diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 203ba93..eb8dc6e 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -21,7 +21,9 @@ repos:
     hooks:
       - id: kubeconform
 
-  - repo: https://github.com/tarioch/flux-check-hook
-    rev: v0.8.0
-    hooks:
-      - id: check-flux-helm-values
+  # Linting does not work with external values.yaml
+  # TODO: Include url to schema in values.yaml and validate based on that?
+  # - repo: https://github.com/tarioch/flux-check-hook
+  #   rev: v0.8.0
+  #   hooks:
+  #     - id: check-flux-helm-values
diff --git a/clusters/titan.lan.huizinga.dev/infra/kustomization.yaml b/clusters/titan.lan.huizinga.dev/infra/kustomization.yaml
index 816d3b3..ed56dd9 100644
--- a/clusters/titan.lan.huizinga.dev/infra/kustomization.yaml
+++ b/clusters/titan.lan.huizinga.dev/infra/kustomization.yaml
@@ -13,6 +13,7 @@ resources:
   - ./../../../infra/kube-vip
   - ./../../../infra/kyverno
   - ./../../../infra/lldap
+  - ./../../../infra/loki
   - ./../../../infra/node-feature-discovery
   - ./../../../infra/rook-ceph
   - ./../../../infra/topolvm
diff --git a/infra/loki/kustomization.yaml b/infra/loki/kustomization.yaml
new file mode 100644
index 0000000..1861eeb
--- /dev/null
+++ b/infra/loki/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - ./loki.yaml
diff --git a/infra/loki/loki.yaml b/infra/loki/loki.yaml
new file mode 100644
index 0000000..90d6248
--- /dev/null
+++ b/infra/loki/loki.yaml
@@ -0,0 +1,18 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+  name: loki
+  namespace: flux-system
+  labels:
+    alert: flux-infra
+spec:
+  interval: 15m
+  path: ./infra/loki/loki
+  dependsOn:
+    - name: rook-ceph
+  prune: true
+  timeout: 2m
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  wait: true
diff --git a/infra/loki/loki/helm-release.yaml b/infra/loki/loki/helm-release.yaml
new file mode 100644
index 0000000..0affd3d
--- /dev/null
+++ b/infra/loki/loki/helm-release.yaml
@@ -0,0 +1,18 @@
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: loki
+spec:
+  chart:
+    spec:
+      chart: loki
+      reconcileStrategy: ChartVersion
+      sourceRef:
+        kind: HelmRepository
+        name: grafana
+      version: 6.29.0
+  interval: 15m
+  timeout: 5m
+  valuesFrom:
+    - kind: ConfigMap
+      name: loki-values
diff --git a/infra/loki/loki/helm-repository.yaml b/infra/loki/loki/helm-repository.yaml
new file mode 100644
index 0000000..9c7b735
--- /dev/null
+++ b/infra/loki/loki/helm-repository.yaml
@@ -0,0 +1,7 @@
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+  name: grafana
+spec:
+  interval: 15m
+  url: https://grafana.github.io/helm-charts
diff --git a/infra/loki/loki/kustomization.yaml b/infra/loki/loki/kustomization.yaml
new file mode 100644
index 0000000..6ab957f
--- /dev/null
+++ b/infra/loki/loki/kustomization.yaml
@@ -0,0 +1,16 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: loki
+resources:
+  - ./namespace.yaml
+  - ./object-bucket-claim-chunks.yaml
+  - ./object-bucket-claim-ruler.yaml
+  - ./helm-repository.yaml
+  - ./helm-release.yaml
+configurations:
+  - ../../../common/name-reference/helm-release.yaml
+
+configMapGenerator:
+  - name: loki-values
+    files:
+      - ./values.yaml
diff --git a/infra/loki/loki/namespace.yaml b/infra/loki/loki/namespace.yaml
new file mode 100644
index 0000000..df62536
--- /dev/null
+++ b/infra/loki/loki/namespace.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: loki
diff --git a/infra/loki/loki/object-bucket-claim-chunks.yaml b/infra/loki/loki/object-bucket-claim-chunks.yaml
new file mode 100644
index 0000000..c9e55d2
--- /dev/null
+++ b/infra/loki/loki/object-bucket-claim-chunks.yaml
@@ -0,0 +1,7 @@
+apiVersion: objectbucket.io/v1alpha1
+kind: ObjectBucketClaim
+metadata:
+  name: chunks
+spec:
+  generateBucketName: chunks
+  storageClassName: ceph-bucket
diff --git a/infra/loki/loki/object-bucket-claim-ruler.yaml b/infra/loki/loki/object-bucket-claim-ruler.yaml
new file mode 100644
index 0000000..e0e1ab0
--- /dev/null
+++ b/infra/loki/loki/object-bucket-claim-ruler.yaml
@@ -0,0 +1,7 @@
+apiVersion: objectbucket.io/v1alpha1
+kind: ObjectBucketClaim
+metadata:
+  name: ruler
+spec:
+  generateBucketName: ruler
+  storageClassName: ceph-bucket
diff --git a/infra/loki/loki/values.yaml b/infra/loki/loki/values.yaml
new file mode 100644
index 0000000..0f1f2c8
--- /dev/null
+++ b/infra/loki/loki/values.yaml
@@ -0,0 +1,104 @@
+global:
+  extraArgs:
+    - -config.expand-env=true
+  extraEnvFrom:
+    - secretRef:
+        name: chunks
+      prefix: CHUNKS_
+    - configMapRef:
+        name: chunks
+      prefix: CHUNKS_
+    - secretRef:
+        name: ruler
+      prefix: RULER_
+    - configMapRef:
+        name: ruler
+      prefix: RULER_
+
+loki:
+  schemaConfig:
+    configs:
+      - from: "2024-04-01"
+        store: tsdb
+        object_store: s3
+        schema: v13
+        index:
+          prefix: loki_index_
+          period: 24h
+  storage_config:
+    aws:
+      region: "${CHUNKS_BUCKET_REGION}"
+      bucketnames: "${CHUNKS_BUCKET_NAME}"
+      s3forcepathstyle: true
+  pattern_ingester:
+    enabled: true
+  limits_config:
+    allow_structured_metadata: true
+    volume_enabled: true
+    retention_period: 672h # 28 days retention
+  querier:
+    max_concurrent: 4
+
+  storage:
+    type: s3
+    bucketNames:
+      chunks: "${CHUNKS_BUCKET_NAME}"
+      ruler: "${RULER_BUCKET_NAME}"
+    s3:
+      # s3 URL can be used to specify the endpoint, access key, secret key, and bucket name this works well for S3 compatible storages or if you are hosting Loki on-premises and want to use S3 as the storage backend. Either use the s3 URL or the individual fields below (AWS endpoint, region, secret).
+      # s3: s3://access_key:secret_access_key@custom_endpoint/bucket_name
+      # AWS endpoint URL
+      endpoint: "${CHUNKS_BUCKET_HOST}"
+      # AWS region where the S3 bucket is located
+      region: "${CHUNKS_BUCKET_REGION}"
+      # AWS secret access key
+      secretAccessKey: "${CHUNKS_SECRET_ACCESS_KEY}"
+      # AWS access key ID
+      accessKeyId: "${CHUNKS_ACCESS_KEY_ID}"
+      # AWS signature version (e.g., v2 or v4)
+      # signatureVersion: <your-signature-version>
+      # Forces the path style for S3 (true/false)
+      s3ForcePathStyle: true
+      # Allows insecure (HTTP) connections (true/false)
+      insecure: true
+      # HTTP configuration settings
+      # http_config: {}
+  rulerConfig:
+    type: s3
+    storage:
+      s3:
+        bucketnames: ${RULER_BUCKET_NAME}
+        endpoint: ${RULER_BUCKET_HOST}
+        region: ${RULER_BUCKET_REGION}
+        secret_access_key: ${RULER_SECRET_ACCESS_KEY}
+        access_key_id: ${RULER_ACCESS_KEY_ID}
+        s3forcepathstyle: true
+        insecure: true
+
+deploymentMode: SimpleScalable
+
+backend:
+  replicas: 3
+
+  # NOTE: There appears to be an error in the helm chart, it uses extraEnv instead of extraEnvFrom from global
+  extraEnvFrom:
+    - secretRef:
+        name: chunks
+      prefix: CHUNKS_
+    - configMapRef:
+        name: chunks
+      prefix: CHUNKS_
+    - secretRef:
+        name: ruler
+      prefix: RULER_
+    - configMapRef:
+        name: ruler
+      prefix: RULER_
+read:
+  replicas: 3
+write:
+  replicas: 3
+
+# Disable minio storage
+minio:
+  enabled: false