b/k8s/postgres/statefulset.yml
new file mode 100644
index 000000000..8e1c7f3c8
--- /dev/null
+++ b/k8s/postgres/statefulset.yml
@@ -0,0 +1,49 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: postgres
+spec:
+  selector:
+    matchLabels:
+      app: postgres
+  serviceName: postgres
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: postgres
+    spec:
+      containers:
+      - name: postgres
+        image: "postgres:12.3-alpine"
+        env:
+          - name: POSTGRES_DB
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_DB
+          - name: POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_USER
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_PASSWORD
+          - name: PGDATA
+            value: /var/lib/postgresql/data/pgdata  # Specify a subdirectory here
+        ports:
+        - containerPort: 5432
+        volumeMounts:
+        - mountPath: /var/lib/postgresql/data      # Volume mount path remains the same
+          name: postgres-storage
+  volumeClaimTemplates:
+  - metadata:
+      name: postgres-storage
+    spec:
+      accessModes: ["ReadWriteOnce"]
+      resources:
+        requests:
+          storage: 5Gi
diff --git a/k8s/pvc.yml b/k8s/pvc.yml
new file mode 100644
index 000000000..a3ab3c254
--- /dev/null
+++ b/k8s/pvc.yml
@@ -0,0 +1,34 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: web-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 5Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: shared-data-pvc
+spec:
+  storageClassName: nfs-rwx-storage
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 5Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: static-pvc
+spec:
+  storageClassName: nfs-rwx-storage
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 5Gi
diff --git a/k8s/readme.md b/k8s/readme.md
new file mode 100644
index 000000000..8aada7859
--- /dev/null
+++ b/k8s/readme.md
@@ -0,0 +1,135 @@
+# K8s Deployment Instructions
+
+This guide provides step-by-step instructions for deploying the application on a Kubernetes cluster. The deployment files should be applied in the following order: `ollama`, `postgres`, `redis`, `web`, `celery`, and `celery-beat`.
+
+## Prerequisites
+
+- A running Kubernetes cluster
+- `kubectl` installed and configured to interact with your cluster
+
+## Configuration
+
+- To get a LetsEncrypt SSL certificate, you'll require to set up the Nginx Ingres Controller first. Then, configure the DNS record. Following that repace rengine.example.com to the domain name that you wish to receive SSL certificate for.
+
+- To use openssl or existing SSL certificate you can use `nginx-certificates` secret instead of `rengine-tls` secret and ignore creating cert-manager. 
+
+## Step 1: Install the Ingress Controller
+
+1. **Add the NGINX Ingress Controller Helm repository:**
+    ```sh
+    helm repo add nginx-stable https://helm.nginx.com/stable
+    helm repo update
+    ```
+
+2. **Install the NGINX Ingress Controller:**
+    ```sh
+    helm install nginx-ingress nginx-stable/nginx-ingress --namespace ingress-nginx --create-namespace --set controller.service.type=LoadBalancer
+    ```
+
+## Step 2: Install Cert Manager
+
+1. **Add the Jetstack Helm repository:**
+    ```sh
+    helm repo add jetstack https://charts.jetstack.io
+    helm repo update
+    ```
+
+2. **Install Cert Manager:**
+    ```sh
+    helm install cert-manager jetstack/cert-manager \
+    --namespace cert-manager \
+    --create-namespace \
+    --version v1.11.0 \
+    --set installCRDs=true
+    ```
+
+3. **Verify the installation:**
+    ```sh
+    kubectl get pods --namespace cert-manager
+    ```
+
+## Step 3: Install OpenEBS NFS Provisioner (Optional)
+
+Note: Either you can install it manually or use the OpenEBS provisioner from the marketplace in the Cloud Provider. 
+
+1. **Add the OpenEBS Helm repository:**
+    ```sh
+    helm repo add openebs https://openebs.github.io/charts
+    helm repo update
+    ```
+
+2. **Install OpenEBS NFS Provisioner:**
+    ```sh
+    helm install openebs-nfs openebs/openebs --namespace openebs --create-namespace
+    ```
+
+3. **Verify the installation:**
+    ```sh
+    kubectl get pods --namespace openebs
+    ```
+
+4. **Create the Storage Class nfsrwx**
+    ```sh
+    kubectl apply -f - <<EOF
+        apiVersion: storage.k8s.io/v1
+        kind: StorageClass
+        metadata:
+          annotations:
+            cas.openebs.io/config: |
+              - name: NSFServerType
+                value: "kernel"
+              - name: BackendStorageClass
+                value: "do-block-storage" # This value changes as per the cloud provider
+            openebs.io/cas-type: nsfrwx
+          name: nfs-rwx-storage
+        provisioner: openebs.io/nfsrwx
+        reclaimPolicy: Delete
+        volumeBindingMode: Immediate
+        EOF
+    ```
+
+## Step 4: Deploy the Application Manifests
+
+1. **Navigate to the `k8s` directory:**
+    ```sh
+    cd k8s
+    ```
+
+2. **Apply the manifests in the following order:**
+    ```sh
+    kubectl apply -f sc.yml
+    kubectl apply -f pvc.yml
+    kubectl apply -f ollama/
+    kubectl apply -f postgres/
+    kubectl apply -f redis/
+    kubectl apply -f web/
+    kubectl apply -f celery/
+    kubectl apply -f celery-beat/
+    kubectl apply -f cert-manager/
+    kubectl apply -f nginx/
+    ```
+
+## Step 5: Verify the Deployment
+
+1. **Check the status of the pods:**
+    ```sh
+    kubectl get pods
+    ```
+
+2. **Check the status of the services:**
+    ```sh
+    kubectl get svc
+    ```
+
+3. **Check the status of the Ingress:**
+    ```sh
+    kubectl get ingress
+    ```
+
+## Additional Configuration
+
+- **Ingress Configuration:** Ensure that your Ingress resources are correctly configured to route traffic to your services.
+- **Certificates:** Use Cert Manager to issue and manage TLS certificates for your Ingress resources.
+- **Persistent Volumes:** Ensure that your Persistent Volume Claims (PVCs) are correctly bound to the Persistent Volumes (PVs) provided by OpenEBS NFS Provisioner.
+
+By following these steps, you should be able to deploy your application on Kubernetes with the necessary Ingress controller, Cert Manager, and OpenEBS NFS Provisioner.
\ No newline at end of file
diff --git a/k8s/redis/deployment.yml b/k8s/redis/deployment.yml
new file mode 100644
index 000000000..e9b4b018b
--- /dev/null
+++ b/k8s/redis/deployment.yml
@@ -0,0 +1,21 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: redis
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: redis
+  template:
+    metadata:
+      labels:
+        app: redis
+    spec:
+      containers:
+      - name: redis
+        image: redis:alpine
+        ports:
+        - containerPort: 6379
+---
+
diff --git a/k8s/redis/service.yml b/k8s/redis/service.yml
new file mode 100644
index 000000000..db7772346
--- /dev/null
+++ b/k8s/redis/service.yml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: redis
+spec:
+  ports:
+    - port: 6379
+      targetPort: 6379
+  selector:
+    app: redis
\ No newline at end of file
diff --git a/k8s/web/deployment.yml b/k8s/web/deployment.yml
new file mode 100644
index 000000000..9a5f885fc
--- /dev/null
+++ b/k8s/web/deployment.yml
@@ -0,0 +1,109 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: web
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: web
+  template:
+    metadata:
+      labels:
+        app: web
+    spec:
+      containers:
+      - name: web
+        image: ghcr.io/0xtejas/rengine/web:latest
+        command: ["gunicorn", "reNgine.wsgi:application", "--bind", "0.0.0.0:8000", "-w", "2", "--access-logfile", "-", "--error-logfile", "-"]
+        env:
+          - name: DEBUG
+            value: "0"
+          - name: CELERY_BROKER
+            value: redis://redis:6379/0
+          - name: CELERY_BACKEND
+            value: redis://redis:6379/0
+          - name: POSTGRES_HOST
+            value: db
+          - name: POSTGRES_DB
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_DB
+          - name: POSTGRES_PORT
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_PORT
+          - name: POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_USER
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_PASSWORD
+        volumeMounts:
+          - mountPath: /usr/src/app/staticfiles
+            name: static-volume
+          - mountPath: /usr/src/app
+            name: shared-data
+        ports:
+        - containerPort: 8000
+        readinessProbe:
+          exec:
+            command:
+              - sh
+              - -c
+              - "pg_isready -h $POSTGRES_HOST -p $POSTGRES_PORT && redis-cli -h redis ping"
+          initialDelaySeconds: 10
+          periodSeconds: 10
+        livenessProbe:
+          exec:
+            command:
+              - sh
+              - -c
+              - "pg_isready -h $POSTGRES_HOST -p $POSTGRES_PORT && redis-cli -h redis ping"
+          initialDelaySeconds: 30
+          periodSeconds: 30
+      volumes:
+        - name: static-volume
+          persistentVolumeClaim:
+            claimName: static-pvc
+        - name: shared-data
+          persistentVolumeClaim:
+            claimName: shared-data-pvc
+      initContainers:
+      - name: init-migrate
+        image: ghcr.io/0xtejas/rengine/web:latest
+        command: ["sh", "-c", "mkdir -p /usr/src/shared-app && cp -r /usr/src/app/* /usr/src/shared-app && python3 manage.py migrate && python3 manage.py collectstatic --noinput"]
+        env:
+          - name: POSTGRES_HOST
+            value: db
+          - name: POSTGRES_DB
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_DB
+          - name: POSTGRES_PORT
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_PORT
+          - name: POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_USER
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_PASSWORD
+        volumeMounts:
+          - mountPath: /usr/src/app/staticfiles
+            name: static-volume
+          - mountPath: /usr/src/shared-app
+            name: shared-data
\ No newline at end of file
diff --git a/k8s/web/job.yml b/k8s/web/job.yml
new file mode 100644
index 000000000..2907a8d77
--- /dev/null
+++ b/k8s/web/job.yml
@@ -0,0 +1,70 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: create-django-superuser
+spec:
+  template:
+    spec:
+      containers:
+      - name: create-superuser
+        image: ghcr.io/0xtejas/rengine/web:latest
+        command:
+          - /bin/sh
+          - -c
+          - |
+            python3 manage.py shell -c "
+            import os
+            from django.contrib.auth import get_user_model
+            User = get_user_model()
+
+            # Retrieve superuser credentials from environment variables
+            username = os.environ.get('DJANGO_SUPERUSER_USERNAME')
+            email = os.environ.get('DJANGO_SUPERUSER_EMAIL')
+            password = os.environ.get('DJANGO_SUPERUSER_PASSWORD')
+
+            # Check if a user with the specified username already exists
+            if User.objects.filter(username=username).exists():
+                print(f'Superuser \"{username}\" already exists.')
+            else:
+                User.objects.create_superuser(username=username, email=email, password=password)
+                print(f'Superuser \"{username}\" has been successfully created.')
+            "
+        env:
+          - name: POSTGRES_DB
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_DB
+          - name: POSTGRES_HOST
+            value: db  # Make sure this is the correct hostname for your database service
+          - name: POSTGRES_PORT
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_PORT
+          - name: POSTGRES_USER
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_USER
+          - name: POSTGRES_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: db-secret
+                key: POSTGRES_PASSWORD
+          - name: DJANGO_SUPERUSER_USERNAME
+            valueFrom:
+              secretKeyRef:
+                name: web-secret
+                key: DJANGO_SUPERUSER_USERNAME
+          - name: DJANGO_SUPERUSER_EMAIL
+            valueFrom:
+              secretKeyRef:
+                name: web-secret
+                key: DJANGO_SUPERUSER_EMAIL
+          - name: DJANGO_SUPERUSER_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: web-secret
+                key: DJANGO_SUPERUSER_PASSWORD
+      restartPolicy: OnFailure
\ No newline at end of file
diff --git a/k8s/web/secret.yml b/k8s/web/secret.yml
new file mode 100644
index 000000000..def3f1b58
--- /dev/null
+++ b/k8s/web/secret.yml
@@ -0,0 +1,18 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: web-secret
+type: Opaque
+data:
+  DJANGO_SUPERUSER_PASSWORD: U203SUpHLklmSEFGdzlzblNLdg==
+  DJANGO_SUPERUSER_USERNAME: cmVuZ2luZQ==
+  DJANGO_SUPERUSER_EMAIL: cmVuZ2luZUBleGFtcGxlLmNvbQ==
+---
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/tls
+metadata:
+  name: nginx-certificates
+data:
+  tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZiVENDQTFXZ0F3SUJBZ0lCQXpBTkJna3Foa2lHOXcwQkFRc0ZBREF4TVFzd0NRWURWUVFHRXdKVlV6RVEKTUE0R0ExVUVDZ3dIY21WT1oybHVaVEVRTUE0R0ExVUVBd3dIY21WT1oybHVaVEFlRncweU5ERXdNamd4TkRJMQpNekphRncwek5ERXdNall4TkRJMU16SmFNR0F4Q3pBSkJnTlZCQVlUQWxWVE1SQXdEZ1lEVlFRSURBZEhaVzl5CloybGhNUkF3RGdZRFZRUUhEQWRCZEd4aGJuUmhNUkF3RGdZRFZRUUtEQWR5WlU1bmFXNWxNUnN3R1FZRFZRUUQKREJKeVpXNW5hVzVsTGpCNGRHVnFZWE11YldVd2dnSWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUNEd0F3Z2dJSwpBb0lDQVFDaXlGalVna0xZREUxRVMzbkYvV1d6NUZVdGNGYUJVdjc0eDZYMGt5WTdsYzVkMWRObXhlNnpnZmxVCmJlUUU1YTIxOHZvUFdsOTBzL3UxaUZ6YW8xTmhHR20xb1Z3c0p3NmFJT1lkdHRGbWI0KzA3SlZFYXpRR2tHWlMKS3l0YXpZUGVLcytTME9ZbDZ4TzNmeUthc3dCVHBkeldGbE9kU3pnVWRFaSt6anl4aCsvbE0xazVvNzRXVWwwRgpYMjNjOWtJK29uZmtXcXBndzRZcVJ2cWxCZHQzZ3lwVndaK3lidCtBQmRyNmxFcUdrYnZVNk1uYlk4b0V1RTYvCnBIRVdQYm8rQ1I4R0tWQXROQkgzSUZpRWlzNlpsWDA5Q0MzUjEwcmZ6MWdoNDN2WVJrZXkyQU1aTEw2TUZvMEUKd3JNTnJYN2hZRWVVZUswQlN6c3NTTjl0SWFGUCtqWGpEQ0gxNmlzU1d0eHlaOTlSYnM1N2pCWHkwWTVXQmNPRwpNaTFHZTFXRjdJYUU1SHptbTlhK0k4OHRNNkVuek8wOHRjUlJuYW5ON28vVXNZeTRreVZ2TkdzMmF2NlBJZDQ1CnV3dkRSQXlqNGw0M1pVWkdEei9pZG8rdFU1SzdQU2NwRkphU0N0cExwU1RNQnZXNGtRejEzalF4UnR6YVZtcHkKS3dxejlqNm1pbFFWazY2OVRVSS9pcGV2cFpRY1NsOWE0QUpSQ2U1dnA5UnpUaHlQa20vQldEdEJzUTk2YndULwp1V0I3MkR5U2VwL0Z0QnBWbHd5aiswQ2ZLMm11Nk9HcTRpVlg1c3RsSXhKMW1GaGc2aENVMVFpY09PWDl1ZUZTCnVKc2FjTklHVjlkUVR6c2I2Mm5NN3B6NzVsT1RrTG4rZ3lBam9mWFFwU2s2b1l0VmN3SURBUUFCbzJFd1h6QWQKQmdOVkhSRUVGakFVZ2hKeVpXNW5hVzVsTGpCNGRHVnFZWE11YldVd0hRWURWUjBPQkJZRUZHQzk2d3BRSi9UTApOSU9FSlRGb1JxTXZSdmErTUI4R0ExVWRJd1FZTUJhQUZPK3JoNGc4a0lBOWVkTkhtN0pBRWtncms3SzhNQTBHCkNTcUdTSWIzRFFFQkN3VUFBNElDQVFCVWp1b3Myc0pZbkZ5Vlo3VEpONUg3ai9ZazFEZ3A1NUYraS9wQ1loTEYKeldtVFk1K1EyVG5UcHk1WGFhT1QzQTFOSnNLZWlLL01QV2VVa2U4ODNUSEhTV1JoQXZ4QlhCVXRrMEc4WU9TUQpuNVJEdVp5UmFqcmNNTU0waDViaGRQajJjdFZqY2U0NVQxajI1V3R0T0lVT1NMbXdRWkVXNUFYWFpuUnNFMUhwCklHV25OOWFuOUhEOWJaSWN2ODFtZEt4UlloVmtCZlk2ZU5LY1Bqa0JpNVJtUnFFc1B1ckFzTVNMWlEwek12MWcKM2F5UzlLSVJXUmJKdHhiWEdyS05saWZ0RGo1cVhmSEhWYzhoWXZXcm9CV0R6M2F5aTR6ci80UmVrVW1Ia0JiZQpTZVVJMzZmWHdVeXhKa1JqdnE3YytSRzJwK2Q4WTFQUlJIUXlOVVRxVWZMWnRxYVkzbEVpNTcxNTNQUG1xSjBqCmgyUE1rWC9OanJqWnpQUUpIZTJrNGJwa2dYNXRaODR4QnpvODhIUGM3dVFMeXNsa2dMRHErUnlUZlpUbE9KVWMKQ2k3U2FUVk1NN21aR0xlclo2eXlHb24yVWliNEQ3ZHBsN1EvN1RMZE91U2lQVzJWdzZta09VK3BXam5CRWFudAp5RHFzTDIzL25VL0ZrNXhXeW80VDdDVncwUkROTzZ6ekcvRjEvVXd2RW1EZlRSa3VETTlPS3pPbGo5WUJIRzBkCm93Qk9iYnFQVUhZT2hnZ2NFRE1GeE9aQktDRlFOcGY3TTFQOWZacFF6dUplaXdkVW9XWnJ0VGY2U0R2ZW1iWG4KUktyVk1pT096KzFUTTI2UHlMbm5jVTQ0VmRLbnc4a0FES3AydUE5ckhoZUZ6SE8wKzB5eVNjMkJxeDJWWU9GVQpodz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+  tls.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRZ0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1N3d2dna29BZ0VBQW9JQ0FRQ2l5RmpVZ2tMWURFMUUKUzNuRi9XV3o1RlV0Y0ZhQlV2NzR4Nlgwa3lZN2xjNWQxZE5teGU2emdmbFViZVFFNWEyMTh2b1BXbDkwcy91MQppRnphbzFOaEdHbTFvVndzSnc2YUlPWWR0dEZtYjQrMDdKVkVhelFHa0daU0t5dGF6WVBlS3MrUzBPWWw2eE8zCmZ5S2Fzd0JUcGR6V0ZsT2RTemdVZEVpK3pqeXhoKy9sTTFrNW83NFdVbDBGWDIzYzlrSStvbmZrV3FwZ3c0WXEKUnZxbEJkdDNneXBWd1oreWJ0K0FCZHI2bEVxR2tidlU2TW5iWThvRXVFNi9wSEVXUGJvK0NSOEdLVkF0TkJIMwpJRmlFaXM2WmxYMDlDQzNSMTByZnoxZ2g0M3ZZUmtleTJBTVpMTDZNRm8wRXdyTU5yWDdoWUVlVWVLMEJTenNzClNOOXRJYUZQK2pYakRDSDE2aXNTV3R4eVo5OVJiczU3akJYeTBZNVdCY09HTWkxR2UxV0Y3SWFFNUh6bW05YSsKSTg4dE02RW56TzA4dGNSUm5hbk43by9Vc1l5NGt5VnZOR3MyYXY2UElkNDV1d3ZEUkF5ajRsNDNaVVpHRHovaQpkbyt0VTVLN1BTY3BGSmFTQ3RwTHBTVE1Cdlc0a1F6MTNqUXhSdHphVm1weUt3cXo5ajZtaWxRVms2NjlUVUkvCmlwZXZwWlFjU2w5YTRBSlJDZTV2cDlSelRoeVBrbS9CV0R0QnNROTZid1QvdVdCNzJEeVNlcC9GdEJwVmx3eWoKKzBDZksybXU2T0dxNGlWWDVzdGxJeEoxbUZoZzZoQ1UxUWljT09YOXVlRlN1SnNhY05JR1Y5ZFFUenNiNjJuTQo3cHo3NWxPVGtMbitneUFqb2ZYUXBTazZvWXRWY3dJREFRQUJBb0lDQUFUMkJpbXoyVVdzV2s1OU03WTNzQ1I0CnVQL1cyZmE4WGlPY01nL3ZkczEvYTAxV0pFaVFPbU40eiszUUlPV1ArbWlwTEdYUXVKMWQ2WXRHeWZoVk1mS3IKbVNKOVN4OHRYRGM3cEIwVHQvTmZRd256Tm82M1FGdjloVXQyZFZraHhQc1REWnNlaUEvRkhQeTRBSWltY1VRYgpYS0pKc1QxWFVERGt1bDJBKzVNNE5Bb2xpU1ZGNVpmWWtCZmNmZ1NyUjFROEJMQzQ4cWhhOTg1M1lLYlczdHdZClFKb01lZlFvM09HUjlzZmNRblBjelNvQ280N3V6a3dHaDBxS2xjZTZhZC8vZHlxV1BSTk9SWjNsSm5nam90aEcKR0xoYmRNb0lhRjBaMGZNaEhtSjJWek81ZkVsYXk3NkpQQk1CRVdQci9iU2JYVDNHZW1uOUE2TlROVHY3alJHagp3S1pOTE8zTklPYjZ3cGhMY2J1bTVMcVhiTUpOaGJWWUo1aXFKZ3pEeUhRd3d2cnpMaDkrOXRvQnd5R0o0djNjCnVveEJ6cXZ3NkJCZnUvMjdUbUlXWk9XSTU1QW0zSWxLd2lwTjZTN1FBSHVoTXlVU0RMeVRsOGJWTXB4VVlubWwKQlZ6a2dycTFsRXB4TXZHUXkvY0VTUnduWE1mMk5DQ2Q5Vnl2MUd3bkxyZ295MEsvbitVRVRCL2ZZS2R3RWN4UApaQ0EvV1JzRGd6OURnTWpTVnBOUDF6TE1rd1V3ZlcvMVFGTDBySFpIWVlmbVF3cmRjTnovc3VNekZiOUxFQm1nCjd2bEh1eFhqNzZQZklPWXRwakdyM2owclVJQWpLYjZLYnpySnpicEFncGZGczc5RUhLWEttMmRrMnU2dE9mTnoKR2VMaWdRMEZxQVpkZThKQmovSUJBb0lCQVFEaENFTlZlemI3N0VudGFsOGthRTQrZ1lxaEpGc3VaNC91ajcxTApSaUVSam9tSU55bytjMTFvUWRFS2RYRnk2RnFQQVdvVVIyVWR3bEpZMk1TeWUyVVlVV2pXTjhLZHppMUVxNnZSClQ2Z2ExQVRsUndyb0kwRTFzSzhsYXBsSmlOQXhKVzJoc0o3UTQ2blk1UXBUdTI3QWZLNHdFZU81dlI1MmY3MTEKQk1WNjJnUjExZjBSMkZHeGhhaHV3MzIxT2xRWkxodzMwOCtpMzBaZWJsLzVGUDUwNUtROGg0L1g5YnowZk1IQQpPZjBsTjIrYzZaRXI4TFkxQjlZbWgyc3h1QnFzRE1uaFJjaHE5ODUyS241WGxCWlo3dVU1aWpHU05CZzh0UndhCnBkamN2R0ZyUFhWeVBOSlNNbVl6T0dYVFhnY0p5MnNTbDRhU0V4VzRjYjVpaVRQVEFvSUJBUUM1THhITzJKdDIKY1laVnFRMjBWbEVKU2F5MkRMYktIUzJWdHUwLzdzNEZwZFgwcHJmWjJnYXJhM0g1N2xTU3J1d0o2cXZLejVWbAp3YmpLZVlZQTdzd3ozY1prdWFQYW1mbTFjdGhwek82VG01Mi9ZajlPRkgrQ2gxN0ZLd2pqa2R4cUlEOTdKazV4CnpaMVZwRHJseVlXWWZuTmVZSmhjdjllaVQrRFI2RjUzOHViWGpyc3J0YktCUmN2Nm01d2tmR3pJTlF6K2V4cjEKSCtVV3pzclFmaUNITFNBSzVGZ3c4Z2tDM3JBc2ZreE9OM2l1Z25OYjc0d3JzRm81Ymd2aDJLQVJXTjRYNWEwQQp3ZGNXN3M0VkpCUkx5UWVYQWVlZVFEUS9tRHVjaGxhblNZOWFqRHJzamtkTkw2QWVqaXh3M3VkNm9KQjcvZWhyCjNSYUFjRzAxZjNQaEFvSUJBQmpJd2pHOStsWlF0ZXV5Rlh4N0NITVY3V0RHRWt6UUZ5Z2RLS29MdFVTcndEWUMKYldLbmJoZzNkNENCWXRkWEEvSlFJNURNTkRUTTNDanc1dWtKY2g3MWlHaGZoODI5a1hySXRZbStEak8yT2p2TwpVVU16N3RDcy92MU4ra2dCQzN6K05FN2tsdmxHdWNRcnBiR0hLVEdHQ2VFOWR5bFR6UEVjTEkrZzBPY3c3K0RTCmlxYldmbGpnOGFZUlhkMEI2WlZFWU5NOVB0Y2ZaQzZ1VlYrbmtrYnBqN1VpOFJMRisrT3BnZVZiL2FlRnJZTkkKcmpaNnNuYXd3RU5LRXVKTTlwTVFiWU9rSGVpNkZrRXBlUFRJV0pYYkc5LzBlblV4eTZHVUNONWVlYjRGK1d6SQpQaEV3NWJFcjM5bXdVbmF2R25OWHRoazhHeFFuaWZMZ2hDbHlGd1VDZ2dFQVdVeDBadTJYRWlldVl0SlJ0SHZICk9oWlgvYlhsMDFMOHIyeDF2ZFczYll2SnY5OUJXd0ZESkJoODdzdlo1cDRKWHNMV01zZWxRRnVKYzhIa044RHYKb2JjNU8wczEwMjFhdC8vNGtoUnJtNng0Qmxrbk04eTRyRVlCRWswdFRTZ0NSUDdsL2NtOEhDN054d1dhRFVMLwpkRWpOODEzYk95YWJvajZvcURCSWxja0JQa01xeU9vbWVTWWlOZWdpQklvbm51Zk9LMDFMODVaOHoySEs5WDFNCnpFS2JhQVV5N2U5Wkh4UXBtbHNSQ3NxL0hFLzF0d2l0N0VkdlNyQmhkSGdVd0NpOWVJS2R5WGF2OVBRVlZxWisKVHdsUzZxUFZnRDl2c3BjRGIvaHNBdUY3Q213QzRoMitEbDkvOUJ3VkhCeXhQVFgrVm54YlB1QnZRR0oybDB5dApvUUtDQVFFQTJLRHhZeXVxRDJhbU42M3FhMjgxYWZmRDQwaFc4TXJoRktpWXVlZnNIYmVDTWFyR3Bub3dINnNXCkwzbDdtUURTOS9oT0lMVHRRcGFqcFVNWHA3cC9tVEVOcHVMZHBHM0NUV093Z2hDUTFBZXJYa3FFbWtFcEc3enUKeFVWb25CbU1YWGFoV3Z2cHJnZTUvVlNIZU5xNkJTcFZmYUVzL3Q0cXVxWGNmRk1yOHZiUml3QjNCME80Uy83egp3RWp6TjRpRThsY1BTWk5FejZZYklGU1lBRkFIeHZhWEhuSkhQc2VyRnFvdnhHUVN1ZURuNjVnUDVyRUlQYkdqCjRoUDFvSjhUaHdzQlJIeVl4VzVYc29GZHkzQTNXMy9ob3dIcUJ1Mk4rdGVySGNGamkrcXhURHU0UjU0cUJqYUQKaFc0SDVDM25YS0NiS1ZOeUFGdHNYcGJiTThoamdnPT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=
\ No newline at end of file
diff --git a/k8s/web/service.yml b/k8s/web/service.yml
new file mode 100644
index 000000000..9ea605608
--- /dev/null
+++ b/k8s/web/service.yml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: rengine
+spec:
+  ports:
+    - name: http
+      port: 8000
+      targetPort: 8000
+  selector:
+    app: web
\ No newline at end of file
diff --git a/web/Dockerfile b/web/Dockerfile
index 66d709e75..38ab86d20 100644
--- a/web/Dockerfile
+++ b/web/Dockerfile
@@ -53,6 +53,12 @@ RUN apt install -y --no-install-recommends \
     python3-netaddr \
     software-properties-common
 
+# Install PostgreSQL client and Redis tools
+RUN apt-get update && \
+    apt-get install -y postgresql-client redis-tools && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
 RUN add-apt-repository ppa:mozillateam/ppa
 
 RUN ARCH=$(dpkg --print-architecture) \