diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml
index 2dab304..7ac4b6b 100644
--- a/.gitea/workflows/deploy.yaml
+++ b/.gitea/workflows/deploy.yaml
@@ -10,6 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     outputs:
       node-labels: ${{ steps.filter.outputs.node-labels }}
+      coredns: ${{ steps.filter.outputs.coredns }}
     steps:
       - uses: actions/checkout@v5
         with:
@@ -20,6 +21,8 @@ jobs:
           filters: |
             k8s:
               - 'node-labels/**'
+            coredns:
+              - 'coredns/**'
 
   deploy-node-labels:
     runs-on: ubuntu-latest
@@ -35,3 +38,18 @@ jobs:
       - name: Deploy
         run: |
           kubectl apply --server-side --field-manager=t000-n -f node-labels
+
+  deploy-coredns:
+    runs-on: ubuntu-latest
+    needs: check-changes
+    if: ${{ needs.check-changes.outputs.coredns == 'true' }}
+    steps:
+      - uses: actions/checkout@v5
+      - uses: azure/setup-kubectl@v4
+      - uses: azure/k8s-set-context@v4
+        with:
+          method: kubeconfig
+          kubeconfig: ${{ secrets.KUBECONFIG }}
+      - name: Deploy
+        run: |
+          kubectl apply -n kube-system -f coredns
diff --git a/.gitea/workflows/validate.yaml b/.gitea/workflows/validate.yaml
index 719646b..da68584 100644
--- a/.gitea/workflows/validate.yaml
+++ b/.gitea/workflows/validate.yaml
@@ -18,3 +18,16 @@ jobs:
       - name: Validate
         run: |
           kubectl apply --server-side --field-manager=t000-n --dry-run=server -f node-labels
+
+  validate-coredns:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v5
+      - uses: azure/setup-kubectl@v4
+      - uses: azure/k8s-set-context@v4
+        with:
+          method: kubeconfig
+          kubeconfig: ${{ secrets.KUBECONFIG }}
+      - name: Validate
+        run: |
+          kubectl apply -n kube-system -f coredns
diff --git a/coredns/coredns-config.yaml b/coredns/coredns-config.yaml
new file mode 100644
index 0000000..d37315c
--- /dev/null
+++ b/coredns/coredns-config.yaml
@@ -0,0 +1,47 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: coredns
+  namespace: kube-system
+data:
+  Corefile: |
+    t00n.de:53 {
+      errors
+      forward . 192.168.0.1 192.168.0.9 192.168.0.10
+      cache 300
+      reload
+    }
+
+    t000-n.de:53 {
+        errors
+        forward . 192.168.0.1 192.168.0.9 192.168.0.10
+        cache 300
+        reload
+    }
+
+    .:53 {
+        errors
+        health
+        ready
+        kubernetes cluster.local in-addr.arpa ip6.arpa {
+          pods insecure
+          fallthrough in-addr.arpa ip6.arpa
+        }
+        hosts /etc/coredns/NodeHosts {
+          ttl 60
+          reload 15s
+          fallthrough
+        }
+        prometheus :9153
+        forward . /etc/resolv.conf
+        cache 30
+        loop
+        reload
+        loadbalance
+        import /etc/coredns/custom/*.override
+    }
+    import /etc/coredns/custom/*.server
+  NodeHosts: |
+    192.168.0.50 k3sh0
+    192.168.0.51 k3sh1
+    192.168.0.52 k3sh2