diff --git a/k8s/system/kustomization.yaml b/k8s/system/kustomization.yaml
index 3b28508..9ae17a6 100644
--- a/k8s/system/kustomization.yaml
+++ b/k8s/system/kustomization.yaml
@@ -2,4 +2,10 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - traefik-default-cert.yaml
-
+configMapGenerator:
+  - name: traefik-additional-configs
+    namespace: kube-system
+    options:
+      disableNameSuffixHash: true
+    files:
+      - traefik/external-services.yaml
diff --git a/k8s/system/traefik-default-cert.yaml b/k8s/system/traefik-default-cert.yaml
index d6db219..1052b08 100644
--- a/k8s/system/traefik-default-cert.yaml
+++ b/k8s/system/traefik-default-cert.yaml
@@ -10,7 +10,7 @@ spec:
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
-  name: traefik-default
+  name: default
   namespace: kube-system
 spec:
   issuerRef:
diff --git a/k8s/system/traefik/external-services.yaml b/k8s/system/traefik/external-services.yaml
new file mode 100644
index 0000000..e2c906d
--- /dev/null
+++ b/k8s/system/traefik/external-services.yaml
@@ -0,0 +1,21 @@
+http:
+  routers:
+    minio:
+      entryPoints:
+        - websecure
+      rule: "Host(`storage.home.finn.io`)"
+      service: minio
+    minio-console:
+      entryPoints:
+        - websecure
+      rule: "Host(`minio-console.home.finn.io`)"
+      service: minio-console
+  services:
+    minio:
+      loadBalancer:
+        servers:
+        - url: "http://minio:9000/"
+    minio-console:
+      loadBalancer:
+        servers:
+        - url: "http://minio:9001/"
diff --git a/roles/k8s-node/templates/traefik-config.yaml b/roles/k8s-node/templates/traefik-config.yaml
index 66677ba..023bb92 100644
--- a/roles/k8s-node/templates/traefik-config.yaml
+++ b/roles/k8s-node/templates/traefik-config.yaml
@@ -5,6 +5,8 @@ metadata:
   namespace: kube-system
 spec:
   valuesContent: |-
+    deployment:
+      replicas: 2
     ports:
       web:
         proxyProtocol:
@@ -17,3 +19,10 @@ spec:
           trustedIPs:
             - 10.5.1.245/32
             - 10.42.0.0/16   # traffic getting redirected from other nodes
+    additionalArguments:
+      - --providers.file.directory=/file-configs
+      - --providers.file.watch=true
+    volumes:
+      - name: traefik-additional-configs
+        mountPath: /file-configs
+        type: configMap