diff --git a/infrastructure/kubenav/kustomization.yaml b/infrastructure/kubenav/kustomization.yaml
deleted file mode 100644
index 1134e63d12ac8ae016ac31ebc91fe365a1320860..0000000000000000000000000000000000000000
--- a/infrastructure/kubenav/kustomization.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: kubenav-system
-resources:
-  - namespace.yaml
-  - https://git.shivering-isles.com/github-mirror/kubenav/deploy/-/raw/ed66ab3bf470fe7a43c6990e39d158b249f5ff7c/dashboards/prometheus-dashboard.yaml
-  - https://git.shivering-isles.com/github-mirror/kubenav/deploy/-/raw/ed66ab3bf470fe7a43c6990e39d158b249f5ff7c/dashboards/cert-manager-dashboard.yaml
-  - https://git.shivering-isles.com/github-mirror/kubenav/deploy/-/raw/ed66ab3bf470fe7a43c6990e39d158b249f5ff7c/dashboards/nginx-ingress-request-handling-performance-dashboard.yaml
-  - https://git.shivering-isles.com/github-mirror/kubenav/deploy/-/raw/ed66ab3bf470fe7a43c6990e39d158b249f5ff7c/dashboards/nginx-ingress-dashboard.yaml
diff --git a/infrastructure/kubenav/namespace.yaml b/infrastructure/kubenav/namespace.yaml
deleted file mode 100644
index 905d3132ca212b45ee45759a0c3eaf65477abcaa..0000000000000000000000000000000000000000
--- a/infrastructure/kubenav/namespace.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: kubenav-system
-  labels:
-    pod-security.kubernetes.io/audit: restricted
-    pod-security.kubernetes.io/enforce: restricted
-    pod-security.kubernetes.io/warn: restricted
-    pod-security.kubernetes.io/audit-version: v1.26
-    pod-security.kubernetes.io/enforce-version: v1.23
-    pod-security.kubernetes.io/warn-version: v1.26
-    kyverno.shivering-isles.com/class: "system"
diff --git a/infrastructure/kustomization.yaml b/infrastructure/kustomization.yaml
index 111f96220a8e313e63fad60d9694f20944885cae..bb3eab013510a8fd604b94a7ac28efaf4512a06b 100644
--- a/infrastructure/kustomization.yaml
+++ b/infrastructure/kustomization.yaml
@@ -14,4 +14,4 @@ resources:
   - flux-system
   - postgres
   - redis
-  - kubenav
+  - vpa
diff --git a/infrastructure/vpa/certificate.yaml b/infrastructure/vpa/certificate.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..570f0d8e66c086917712a8ff8ca6c6862d999cd7
--- /dev/null
+++ b/infrastructure/vpa/certificate.yaml
@@ -0,0 +1,23 @@
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: admission-vpa-tls-secret
+spec:
+  commonName: vpa-webhook.vpa-system.svc
+  isCA: false
+  privateKey:
+    algorithm: ECDSA
+    size: 256
+    encoding: PKCS1
+  usages:
+    - server auth
+  dnsNames:
+    - vpa-webhook
+    - vpa-webhook.vpa-system
+    - vpa-webhook.vpa-system.svc
+  issuerRef:
+    name: selfsigned-cluster-issuer
+    kind: ClusterIssuer
+    group: cert-manager.io
+  secretName: vpa-tls-certs
\ No newline at end of file
diff --git a/infrastructure/vpa/kustomization.yaml b/infrastructure/vpa/kustomization.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..cf18a953202551dee7e0142c83ebbf3618e1f19b
--- /dev/null
+++ b/infrastructure/vpa/kustomization.yaml
@@ -0,0 +1,14 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: vpa-system
+resources:
+  - namespace.yaml
+  - certificate.yaml
+  - https://git.shivering-isles.com/github-mirror/kubernetes/autoscaler.git//vertical-pod-autoscaler/deploy?ref=vpa-release-1.0
+
+commonLabels:
+  app.kubernetes.io/name: vertical-pod-autoscaler
+  app.kubernetes.io/instance: vpa-system
+
+components:
+  - ../../shared/components/namespace-restricted
diff --git a/infrastructure/vpa/namespace.yaml b/infrastructure/vpa/namespace.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..de8147da293c1b2065aee4fba3698a3d48104b93
--- /dev/null
+++ b/infrastructure/vpa/namespace.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: vpa-system
+  labels: {}