diff --git a/linux/k3s/prometheus/defaults/main.yml b/linux/k3s/prometheus/defaults/main.yml
new file mode 100644
index 0000000..1351b6e
--- /dev/null
+++ b/linux/k3s/prometheus/defaults/main.yml
@@ -0,0 +1,3 @@
+prometheus_fqdn: prometheus.example.com
+grafana_fqdn: grafana.example.com
+alertmanager_fqdn: alertmanager.example.com
diff --git a/linux/k3s/prometheus/tasks/main.yml b/linux/k3s/prometheus/tasks/main.yml
new file mode 100644
index 0000000..e17cc5c
--- /dev/null
+++ b/linux/k3s/prometheus/tasks/main.yml
@@ -0,0 +1,63 @@
+- name: Add prometheus-community chart repo
+  kubernetes.core.helm_repository:
+    name: prometheus-community
+    repo_url: "https://prometheus-community.github.io/helm-charts"
+
+- name: Deploy latest version of kube-prometheus-stack chart inside monitoring namespace with values
+  kubernetes.core.helm:
+    name: prometheus-stack
+    chart_ref: prometheus-community/kube-prometheus-stack
+    release_namespace: monitoring
+    create_namespace: yes
+    values:
+      alertmanager:
+        ingress:
+          annotations:
+            kubernetes.io/ingress.class: traefik
+            cert-manager.io/cluster-issuer: letsencrypt-prod
+            traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
+          enabled: true 
+          paths:
+            - "/"
+          hosts:
+            - "{{ alertmanager_fqdn }}"
+          tls:
+            - secretName: alertmanager-tls
+              hosts:
+                 - "{{ alertmanager_fqdn }}"
+      alertmanagerSpec:
+        externalUrl: "https://{{ alert_manager_fqdn }}/"
+        routePrefix: /
+      grafana:
+        ingress:
+          annotations:
+            kubernetes.io/ingress.class: traefik
+            cert-manager.io/cluster-issuer: letsencrypt-prod
+            traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
+          enabled: true 
+          hosts:
+            - "{{ grafana_fqdn }}"
+          paths:
+            - "/"
+          tls:
+            - secretName: grafana-tls
+              hosts:
+                 - "{{ grafana_fqdn }}"
+      prometheus:
+        ingress:
+          annotations:
+            kubernetes.io/ingress.class: traefik
+            cert-manager.io/cluster-issuer: letsencrypt-prod
+            traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
+          enabled: true 
+          hosts:
+            - "{{ prometheus_fqdn }}"
+          paths:
+            - "/"
+          tls:
+            - secretName: grafana-tls
+              hosts:
+                 - "{{ prometheus_fqdn }}"
+      prometheusSpec:
+        externalUrl: "https://{{ prometheus_manager_fqdn }}/"
+        routePrefix: /