diff --git a/Makefile b/Makefile
index 05af93f94b55883cc9b81dd506f292647f494368..cfe0555dca47ef3f288be0b17379a72da0b9f7d4 100644
--- a/Makefile
+++ b/Makefile
@@ -18,6 +18,10 @@ cli: ## Install koolbox CLI (Contains all tools used in this project)
 cli-config: ## Configure koolbox CLI (To setup terraform values as well was tokens)
 	cd ./cli && make config
 
+.PHONY: docs
+docs: cli ## Build and render docs locally
+	cd ./docs && make serve
+
 .PHONY: validate
 validate:
 	./scripts/validate.sh
diff --git a/cli/Dockerfile b/cli/Dockerfile
index fbc3f471c66c22e1e770e68f2c4ddf82bc33a975..ce3cd8fdeeda78ef551650900d187e5a9a19ae18 100644
--- a/cli/Dockerfile
+++ b/cli/Dockerfile
@@ -98,6 +98,18 @@ RUN set -x; mkdir -p /opt/krew; cd "/opt/krew" && \
   tar zxvf "${KREW}.tar.gz" && \
   mv "${KREW}" /opt/krew/krew
 
+# kubectl-krew CLI cache
+FROM registry.fedoraproject.org/fedora:35 as mdbook
+
+# renovate: datasource=github-releases depName=kubernetes-sigs/krew
+ARG MDBOOK_VERSION=v0.4.18
+ENV MDBOOK_VERSION=${MDBOOK_VERSION}
+
+RUN curl -L "https://github.com/rust-lang/mdBook/releases/download/${MDBOOK_VERSION}/mdbook-${MDBOOK_VERSION}-x86_64-unknown-linux-gnu.tar.gz" | tar xvzf - mdbook \
+    && install -o root -g root -m 0755 mdbook /usr/local/bin/mdbook
+
+
+
 # Actual start of container build
 FROM registry.fedoraproject.org/fedora:35
 
@@ -143,6 +155,7 @@ COPY --from=kubeval /usr/local/bin/kubeval /usr/local/bin/kubeval
 COPY --from=sops /usr/local/bin/sops /usr/local/bin/sops
 COPY --from=yq /usr/local/bin/yq /usr/local/bin/yq
 COPY --from=kubectl-krew /opt/krew/krew /usr/local/bin/kubectl-krew
+COPY --from=mdbook /usr/local/bin/mdbook /usr/local/bin/mdbook
 
 RUN true \
     && echo "command -v kubectl-krew >/dev/null && export PATH=\"${KREW_ROOT:-$HOME/.krew}/bin:$PATH\"" >> /root/.bashrc \
@@ -150,6 +163,7 @@ RUN true \
     && echo "command -v kustomize >/dev/null && . <(kustomize completion bash)" >> /root/.bashrc \
     && echo "command -v kubectl >/dev/null && . <(kubectl completion bash)" >> /root/.bashrc \
     && echo "command -v helm >/dev/null && . <(helm completion bash)" >> /root/.bashrc \
+    && echo "command -v mdbook >/dev/null && . <(mdbook completions bash)" >> /root/.bashrc \
     && true
 
 RUN true \
diff --git a/docs/.gitignore b/docs/.gitignore
new file mode 100644
index 0000000000000000000000000000000000000000..7585238efedfc33acdd9494b0269951aaf3909ec
--- /dev/null
+++ b/docs/.gitignore
@@ -0,0 +1 @@
+book
diff --git a/docs/Makefile b/docs/Makefile
new file mode 100644
index 0000000000000000000000000000000000000000..d099dd4e6c3e69de2273e32b89bc144e7c3cc9b1
--- /dev/null
+++ b/docs/Makefile
@@ -0,0 +1,7 @@
+
+include ../utils/help.mk
+
+.PHONY: serve
+serve: ## Render docs locally and provide them on localhost
+	cd ../ && koolbox mdbook serve docs
+
diff --git a/docs/book.toml b/docs/book.toml
new file mode 100644
index 0000000000000000000000000000000000000000..d34134a466f61e30db9c8c8ccd4f8b0ef9906629
--- /dev/null
+++ b/docs/book.toml
@@ -0,0 +1,5 @@
+[book]
+authors = []
+language = "en"
+multilingual = false
+src = "src"
diff --git a/docs/src/SUMMARY.md b/docs/src/SUMMARY.md
new file mode 100644
index 0000000000000000000000000000000000000000..a2f4780a9ab134068c0debcf6f8623557a6803c8
--- /dev/null
+++ b/docs/src/SUMMARY.md
@@ -0,0 +1,29 @@
+# Summary
+
+# Infrastructure
+
+- [About](about.md)
+- [Hardware]()
+- [Operating System](operating_system.md)
+- [Network]()
+- [Continous Integreation]()
+- [GitOps]()
+- [Infrastructure Components](components/README.md)
+  - [calico](components/calico.md)
+  - [cert-manager](components/cert-manager.md)
+  - [flux]()
+  - [k8up](components/k8up.md)
+  - [longhorn](components/longhorn.md)
+  - [metallb](components/metallb.md)
+  - [monitoring]()
+  - [nginx-system](components/nginx-system.md)
+  - [node-features](components/node-features.md)
+  - [starboard](components/starboard.md)
+  - [system-upgrades](components/system-upgrades.md)
+- [Apps]()
+  - [DNS]()
+  - [hcloud-dynfw]()
+  - [mail]()
+  - [Matrix]()
+  - [Nextcloud]()
+  - [Registry]()
diff --git a/docs/src/about.md b/docs/src/about.md
new file mode 100644
index 0000000000000000000000000000000000000000..786d8e132203c74469455a1601f06cbfa02dd03f
--- /dev/null
+++ b/docs/src/about.md
@@ -0,0 +1,3 @@
+# Shivering Isles GitOps Infrastructure
+
+This documentation provides some insight into the Sivering-Isles GitOps Infrastructure. Into concepts, useful information and a general overview over all the different parts of the overall project.
diff --git a/docs/src/components/README.md b/docs/src/components/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..ef2c135417d82e3b5f6c9d3cc6482ef3cc4a7c70
--- /dev/null
+++ b/docs/src/components/README.md
@@ -0,0 +1,3 @@
+# Components
+
+Overview over cluster components, their function, useful links and things that would have been nice to know beforehand.
diff --git a/docs/src/components/calico.md b/docs/src/components/calico.md
new file mode 120000
index 0000000000000000000000000000000000000000..8e569ec36f9d16b63dacfb20628842fe0beb4dee
--- /dev/null
+++ b/docs/src/components/calico.md
@@ -0,0 +1 @@
+../../../infrastructure/calico/README.md
\ No newline at end of file
diff --git a/docs/src/components/cert-manager.md b/docs/src/components/cert-manager.md
new file mode 120000
index 0000000000000000000000000000000000000000..8f8b23fbc0c9313862fb323283c9c1d08c03d144
--- /dev/null
+++ b/docs/src/components/cert-manager.md
@@ -0,0 +1 @@
+../../../infrastructure/cert-manager/README.md
\ No newline at end of file
diff --git a/docs/src/components/k8up.md b/docs/src/components/k8up.md
new file mode 120000
index 0000000000000000000000000000000000000000..da5bac019050c4c57b26e71509b5a2ff82525cd5
--- /dev/null
+++ b/docs/src/components/k8up.md
@@ -0,0 +1 @@
+../../../infrastructure/k8up/README.md
\ No newline at end of file
diff --git a/docs/src/components/longhorn.md b/docs/src/components/longhorn.md
new file mode 120000
index 0000000000000000000000000000000000000000..650cc4b184659f76038b690dfbb92c854d9517ae
--- /dev/null
+++ b/docs/src/components/longhorn.md
@@ -0,0 +1 @@
+../../../infrastructure/longhorn/README.md
\ No newline at end of file
diff --git a/docs/src/components/metallb.md b/docs/src/components/metallb.md
new file mode 120000
index 0000000000000000000000000000000000000000..071c398a74d1868b47ca565294da633f3f1c0c77
--- /dev/null
+++ b/docs/src/components/metallb.md
@@ -0,0 +1 @@
+../../../infrastructure/metallb/README.md
\ No newline at end of file
diff --git a/docs/src/components/nginx-system.md b/docs/src/components/nginx-system.md
new file mode 120000
index 0000000000000000000000000000000000000000..61c6a3980884a5799123428ca62c2a562fdc5454
--- /dev/null
+++ b/docs/src/components/nginx-system.md
@@ -0,0 +1 @@
+../../../infrastructure/nginx-system/README.md
\ No newline at end of file
diff --git a/docs/src/components/node-features.md b/docs/src/components/node-features.md
new file mode 120000
index 0000000000000000000000000000000000000000..93eff175a0f990d8d10603bbb5dbbba4c76ec698
--- /dev/null
+++ b/docs/src/components/node-features.md
@@ -0,0 +1 @@
+../../../infrastructure/node-features/README.md
\ No newline at end of file
diff --git a/docs/src/components/starboard.md b/docs/src/components/starboard.md
new file mode 120000
index 0000000000000000000000000000000000000000..2230c00d25c1355f9adda487920752e5ea68f442
--- /dev/null
+++ b/docs/src/components/starboard.md
@@ -0,0 +1 @@
+../../../infrastructure/starboard/README.md
\ No newline at end of file
diff --git a/docs/src/components/system-upgrades.md b/docs/src/components/system-upgrades.md
new file mode 120000
index 0000000000000000000000000000000000000000..74f67f4e31e76591d1b4b68e1371b54d11764885
--- /dev/null
+++ b/docs/src/components/system-upgrades.md
@@ -0,0 +1 @@
+../../../infrastructure/system-upgrades/README.md
\ No newline at end of file
diff --git a/docs/src/operating_system.md b/docs/src/operating_system.md
new file mode 100644
index 0000000000000000000000000000000000000000..237e9e46bb326872d97a336865e28e7e1f209666
--- /dev/null
+++ b/docs/src/operating_system.md
@@ -0,0 +1,116 @@
+# Operating System
+
+For this setup Fedora is the Operating System of choice for multiple reasons. It provides both image-based installation methods (e.g. Fedora CoreOS) as well as package-based installation methods (e.g. Fedora Server) for many architectures and provides a modern and stable set of packages. Further it matches the developer machine OS, which helps with debugging and testing things locally before pushing them onto the deployments.
+
+## OS requirements
+
+The OS requirements to run the current setup are:
+
+- modern software versions
+- Kubeadm support
+- cri-o support
+- TPM-based LUKS encryption
+- SELinux support
+- (optional) cockpit integration
+- (optional) SSH access
+- automated updates
+
+## Setup script
+
+Currently the following script is used for set up:
+
+```
+#!/bin/bash
+
+# System upgrade
+dnf upgrade -y
+
+# Prepare Kubernetes
+dnf copr enable -y "sheogorath/kubernetes-1.22"
+dnf install -y kubernetes kubernetes-kubeadm
+
+# Install Crio as container engine
+dnf module enable -y cri-o:1.22
+dnf install -y cri-o cri-tools
+systemctl enable --now crio
+
+# Load kernel modules for Kubernetes and Calico
+modprobe br_netfilter
+modprobe wireguard
+cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
+br_netfilter
+wireguard
+EOF
+
+# Prepare sysctls for Kubernetes
+cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
+net.bridge.bridge-nf-call-ip6tables = 1
+net.bridge.bridge-nf-call-iptables = 1
+net.ipv4.ip_forward = 1
+EOF
+sysctl --system
+
+dnf install -y iptables
+
+# Disable systemd-resolved for CoreDNS
+rm -f /etc/resolv.conf
+cp /run/systemd/resolve/resolv.conf /etc/resolv.conf
+systemctl disable --now systemd-resolved
+
+# Prepare NetworkManager for Calico
+cat <<EOF | sudo tee /etc/NetworkManager/conf.d/calico.conf
+[keyfile]
+unmanaged-devices=interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico;interface-name:wireguard.cali
+EOF
+systemctl restart NetworkManager
+
+systemctl mask firewalld
+
+# Disable zram swap
+dnf remove -y zram-generator-defaults
+
+# Setup TPM encryption
+dnf install -y clevis-dracut
+clevis luks bind -d /dev/nvme0n1p3 tpm2 '{}'
+dracut -f
+
+# Install management interface
+dnf install -y cockpit cockpit-pcp
+
+reboot
+```
+
+*Be aware that this interactive due to TPM set up*
+
+## Filesystem Layout
+
+|Path|Filesystem|Size |Description|
+|----|----------|-----|-----------|
+|`/` |`xfs`     |15GiB|Root filesystem set up by Fedora Server layout.|
+|`/boot/efi`|`vfat`|600MiB|Filesystem for EFI, set up by Fedora Server layout.|
+|`/var/lib/containers` |`xfs` |50GiB|Filesystem for container images.|
+|`/var/lib/kubelet` |`xfs` |20GiB|Filesystem for kubelet related storage, such as `emptyDir`|
+|`/var/lib/longhorn`|`xfs`|varies|Filesystem for longhorn storage, this is used by longhorn to provide high-available storage across the clusters.|
+|`/var/lib/storage`|`xfs`|varies|Additional filesystem for longhorn storage, this is used by longhorn to provide high-available storage across the clusters.|
+
+## Setup addition SSD
+
+```bash
+# Setup LUKS recovery key
+cryptsetup luksFormat /dev/sda
+cryptsetup isLuks /dev/sda
+cryptsetup luksDump /dev/sda
+cryptsetup luksUUID /dev/sda
+cryptsetup luksOpen /dev/sda storage
+# Encrypt with local TPM
+clevis luks bind -d /dev/sda tpm2 '{}'
+mkfs.xfs /dev/mapper/storage
+echo "storage UUID=$(cryptsetup luksUUID /dev/sda) none discard,timeout=15" >> /etc/crypttab
+echo "/dev/mapper/storage   /var/lib/storage           xfs     defaults,x-systemd.device-timeout=0 0 0" >> /etc/fstab
+mkdir -p /var/lib/storage
+chcon -t container_file_t /var/lib/storage/
+mount -a
+df -h /var/lib/storage/
+# Make sure decryption on reboot works
+systemctl enable clevis-luks-askpass.path
+```