diff --git a/deploy/fail2ban-exporter.yaml b/deploy/fail2ban-exporter.yaml
new file mode 100644
index 0000000..49bd279
--- /dev/null
+++ b/deploy/fail2ban-exporter.yaml
@@ -0,0 +1,187 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: fail2ban-prometheus
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    app.kubernetes.io/instance: fail2ban
+    app.kubernetes.io/name: fail2ban
+  name: fail2ban-geoip-service-account
+  namespace: fail2ban-prometheus
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    app.kubernetes.io/instance: fail2ban
+    app.kubernetes.io/name: fail2ban
+  name: fail2ban-prometheus-exporter-service-account
+  namespace: fail2ban-prometheus
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: fail2ban-geoip
+    app.kubernetes.io/instance: fail2ban
+    app.kubernetes.io/name: fail2ban
+  name: fail2ban-geoip
+  namespace: fail2ban-prometheus
+spec:
+  ports:
+  - name: http
+    port: 80
+    targetPort: http
+  selector:
+    app: fail2ban-geoip
+  type: ClusterIP
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: fail2ban-prometheus-exporter
+    app.kubernetes.io/instance: fail2ban
+    app.kubernetes.io/name: fail2ban-prometheus-exporter
+  name: fail2ban-prometheus-exporter
+  namespace: fail2ban-prometheus
+spec:
+  internalTrafficPolicy: Cluster
+  ports:
+  - name: http-metrics
+    port: 9191
+    protocol: TCP
+    targetPort: 9191
+  selector:
+    app: fail2ban-prometheus-exporter
+  type: ClusterIP
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: fail2ban-geoip
+    app.kubernetes.io/instance: fail2ban
+    app.kubernetes.io/name: fail2ban
+  name: fail2ban-geoip
+  namespace: fail2ban-prometheus
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: fail2ban-geoip
+  template:
+    metadata:
+      labels:
+        app: fail2ban-geoip
+        app.kubernetes.io/instance: fail2ban
+        app.kubernetes.io/name: fail2ban
+    spec:
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+          - podAffinityTerm:
+              labelSelector:
+                matchExpressions:
+                - key: app
+                  operator: In
+                  values:
+                  - fail2ban-geoip
+              topologyKey: kubernetes.io/hostname
+            weight: 1
+      containers:
+      - env:
+        - name: GEOIP_LISTEN_ADDRESS
+          value: :8080
+        image: registry.neuber.io/country-geo-locations:latest
+        imagePullPolicy: IfNotPresent
+        name: fail2ban-geoip
+        ports:
+        - containerPort: 8080
+          name: http
+          protocol: TCP
+      imagePullSecrets:
+      - name: tom-regcred
+      serviceAccountName: fail2ban-geoip-service-account
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  labels:
+    app: fail2ban-prometheus-exporter
+    app.kubernetes.io/instance: fail2ban
+    app.kubernetes.io/name: fail2ban-prometheus-exporter
+  name: fail2ban-prometheus-exporter
+  namespace: fail2ban-prometheus
+spec:
+  selector:
+    matchLabels:
+      app: fail2ban-prometheus-exporter
+  template:
+    metadata:
+      labels:
+        app: fail2ban-prometheus-exporter
+        app.kubernetes.io/instance: fail2ban
+        app.kubernetes.io/name: fail2ban
+    spec:
+      containers:
+      - env:
+        - name: F2B_GEOIP_SERVICE
+          value: fail2ban-geoip
+        image: registry.neuber.io/fail2ban-prometheus-exporter:latest
+        imagePullPolicy: IfNotPresent
+        name: fail2ban-prometheus-exporter
+        ports:
+        - containerPort: 9191
+          name: http-metrics
+          protocol: TCP
+        volumeMounts:
+        - mountPath: /var/run/fail2ban/fail2ban.sock
+          name: fail2ban
+          readOnly: true
+      imagePullSecrets:
+      - name: tom-regcred
+      serviceAccountName: fail2ban-prometheus-exporter-service-account
+      tolerations:
+      - effect: NoSchedule
+        key: node-role.kubernetes.io/master
+        operator: Exists
+      - effect: NoSchedule
+        key: node-role.kubernetes.io/control-plane
+        operator: Exists
+      volumes:
+      - hostPath:
+          path: /var/run/fail2ban/fail2ban.sock
+          type: ""
+        name: fail2ban
+---
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels:
+    app: fail2ban-prometheus-exporter
+    app.kubernetes.io/instance: fail2ban
+    app.kubernetes.io/name: fail2ban
+  name: fail2ban-prometheus-servicemonitor
+  namespace: fail2ban-prometheus
+spec:
+  attachMetadata:
+    node: false
+  endpoints:
+  - interval: 30s
+    path: /metrics
+    port: http-metrics
+    relabelings:
+    - action: replace
+      sourceLabels:
+      - __meta_kubernetes_endpoint_node_name
+      targetLabel: node
+    scheme: http
+  jobLabel: jobLabel
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: fail2ban
+      app.kubernetes.io/name: fail2ban-prometheus-exporter