diff --git a/.github/workflows/piped.yml b/.github/workflows/piped.yml
new file mode 100644
index 00000000..e64addec
--- /dev/null
+++ b/.github/workflows/piped.yml
@@ -0,0 +1,46 @@
+name: deploy-piped
+
+on:
+  push:
+    paths:
+      - '.github/workflows/piped.yml'
+      - 'piped/**'
+    branches: [main]
+  workflow_dispatch:
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    environment:
+      name: piped
+      url: https://piped.aosus.link
+    steps:
+      - name: checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Tailscale
+        uses: tailscale/github-action@ce41a99162202a647a4b24c30c558a567b926709
+        with:
+          authkey: ${{ secrets.TAILSCALE_AUTHKEY }}
+          hostname: Github-actions
+          version: ${{ vars.TAILSCALE_VERSION }}
+
+      - name: Add secrets to config files
+        env:
+          POSTGRES_PASSWORD: ${{ secrets.piped_postgres_password }}
+        run: |
+          sed -i "s/(piped_postgres_password)/$POSTGRES_PASSWORD/g" $GITHUB_WORKSPACE/piped/config.properties
+
+      - name: Start Deployment
+        uses: FarisZR/docker-compose-gitops-action@v1
+        env:
+          POSTGRES_PASSWORD: ${{ secrets.piped_postgres_password }}
+        with:
+          remote_docker_host: ${{ secrets.server_address }}
+          tailscale_ssh: true # no need for manual private and public keys
+          upload_directory: true # upload docker directory
+          docker_compose_directory: piped # directory to upload
+          compose_file_path: piped/docker-compose.yml
+          args: -p piped up -d --remove-orphans
\ No newline at end of file
diff --git a/caddy/configs/piped.caddy b/caddy/configs/piped.caddy
new file mode 100644
index 00000000..f213e31f
--- /dev/null
+++ b/caddy/configs/piped.caddy
@@ -0,0 +1,76 @@
+(piped-global) {
+	header {
+		# disable FLoC tracking
+		Permissions-Policy interest-cohort=()
+
+		# enable HSTS
+		Strict-Transport-Security max-age=31536000;
+
+		# keep referrer data off
+		Referrer-Policy no-referrer
+	}
+}
+
+piped.aosus.link {
+	# aosus settings
+	respond /robots.txt 200 {
+		body "User-agent: *
+Disallow: /"
+	}    
+	header {
+        X-Robots-Tag "noindex, noarchive, nofollow, nosnippet"
+		X-XSS-Protection "1; mode=block"
+    }
+	# end aosus settings
+	reverse_proxy pipedfrontend:80
+	import piped-global
+	encode zstd gzip
+}
+
+api.piped.aosus.link {
+	# aosus settings
+	respond /robots.txt 200 {
+		body "User-agent: *
+Disallow: /"
+	}    
+	header {
+        X-Robots-Tag "noindex, noarchive, nofollow, nosnippet"
+		X-XSS-Protection "1; mode=block"
+    }
+	# end aosus settings
+	reverse_proxy piped-nginx:80
+	import piped-global
+	encode zstd gzip
+}
+
+proxy.piped.aosus.link {
+	@ytproxy path /videoplayback* /api/v4/* /api/manifest/*
+	import piped-global
+	# aosus settings
+	respond /robots.txt 200 {
+		body "User-agent: *
+Disallow: /"
+	}    
+	header {
+        X-Robots-Tag "noindex, noarchive, nofollow, nosnippet"
+		X-XSS-Protection "1; mode=block"
+    }
+	# end aosus settings
+	route {
+		header @ytproxy {
+			Cache-Control private always
+		}
+
+		header / {
+			Cache-Control "public, max-age=604800"
+		}
+
+		reverse_proxy unix//var/run/ytproxy/actix.sock {
+			header_up -CF-Connecting-IP
+			header_up -X-Forwarded-For
+			header_down -etag
+			header_down -alt-svc
+		}
+	}
+	encode zstd gzip
+}
diff --git a/caddy/docker-compose.yml b/caddy/docker-compose.yml
index 568779b9..113c1067 100644
--- a/caddy/docker-compose.yml
+++ b/caddy/docker-compose.yml
@@ -24,6 +24,7 @@ services:
       - /home/aosus/caddy/configs:/etc/caddy/configs:ro
       - data:/data
       - config:/config
+      - piped-proxy:/var/run/ytproxy
     networks:
       web:
       discourse:
@@ -33,4 +34,6 @@ configs:
 
 volumes:
   data:
-  config:
\ No newline at end of file
+  config:
+  piped_piped-proxy:
+    external: true
\ No newline at end of file
diff --git a/piped/config.properties b/piped/config.properties
new file mode 100644
index 00000000..5a2475ed
--- /dev/null
+++ b/piped/config.properties
@@ -0,0 +1,41 @@
+# The port to Listen on.
+PORT: 8080
+
+# The number of workers to use for the server
+HTTP_WORKERS: 8
+
+# Proxy
+PROXY_PART: https://proxy.piped.aosus.link
+
+# Outgoing HTTP Proxy - eg: 127.0.0.1:8118
+#HTTP_PROXY: 127.0.0.1:8118
+
+# Captcha Parameters
+#CAPTCHA_BASE_URL: https://api.capmonster.cloud/
+#CAPTCHA_API_KEY: INSERT_HERE
+
+# Public API URL
+API_URL: https://api.piped.aosus.link
+
+# Public Frontend URL
+FRONTEND_URL: https://piped.aosus.link
+
+# Enable haveibeenpwned compromised password API
+COMPROMISED_PASSWORD_CHECK: true
+
+# Disable Registration
+DISABLE_REGISTRATION: false
+
+# Feed Retention Time in Days
+FEED_RETENTION: 30
+
+# Hibernate properties
+hibernate.connection.url: jdbc:postgresql://postgres:5432/piped
+hibernate.connection.driver_class: org.postgresql.Driver
+hibernate.dialect: org.hibernate.dialect.PostgreSQLDialect
+hibernate.connection.username: piped
+hibernate.connection.password: (piped_postgres_password)
+
+# Frontend configuration
+frontend.statusPageUrl:https://status.aosus.org
+frontend.donationUrl:https://opencollective.com/aosus
\ No newline at end of file
diff --git a/piped/config/Caddyfile b/piped/config/Caddyfile
new file mode 100644
index 00000000..4d84ca6b
--- /dev/null
+++ b/piped/config/Caddyfile
@@ -0,0 +1,47 @@
+(global) {
+	header {
+		# disable FLoC tracking
+		Permissions-Policy interest-cohort=()
+
+		# enable HSTS
+		Strict-Transport-Security max-age=31536000;
+
+		# keep referrer data off
+		Referrer-Policy no-referrer
+
+		# prevent for appearing in search engine for private instances (option)
+		#X-Robots-Tag noindex
+	}
+}
+
+piped.aosus.org {
+	reverse_proxy pipedfrontend:80
+	import global
+}
+
+api.piped.aosus.org {
+	reverse_proxy nginx:80
+	import global
+}
+
+proxy.piped.aosus.org {
+	@ytproxy path /videoplayback* /api/v4/* /api/manifest/*
+	import global
+
+	route {
+		header @ytproxy {
+			Cache-Control private always
+		}
+
+		header / {
+			Cache-Control "public, max-age=604800"
+		}
+
+		reverse_proxy unix//var/run/ytproxy/actix.sock {
+			header_up -CF-Connecting-IP
+			header_up -X-Forwarded-For
+			header_down -etag
+			header_down -alt-svc
+		}
+	}
+}
diff --git a/piped/config/nginx.conf b/piped/config/nginx.conf
new file mode 100644
index 00000000..a4cfa4f0
--- /dev/null
+++ b/piped/config/nginx.conf
@@ -0,0 +1,31 @@
+user root;
+worker_processes auto;
+
+error_log /var/log/nginx/error.log notice;
+pid /var/run/nginx.pid;
+
+
+events {
+    worker_connections 1024;
+}
+
+
+http {
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+    '$status $body_bytes_sent "$http_referer" '
+    '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log /var/log/nginx/access.log main;
+
+    sendfile on;
+    tcp_nodelay on;
+
+    keepalive_timeout 65;
+
+    resolver 127.0.0.11 ipv6=off valid=10s;
+
+    include /etc/nginx/conf.d/*.conf;
+}
diff --git a/piped/config/pipedapi.conf b/piped/config/pipedapi.conf
new file mode 100644
index 00000000..1f673f30
--- /dev/null
+++ b/piped/config/pipedapi.conf
@@ -0,0 +1,15 @@
+proxy_cache_path /tmp/pipedapi_cache levels=1:2 keys_zone=pipedapi:4m max_size=2g inactive=60m use_temp_path=off;
+
+server {
+    listen 80;
+    server_name api.piped.aosus.link;
+
+    set $backend "http://piped:8080";
+
+    location / {
+        proxy_cache pipedapi;
+        proxy_pass $backend;
+        proxy_http_version 1.1;
+        proxy_set_header Connection "keep-alive";
+    }
+}
diff --git a/piped/config/pipedfrontend.conf b/piped/config/pipedfrontend.conf
new file mode 100644
index 00000000..bd1d0b71
--- /dev/null
+++ b/piped/config/pipedfrontend.conf
@@ -0,0 +1,12 @@
+server {
+    listen 80;
+    server_name piped.aosus.link;
+
+    set $backend "http://pipedfrontend:80";
+
+    location / {
+        proxy_pass $backend;
+        proxy_http_version 1.1;
+        proxy_set_header Connection "keep-alive";
+    }
+}
diff --git a/piped/config/pipedproxy.conf b/piped/config/pipedproxy.conf
new file mode 100644
index 00000000..53fd2175
--- /dev/null
+++ b/piped/config/pipedproxy.conf
@@ -0,0 +1,14 @@
+server {
+    listen 80;
+    server_name proxy.piped.aosus.link;
+
+    location ~ (/videoplayback|/api/v4/|/api/manifest/) {
+        include snippets/ytproxy.conf;
+        add_header Cache-Control private always;
+    }
+
+    location / {
+        include snippets/ytproxy.conf;
+        add_header Cache-Control "public, max-age=604800";
+    }
+}
diff --git a/piped/config/ytproxy.conf b/piped/config/ytproxy.conf
new file mode 100644
index 00000000..4fd36f10
--- /dev/null
+++ b/piped/config/ytproxy.conf
@@ -0,0 +1,18 @@
+proxy_buffering on;
+proxy_buffers 1024 16k;
+proxy_set_header X-Forwarded-For "";
+proxy_set_header CF-Connecting-IP "";
+proxy_hide_header "alt-svc";
+sendfile on;
+sendfile_max_chunk 512k;
+tcp_nopush on;
+aio threads=default;
+aio_write on;
+directio 16m;
+proxy_hide_header Cache-Control;
+proxy_hide_header etag;
+proxy_http_version 1.1;
+proxy_set_header Connection keep-alive;
+proxy_max_temp_file_size 32m;
+access_log off;
+proxy_pass http://unix:/var/run/ytproxy/actix.sock;
diff --git a/piped/docker-compose.yml b/piped/docker-compose.yml
new file mode 100644
index 00000000..32b979f7
--- /dev/null
+++ b/piped/docker-compose.yml
@@ -0,0 +1,91 @@
+version: "3"
+
+networks:
+  default:
+  web:
+    external: true
+
+services:
+  pipedfrontend:
+    image: 1337kavin/piped-frontend:latest@sha256:be7a246c741a0450c20af197e37109c6931fb82891e3d4d80ab16cd07467abad
+    restart: always
+    container_name: pipedfrontend
+    depends_on:
+      - piped
+    entrypoint: ash -c 'sed -i s/pipedapi.kavin.rocks/api.piped.aosus.org/g /usr/share/nginx/html/assets/* && /docker-entrypoint.sh && nginx -g "daemon off;"'
+    networks:
+      web:
+
+  piped-proxy:
+    image: 1337kavin/piped-proxy:latest@sha256:8f24d211c42fff109fcaa56ef2fad17e87a7a7820f0da2608f438bc4fe845d0d
+    container_name: piped-proxy
+    restart: always
+    environment:
+      - UDS=1
+    volumes:
+      - piped-proxy:/app/socket
+
+  piped:
+    image: 1337kavin/piped:latest@sha256:a606649853360270ce5fdda318572173dd16d679c98a26bd3cf6b1f6dde8a8f8
+    container_name: piped
+    restart: always
+    configs:
+      - source: piped
+        target: /app/config.properties
+    depends_on:
+      - postgres
+      
+  nginx:
+    image: nginx:mainline-alpine@sha256:dd2a9179765849767b10e2adde7e10c4ad6b7e4d4846e6b77ec93f080cd2db27
+    restart: always
+    container_name: piped-nginx
+    volumes:
+      - piped-proxy:/var/run/ytproxy
+    configs:
+      - source: nginx
+        target: /etc/nginx/nginx.conf
+      - source: pipedapi
+        target: /etc/nginx/conf.d/pipedapi.conf
+      - source: pipedproxy
+        target: /etc/nginx/conf.d/pipedproxy.conf
+      - source: pipedfrontend
+        target: /etc/nginx/conf.d/pipedfrontend.conf
+      - source: ytproxy
+        target: /etc/nginx/snippets/ytproxy.conf
+    depends_on:
+      - piped
+      - piped-proxy
+      - pipedfrontend
+    networks:
+      - default
+      - web
+
+  postgres:
+    image: postgres:15.2-alpine@sha256:07ec36ad2d5ab9250f38c8ef749239b662cf15d03c9ddb7167422edbbdf71156
+    container_name: piped-postgres
+    restart: always
+    volumes:
+      - postgres:/var/lib/postgresql/data:rw
+    environment:
+      - POSTGRES_DB=piped
+      - POSTGRES_USER=piped
+      - POSTGRES_PASSWORD
+
+volumes:
+  postgres:
+  piped-proxy:
+
+
+configs:
+  nginx:
+    file: /home/aosus/piped/config/nginx.conf
+  pipedapi:
+    file: /home/aosus/piped/config/pipedapi.conf
+  pipedproxy:
+    file: /home/aosus/piped/config/pipedproxy.conf
+  pipedfrontend:
+    file: /home/aosus/piped/config/pipedfrontend.conf
+  ytproxy:
+    file: /home/aosus/piped/config/ytproxy.conf
+  piped: 
+    file: /home/aosus/piped/config.properties
\ No newline at end of file