diff --git a/master/internalproxy/templates/redlib.yaml b/master/internalproxy/templates/redlib.yaml
new file mode 100644
index 0000000..4aef445
--- /dev/null
+++ b/master/internalproxy/templates/redlib.yaml
@@ -0,0 +1,70 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: redlib
+spec:
+  ports:
+  - name: app
+    port: 8082
+    protocol: TCP
+    targetPort: 8082
+  clusterIP: None
+  type: ClusterIP
+
+---
+
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: redlib
+subsets:
+- addresses:
+  - ip: 192.168.20.253
+  ports:
+  - name: app
+    port: 8082
+    protocol: TCP
+
+---    
+
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: redlib-ingress
+spec:
+  entryPoints:
+    - websecure
+  routes:
+  - match: Host(`redlib.durp.info`) && PathPrefix(`/`)
+    middlewares:
+    - name: whitelist
+      namespace: traefik
+    - name: authentik-proxy-provider
+      namespace: traefik  
+    kind: Rule
+    services:
+    - name: redlib
+      port: 8082
+  - match: Host(`redlib.durp.info`) && PathPrefix(`/outpost.goauthentik.io`)
+    kind: Rule
+    services:
+    - name: ak-outpost-authentik-embedded-outpost
+      namespace: authentik
+      port: 9000
+  tls:
+    secretName: redlib-tls
+
+---
+
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: redlib-tls
+spec:
+  secretName: redlib-tls
+  issuerRef:
+    name: letsencrypt-production
+    kind: ClusterIssuer
+  commonName: "redlib.durp.info"
+  dnsNames:
+  - "redlib.durp.info"