diff --git a/charts/preview-apps-infrastructure/Chart.yaml b/charts/preview-apps-infrastructure/Chart.yaml
new file mode 100644
index 0000000..9c7af12
--- /dev/null
+++ b/charts/preview-apps-infrastructure/Chart.yaml
@@ -0,0 +1,14 @@
+---
+apiVersion: v2
+appVersion: "1.0.0"
+description: Creating infrastructure resources for preview apps
+name: preview-apps-infrastructure
+version: 0.5.0
+maintainers:
+  - name: Ilya Cherepanov
+    email: deponian@evilmartians.com
+
+dependencies:
+- name: kubernetes-replicator
+  repository: https://helm.mittwald.de
+  version: 2.10.0
diff --git a/charts/preview-apps/charts/kubernetes-replicator-2.7.3.tgz b/charts/preview-apps-infrastructure/charts/kubernetes-replicator-2.7.3.tgz
similarity index 100%
rename from charts/preview-apps/charts/kubernetes-replicator-2.7.3.tgz
rename to charts/preview-apps-infrastructure/charts/kubernetes-replicator-2.7.3.tgz
diff --git a/charts/preview-apps-infrastructure/templates/certificate.yaml b/charts/preview-apps-infrastructure/templates/certificate.yaml
new file mode 100644
index 0000000..b68746a
--- /dev/null
+++ b/charts/preview-apps-infrastructure/templates/certificate.yaml
@@ -0,0 +1,17 @@
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ .Values.certificate.name }}
+spec:
+  secretName: {{ .Values.certificate.name }}
+  issuerRef: 
+    kind: Issuer
+    name: {{ .Values.issuer.name }}
+  commonName: "*.{{ .Values.dnsZone }}"
+  dnsNames:
+    - "*.{{ .Values.dnsZone }}"
+  secretTemplate:
+    annotations:
+      replicator.v1.mittwald.de/replication-allowed: "true"
+      replicator.v1.mittwald.de/replication-allowed-namespaces: {{ .Values.certificate.allowedNamespaces }}
diff --git a/charts/preview-apps/templates/issuer.yaml b/charts/preview-apps-infrastructure/templates/issuer.yaml
similarity index 100%
rename from charts/preview-apps/templates/issuer.yaml
rename to charts/preview-apps-infrastructure/templates/issuer.yaml
diff --git a/charts/preview-apps-infrastructure/values.yaml b/charts/preview-apps-infrastructure/values.yaml
new file mode 100644
index 0000000..d49dc22
--- /dev/null
+++ b/charts/preview-apps-infrastructure/values.yaml
@@ -0,0 +1,24 @@
+# DNS zone where preview apps will be created
+dnsZone: "preview.sandbox.evilmartians.net"
+
+# Certificate that will be used by all preview apps
+# Corresponding tls secret will have the same name
+certificate:
+  name: preview-apps-common-tls
+  # you will be able replicate certificate only to these namespaces
+  allowedNamespaces: "preview-pr-[0-9]+"
+
+# Cert-manager issuer
+issuer:
+  name: preview-apps
+  email: admin@evilmartians.com
+  server: https://acme-v02.api.letsencrypt.org/directory
+  # DNS-01 challenge is the only way to get wildcard certificate
+  dns01:
+    route53:
+      region: us-east-1
+      hostedZoneID: Z0152EXAMPLE
+      accessKeyID: AKIA5EXAMPLE
+      secretAccessKeySecretRef:
+        name: route53-secret
+        key: secret-access-key