diff --git a/argocd-apps/homelab.yaml b/argocd-apps/homelab.yaml
index d1b6cd5..87d5c25 100644
--- a/argocd-apps/homelab.yaml
+++ b/argocd-apps/homelab.yaml
@@ -592,3 +592,25 @@ spec:
     - CreateNamespace=true
     - PruneLast=true
 ---
+# Termix
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: termix
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  project: homelab
+  source:
+    repoURL: https://gitea.dooplex.hu/admin/homelab-manifests.git
+    targetRevision: main
+    path: termix-system
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: termix-system
+  syncPolicy:
+    syncOptions:
+    - CreateNamespace=true
+    - PruneLast=true
+---
diff --git a/termix-system/termix.yaml b/termix-system/termix.yaml
new file mode 100644
index 0000000..6e5842d
--- /dev/null
+++ b/termix-system/termix.yaml
@@ -0,0 +1,165 @@
+# Termix - Web-based server management platform with SSH terminal
+# https://github.com/Termix-SSH/Termix
+# Version: 1.9.0
+#
+# Post-deployment steps:
+# 1. Access https://termix.dooplex.hu
+# 2. Create initial admin account
+# 3. Navigate to Admin Settings > OIDC tab
+# 4. Configure Authentik OIDC settings (see authentik-notes.md)
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: termix-system
+  labels:
+    app.kubernetes.io/name: termix
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: termix
+  namespace: termix-system
+  labels:
+    app.kubernetes.io/name: termix
+    app.kubernetes.io/instance: termix
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: termix
+      app.kubernetes.io/instance: termix
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: termix
+        app.kubernetes.io/instance: termix
+    spec:
+      containers:
+        - name: termix
+          image: ghcr.io/lukegus/termix:1.9.0
+          imagePullPolicy: IfNotPresent
+          ports:
+            - name: http
+              containerPort: 8080
+              protocol: TCP
+          env:
+            - name: TZ
+              value: "Europe/Budapest"
+            - name: PORT
+              value: "8080"
+          volumeMounts:
+            - name: data
+              mountPath: /app/data
+          resources:
+            requests:
+              cpu: 100m
+              memory: 256Mi
+            limits:
+              cpu: "1"
+              memory: 1Gi
+          livenessProbe:
+            httpGet:
+              path: /
+              port: http
+            initialDelaySeconds: 30
+            periodSeconds: 30
+            timeoutSeconds: 10
+            failureThreshold: 3
+          readinessProbe:
+            httpGet:
+              path: /
+              port: http
+            initialDelaySeconds: 10
+            periodSeconds: 10
+            timeoutSeconds: 5
+            failureThreshold: 3
+      volumes:
+        - name: data
+          persistentVolumeClaim:
+            claimName: termix-data
+      restartPolicy: Always
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: termix
+  namespace: termix-system
+  labels:
+    app.kubernetes.io/name: termix
+    app.kubernetes.io/instance: termix
+spec:
+  type: ClusterIP
+  ports:
+    - name: http
+      port: 8080
+      targetPort: http
+      protocol: TCP
+  selector:
+    app.kubernetes.io/name: termix
+    app.kubernetes.io/instance: termix
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: termix
+  namespace: termix-system
+  labels:
+    app.kubernetes.io/name: termix
+    app.kubernetes.io/instance: termix
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    external-dns.alpha.kubernetes.io/hostname: termix.dooplex.hu,termix.home
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/proxy-body-size: "100m"
+    # WebSocket support for SSH terminal
+    nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
+    nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
+spec:
+  ingressClassName: nginx-internal
+  tls:
+    - hosts:
+        - termix.dooplex.hu
+      secretName: termix-tls
+  rules:
+    - host: termix.dooplex.hu
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: termix
+                port:
+                  number: 8080
+    - host: termix.home
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: termix
+                port:
+                  number: 8080
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: termix-data
+  namespace: termix-system
+  labels:
+    app.kubernetes.io/name: termix
+    app.kubernetes.io/instance: termix
+    recurring-job-group.longhorn.io/needbackup: enabled
+    recurring-job.longhorn.io/source: enabled
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 5Gi
+---