diff --git a/k8s/apps/cloudflared/cloudflared-mnke.yaml b/k8s/apps/cloudflared/cloudflared-mnke.yaml
index 8f1c34f..d754260 100644
--- a/k8s/apps/cloudflared/cloudflared-mnke.yaml
+++ b/k8s/apps/cloudflared/cloudflared-mnke.yaml
@@ -122,5 +122,7 @@ data:
       service: https://panel.mnke.org
     - hostname: wings-01_jodye.mnke.org
       service: https://wings-01_jodye.mnke.org
+    - hostname: vault.mnke.org
+      service: https://vault.mnke.org
     # This rule matches any traffic which didn't match a previous rule, and responds with HTTP 404.
     - service: http_status:404
diff --git a/k8s/apps/ingressroutes/external/build/kustomization.yaml b/k8s/apps/ingressroutes/external/build/kustomization.yaml
index fa85bb9..452d438 100644
--- a/k8s/apps/ingressroutes/external/build/kustomization.yaml
+++ b/k8s/apps/ingressroutes/external/build/kustomization.yaml
@@ -8,5 +8,6 @@ resources:
   - seerr-tonydu.yaml
   - wizarr-tonydu.yaml
   - dns-dolo-mnke.yaml
+  - vaultwarden.yaml
   - wings-01-jodye.yaml
   - panel.yaml
diff --git a/k8s/apps/ingressroutes/external/build/vaultwarden.yaml b/k8s/apps/ingressroutes/external/build/vaultwarden.yaml
new file mode 100644
index 0000000..917c0b7
--- /dev/null
+++ b/k8s/apps/ingressroutes/external/build/vaultwarden.yaml
@@ -0,0 +1,35 @@
+---
+# This file was automatically generated. Do not modify.
+apiVersion: v1
+kind: Service
+metadata:
+  name: vaultwarden-external
+  namespace: default
+spec:
+  type: ExternalName
+  externalName: vault.jumper.mnke.org
+  ports:
+    - name: vaultwarden-external
+      port: 443
+      targetPort: 443
+
+---
+# This file was automatically generated. Do not modify.
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: vaultwarden-external
+  namespace: default
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`vault.mnke.org`)
+      kind: Rule
+      services:
+        - kind: Service
+          name: vaultwarden-external
+          port: 443
+          passHostHeader: True
+  tls:
+    secretName: wildcard-mnke-org-tls
diff --git a/k8s/apps/ingressroutes/external/templater/values.yaml b/k8s/apps/ingressroutes/external/templater/values.yaml
index 39ef99d..b3afd42 100644
--- a/k8s/apps/ingressroutes/external/templater/values.yaml
+++ b/k8s/apps/ingressroutes/external/templater/values.yaml
@@ -56,6 +56,13 @@ proxies:
     upstream_port: 5380
     pass_host_header: false
 
+  - service_name: vaultwarden
+    tls_secret_name: wildcard-mnke-org-tls
+    listen_host: vault.mnke.org
+    upstream_host: vault.jumper.mnke.org
+    upstream_port: 443
+    pass_host_header: true
+
   - service_name: wings-01-jodye
     tls_secret_name: wildcard-mnke-org-tls
     listen_host: wings-01_jodye.mnke.org