diff --git a/main.tf b/main.tf
index 5680b3f2..5340c954 100644
--- a/main.tf
+++ b/main.tf
@@ -133,6 +133,7 @@ variable "clickhouse_postgres_password" { type = string }
 variable "wealthfolio_password_hash" { type = string }
 variable "aiostreams_database_connection_string" { type = string }
 variable "actualbudget_credentials" { type = map(any) }
+variable "speedtest_db_password" { type = string }
 
 
 provider "kubernetes" {
@@ -182,12 +183,13 @@ module "k8s-node-template" {
   snippet_name    = local.k8s_cloud_init_snippet_name
   # Add mirror registry
   containerd_config_update_command = <<-EOF
-  echo '[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors.\"docker.io\"]' >> /etc/containerd/config.toml && echo '  endpoint = [\"http://10.0.20.10:5000\"]' >> /etc/containerd/config.toml # docker registry vm
+  # BELOW IS DEPRECATED - replace with config_path version!!!!
+  echo '[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors.\"*\"]' >> /etc/containerd/config.toml && echo '  endpoint = [\"http://10.0.20.10:5000\"]' >> /etc/containerd/config.toml # docker registry vm
 
   sed -i 's/.*max_concurrent_downloads = 3/max_concurrent_downloads = 20/g' /etc/containerd/config.toml # Enable multiple concurrent downloads
   sudo sed -i '/serializeImagePulls:/d' /var/lib/kubelet/config.yaml && \
   sudo sed -i '/maxParallelImagePulls:/d' /var/lib/kubelet/config.yaml && \
-  echo -e 'serializeImagePulls: false\nmaxParallelImagePulls: 50' | sudo tee -a /var/lib/kubelet/config.yaml && \
+  echo -e 'serializeImagePulls: false\nmaxParallelImagePulls: 50' | sudo tee -a /var/lib/kubelet/config.yaml
   EOF
   k8s_join_command                 = var.k8s_join_command
 }
@@ -556,6 +558,8 @@ module "kubernetes_cluster" {
   aiostreams_database_connection_string = var.aiostreams_database_connection_string
 
   actualbudget_credentials = var.actualbudget_credentials
+
+  speedtest_db_password = var.speedtest_db_password
 }
 
 
diff --git a/modules/kubernetes/main.tf b/modules/kubernetes/main.tf
index 418c86a9..36f0c672 100644
--- a/modules/kubernetes/main.tf
+++ b/modules/kubernetes/main.tf
@@ -112,6 +112,7 @@ variable "clickhouse_postgres_password" { type = string }
 variable "wealthfolio_password_hash" { type = string }
 variable "aiostreams_database_connection_string" { type = string }
 variable "actualbudget_credentials" { type = map(any) }
+variable "speedtest_db_password" { type = string }
 
 
 variable "defcon_level" {
@@ -137,7 +138,7 @@ locals {
       "url", "excalidraw", "travel_blog", "dashy", "send", "ytdlp", "wealthfolio", "rybbit", "stirling-pdf",
       "networking-toolbox", "navidrome", "freshrss", "forgejo", "tor-proxy", "real-estate-crawler", "n8n",
       "changedetection", "linkwarden", "matrix", "homepage", "meshcentral", "diun", "cyberchef", "ntfy", "ollama",
-      "servarr", "jsoncrack", "paperless-ngx", "frigate", "audiobookshelf", "tandoor", "ebook2audiobook", "netbox"
+      "servarr", "jsoncrack", "paperless-ngx", "frigate", "audiobookshelf", "tandoor", "ebook2audiobook", "netbox", "speedtest"
     ],
   }
   active_modules = distinct(flatten([
@@ -1024,3 +1025,12 @@ module "kyverno" {
   for_each   = contains(local.active_modules, "kyverno") ? { kyverno = true } : {}
   depends_on = [null_resource.core_services]
 }
+
+module "speedtest" {
+  source          = "./speedtest"
+  tls_secret_name = var.tls_secret_name
+  tier            = local.tiers.aux
+  for_each        = contains(local.active_modules, "speedtest") ? { speedtest = true } : {}
+  depends_on      = [null_resource.core_services]
+  db_password     = var.speedtest_db_password
+}
diff --git a/modules/kubernetes/speedtest/main.tf b/modules/kubernetes/speedtest/main.tf
new file mode 100644
index 00000000..104ac17e
--- /dev/null
+++ b/modules/kubernetes/speedtest/main.tf
@@ -0,0 +1,149 @@
+variable "tls_secret_name" {}
+variable "tier" { type = string }
+variable "db_password" { type = string }
+
+
+resource "kubernetes_namespace" "speedtest" {
+  metadata {
+    name = "speedtest"
+  }
+}
+
+module "tls_secret" {
+  source          = "../setup_tls_secret"
+  namespace       = kubernetes_namespace.speedtest.metadata[0].name
+  tls_secret_name = var.tls_secret_name
+}
+
+resource "random_id" "secret_key" {
+  byte_length = 32 # 32 bytes × 2 hex chars = 64 hex characters
+}
+
+resource "kubernetes_deployment" "speedtest" {
+  metadata {
+    name      = "speedtest"
+    namespace = kubernetes_namespace.speedtest.metadata[0].name
+    labels = {
+      app  = "speedtest"
+      tier = var.tier
+    }
+  }
+  spec {
+    replicas = 1
+    selector {
+      match_labels = {
+        app = "speedtest"
+      }
+    }
+    template {
+      metadata {
+        labels = {
+          app = "speedtest"
+        }
+      }
+      spec {
+        container {
+          image = "lscr.io/linuxserver/speedtest-tracker:latest"
+          name  = "speedtest"
+          port {
+            container_port = 80
+          }
+          env {
+            name  = "PUID"
+            value = 1000
+          }
+          env {
+            name  = "PGID"
+            value = 1000
+          }
+          env {
+            name  = "APP_KEY"
+            value = "base64:${random_id.secret_key.b64_std}"
+          }
+          env {
+            name  = "SPEEDTEST_SCHEDULE"
+            value = "0 * * * *"
+          }
+          #   env {
+          #     name = "SPEEDTEST_SERVERS"
+          #     # Sofia speedtest servers - https://c.speedtest.net/speedtest-servers-static.php
+          #     value = "7617,17787,11348,37980,54640,27843,57118,10754,20191,29617"
+          #   }
+          env {
+            name  = "APP_URL"
+            value = "https://speedtest.viktorbarzin.me"
+          }
+          env {
+            name  = "DB_CONNECTION"
+            value = "mysql"
+          }
+          env {
+            name  = "DB_HOST"
+            value = "mysql.dbaas.svc.cluster.local"
+          }
+          env {
+            name  = "DB_DATABASE"
+            value = "speedtest"
+          }
+          env {
+            name  = "DB_USERNAME"
+            value = "speedtest"
+          }
+          env {
+            name  = "DB_PASSWORD"
+            value = var.db_password
+          }
+          env {
+            name  = "APP_TIMEZONE"
+            value = "Europe/Sofia"
+          }
+          volume_mount {
+            name       = "config"
+            mount_path = "/config"
+          }
+        }
+        volume {
+          name = "config"
+          nfs {
+            server = "10.0.10.15"
+            path   = "/mnt/main/speedtest"
+          }
+        }
+      }
+    }
+  }
+}
+
+resource "kubernetes_service" "speedtest" {
+  metadata {
+    name      = "speedtest"
+    namespace = kubernetes_namespace.speedtest.metadata[0].name
+    labels = {
+      "app" = "speedtest"
+    }
+    annotations = {
+      "prometheus.io/scrape" = "true"
+      "prometheus.io/path"   = "/prometheus"
+      "prometheus.io/port"   = "80"
+    }
+  }
+
+  spec {
+    selector = {
+      app = "speedtest"
+    }
+    port {
+      name        = "http"
+      port        = 80
+      target_port = 80
+    }
+  }
+}
+
+module "ingress" {
+  source          = "../ingress_factory"
+  namespace       = kubernetes_namespace.speedtest.metadata[0].name
+  name            = "speedtest"
+  tls_secret_name = var.tls_secret_name
+  protected       = true
+}
diff --git a/terraform.tfstate b/terraform.tfstate
index 829df83c..61af80b8 100644
Binary files a/terraform.tfstate and b/terraform.tfstate differ
diff --git a/terraform.tfvars b/terraform.tfvars
index 30ea3bbc..224bf18d 100644
Binary files a/terraform.tfvars and b/terraform.tfvars differ