diff --git a/kubernetes/apps/flux-system/capacitor/README.md b/kubernetes/apps/flux-system/capacitor/README.md
new file mode 100644
index 00000000..e69de29b
diff --git a/kubernetes/apps/flux-system/capacitor/app/clusterrole.yaml b/kubernetes/apps/flux-system/capacitor/app/clusterrole.yaml
new file mode 100644
index 00000000..d0c0c54f
--- /dev/null
+++ b/kubernetes/apps/flux-system/capacitor/app/clusterrole.yaml
@@ -0,0 +1,40 @@
+# yaml-language-server: $schema=https://k8s-schemas.pages.dev/kubernetes/v1.30.2/clusterrole-rbac-v1.json
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: capacitor
+rules:
+- apiGroups:
+  - networking.k8s.io
+  - apps
+  - ""
+  resources:
+  - pods
+  - pods/log
+  - ingresses
+  - deployments
+  - services
+  - secrets
+  - events
+  - configmaps
+  verbs:
+  - get
+  - watch
+  - list
+- apiGroups:
+  - source.toolkit.fluxcd.io
+  - kustomize.toolkit.fluxcd.io
+  - helm.toolkit.fluxcd.io
+  resources:
+  - gitrepositories
+  - ocirepositories
+  - buckets
+  - helmrepositories
+  - helmcharts
+  - kustomizations
+  - helmreleases
+  verbs:
+  - get
+  - watch
+  - list
+  - patch # to allow force reconciling by adding an annotation
diff --git a/kubernetes/apps/flux-system/capacitor/app/clusterrolebinding.yaml b/kubernetes/apps/flux-system/capacitor/app/clusterrolebinding.yaml
new file mode 100644
index 00000000..12c050db
--- /dev/null
+++ b/kubernetes/apps/flux-system/capacitor/app/clusterrolebinding.yaml
@@ -0,0 +1,13 @@
+# yaml-language-server: $schema=https://k8s-schemas.pages.dev/kubernetes/v1.30.1/clusterrolebinding-rbac-v1.json
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: capacitor
+subjects:
+- kind: ServiceAccount
+  name: capacitor
+  namespace: flux-system
+roleRef:
+  kind: ClusterRole
+  name: capacitor
+  apiGroup: rbac.authorization.k8s.io
diff --git a/kubernetes/apps/flux-system/capacitor/app/helmrelease.yaml b/kubernetes/apps/flux-system/capacitor/app/helmrelease.yaml
new file mode 100644
index 00000000..b01cd3c0
--- /dev/null
+++ b/kubernetes/apps/flux-system/capacitor/app/helmrelease.yaml
@@ -0,0 +1,88 @@
+# yaml-language-server: $schema=https://github.com/raw/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: &app capacitor
+spec:
+  interval: 15m
+  chart:
+    spec:
+      chart: app-template
+      version: 3.2.1
+      sourceRef:
+        kind: HelmRepository
+        name: bjw-s-charts
+        namespace: flux-system
+  install:
+    createNamespace: true
+    remediation:
+      retries: 3
+  upgrade:
+    remediation:
+      retries: 3
+  values:
+    controllers:
+      capacitor:
+        replicas: 2
+        pod:
+          securityContext:
+            fsGroup: 999
+        containers:
+          app:
+            env:
+              TZ: ${TIMEZONE}
+            image:
+              repository: ghcr.io/gimlet-io/capacitor
+              tag: v0.4.2@sha256:085f61f6359d15cfd7b13695bbce7e6623ed7bad78882803cd3aadefcc4e87b0
+            securityContext:
+              allowPrivilegeEscalation: false
+              capabilities:
+                drop:
+                - ALL
+              readOnlyRootFilesystem: true
+            probes:
+              startup:
+                enabled: false
+              liveness: &probe
+                enabled: true
+                custom: true
+                spec:
+                  httpGet:
+                    path: /
+                    port: &port 9000
+                    scheme: HTTP
+                  initialDelaySeconds: 0
+                  periodSeconds: 10
+                  timeoutSeconds: 1
+                  failureThreshold: 3
+              readiness: *probe
+            resources:
+              requests:
+                cpu: 190m
+                memory: 127Mi
+              limits:
+                memory: 127Mi
+    serviceAccount:
+      create: false
+      name: capacitor
+    service:
+      app:
+        controller: capacitor
+        ports:
+          http:
+            enabled: true
+            port: *port
+            protocol: HTTP
+    ingress:
+      app:
+        annotations:
+          external-dns.alpha.kubernetes.io/target: internal.${SECRET_DOMAIN}
+        className: internal
+        hosts:
+        - host: "{{ .Release.Name }}.${SECRET_DOMAIN}"
+          paths:
+          - path: /
+            pathType: Prefix
+            service:
+              identifier: app
+              port: http
diff --git a/kubernetes/apps/flux-system/capacitor/app/serviceaccount.yaml b/kubernetes/apps/flux-system/capacitor/app/serviceaccount.yaml
new file mode 100644
index 00000000..8657e63a
--- /dev/null
+++ b/kubernetes/apps/flux-system/capacitor/app/serviceaccount.yaml
@@ -0,0 +1,5 @@
+# yaml-language-server: $schema=https://k8s-schemas.pages.dev/kubernetes/v1.30.2/serviceaccount-v1.json
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: capacitor
diff --git a/kubernetes/apps/flux-system/capacitor/ks.yaml b/kubernetes/apps/flux-system/capacitor/ks.yaml
new file mode 100644
index 00000000..a35e8ec9
--- /dev/null
+++ b/kubernetes/apps/flux-system/capacitor/ks.yaml
@@ -0,0 +1,20 @@
+# yaml-language-server: $schema=https://k8s-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: &app capacitor
+  namespace: flux-system
+spec:
+  targetNamespace: flux-system
+  commonMetadata:
+    labels:
+      app.kubernetes.io/name: *app
+  path: ./kubernetes/apps/flux-system/capacitor/app
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: home-kubernetes
+  wait: true
+  interval: 30m
+  retryInterval: 1m
+  timeout: 5m