diff --git a/apps/ntfy/deployment.yaml b/apps/ntfy/deployment.yaml
new file mode 100644
index 0000000..01817ac
--- /dev/null
+++ b/apps/ntfy/deployment.yaml
@@ -0,0 +1,47 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ntfy
+  namespace: ntfy
+  labels:
+    app: ntfy
+spec:
+  revisionHistoryLimit: 1
+  replicas: 1
+  selector:
+    matchLabels:
+      app: ntfy
+  template:
+    metadata:
+      labels:
+        app: ntfy
+    spec:
+      containers:
+        - name: ntfy 
+          image: binwiederhier/ntfy:v1.28.0
+          args: ["serve"]
+          env: 
+            - name: TZ
+              value: America/Toronto
+            - name: NTFY_DEBUG
+              value: "false"
+            - name: NTFY_LOG_LEVEL
+              value: INFO
+            - name: NTFY_BASE_URL
+              value: https://ntfy.michaelthomson.dev
+          ports: 
+            - containerPort: 80
+              name: http
+          volumeMounts:
+              - mountPath: /etc/ntfy
+                subPath: server.yml
+                name: config-volume
+              - mountPath: /var/cache/ntfy
+                name: cache-volume
+        volumes:
+          - name: config-volume
+            configMap: 
+              name: server-config
+          - name: cache-volume
+            persistentVolumeClaim:
+              claimName: pvc
diff --git a/apps/ntfy/dns-endpoint.yaml b/apps/ntfy/dns-endpoint.yaml
new file mode 100644
index 0000000..7b6489d
--- /dev/null
+++ b/apps/ntfy/dns-endpoint.yaml
@@ -0,0 +1,15 @@
+apiVersion: externaldns.k8s.io/v1alpha1
+kind: DNSEndpoint
+metadata:
+  name: ntfy.michaelthomson.dev
+  namespace: ntfy
+spec:
+  endpoints:
+  - dnsName: ntfy.michaelthomson.dev
+    recordTTL: 180
+    recordType: CNAME
+    targets:
+      - michaelthomson.ddns.net
+    providerSpecific:
+      - name: external-dns.alpha.kubernetes.io/cloudflare-proxied
+        value: "true"
diff --git a/apps/ntfy/ingress.yaml b/apps/ntfy/ingress.yaml
new file mode 100644
index 0000000..2267696
--- /dev/null
+++ b/apps/ntfy/ingress.yaml
@@ -0,0 +1,24 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ntfy
+  namespace: ntfy
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+spec:
+  rules:
+  - host: ntfy.michaelthomson.dev
+    http:
+      paths:
+      - pathType: Prefix
+        path: /
+        backend:
+          service:
+            name: service
+            port: 
+              name: http
+  tls:
+    - hosts:
+        - ntfy.michaelthomson.dev
+      secretName: letsencrypt-wildcard-cert-michaelthomson.dev
diff --git a/apps/ntfy/kustomization.yaml b/apps/ntfy/kustomization.yaml
new file mode 100644
index 0000000..86a6832
--- /dev/null
+++ b/apps/ntfy/kustomization.yaml
@@ -0,0 +1,12 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - deployment.yaml
+  - service.yaml
+  - pvc.yaml
+  - ingress.yaml
+  - dns-endpoint.yaml
+configMapGenerator:
+    - name: server-config
+      files: 
+        - server-config.yaml
diff --git a/apps/ntfy/namespace.yaml b/apps/ntfy/namespace.yaml
new file mode 100644
index 0000000..f40cdd6
--- /dev/null
+++ b/apps/ntfy/namespace.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: ntfy
diff --git a/apps/ntfy/pvc.yaml b/apps/ntfy/pvc.yaml
new file mode 100644
index 0000000..702bf3c
--- /dev/null
+++ b/apps/ntfy/pvc.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: pvc
+  namespace: ntfy
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 1Gi
diff --git a/apps/ntfy/server-config.yaml b/apps/ntfy/server-config.yaml
new file mode 100644
index 0000000..36036d5
--- /dev/null
+++ b/apps/ntfy/server-config.yaml
@@ -0,0 +1,2 @@
+cache-file: "/var/cache/ntfy/cache.db"
+attachment-cache-dir: "/var/cache/ntfy/attachments"
diff --git a/apps/ntfy/service.yaml b/apps/ntfy/service.yaml
new file mode 100644
index 0000000..2d7b420
--- /dev/null
+++ b/apps/ntfy/service.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: service
+  namespace: ntfy
+spec:
+  type: ClusterIP
+  selector:
+    app: ntfy
+  ports:
+    - name: http
+      protocol: TCP
+      port: 80
+      targetPort:  http
diff --git a/bootstrap/apps/kustomization-ntfy.yaml b/bootstrap/apps/kustomization-ntfy.yaml
new file mode 100644
index 0000000..02c6e32
--- /dev/null
+++ b/bootstrap/apps/kustomization-ntfy.yaml
@@ -0,0 +1,15 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: ntfy
+  namespace: flux-system
+spec:
+  interval: 15m
+  path: ./apps/ntfy
+  prune: false # remove any elements later removed from the above path
+  wait: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  dependsOn:
+    - name: infra-configs