diff --git a/.deploy-infra/deploy-dev.yaml b/.deploy-infra/deploy-dev.yaml
index 79dfa67..a5dc6eb 100644
--- a/.deploy-infra/deploy-dev.yaml
+++ b/.deploy-infra/deploy-dev.yaml
@@ -129,6 +129,22 @@ services:
         parallelism: 1
         order: start-first
 
+  grafana:
+    image: grafana/grafana
+    volumes:
+      - /sprint-data/grafana:/var/lib/grafana
+    ports:
+      - "3000:3000"
+    deploy:
+      mode: replicated
+      placement:
+        constraints: [node.role == manager]
+      restart_policy:
+        condition: any
+      update_config:
+        parallelism: 1
+        order: start-first
+
 volumes:
   minio_data:
     driver: local
diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml
index 40890db..c7fad14 100644
--- a/.deploy-infra/deploy-prod.yaml
+++ b/.deploy-infra/deploy-prod.yaml
@@ -128,6 +128,22 @@ services:
       update_config:
         parallelism: 1
         order: start-first
+  
+  grafana:
+    image: grafana/grafana
+    volumes:
+      - /sprint-data/grafana:/var/lib/grafana
+    ports:
+      - "3000:3000"
+    deploy:
+      mode: replicated
+      placement:
+        constraints: [node.role == manager]
+      restart_policy:
+        condition: any
+      update_config:
+        parallelism: 1
+        order: start-first
 
 volumes:
   minio_data:
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index ad5550f..8761c1b 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -8,6 +8,7 @@ stages:
     - docker login -u mathwave -p $DOCKERHUB_PASSWORD
     - docker network create -d overlay --attachable swarmpit-nginx || true
     - mkdir /sprint-data/mongo || true
+    - mkdir /sprint-data/grafana || true
 
 build:
   stage: build
diff --git a/nginx/nginx-dev/nginx-dev.conf b/nginx/nginx-dev/nginx-dev.conf
index 9866dfe..550b6d4 100644
--- a/nginx/nginx-dev/nginx-dev.conf
+++ b/nginx/nginx-dev/nginx-dev.conf
@@ -98,6 +98,25 @@ http {
         }
     }
 
+    server {
+        listen      443 ssl http2;
+        listen      [::]:443 ssl http2;
+        server_name grafana.develop.sprinthub.ru;
+
+        ssl_certificate     /etc/nginx/fullchain.pem;
+        ssl_certificate_key /etc/nginx/privkey.pem;
+
+        add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header X-XSS-Protection "1; mode=block" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header Referrer-Policy "no-refferer-when-downgrade" always;
+        add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
+
+        location / {
+            proxy_pass http://develop.sprinthub.ru:3000/;
+        }
+    }
+
     server {
         listen      443 ssl http2;
         listen      [::]:443 ssl http2;
diff --git a/nginx/nginx-prod/nginx-prod.conf b/nginx/nginx-prod/nginx-prod.conf
index 39f5dc4..8852cae 100644
--- a/nginx/nginx-prod/nginx-prod.conf
+++ b/nginx/nginx-prod/nginx-prod.conf
@@ -126,6 +126,25 @@ http {
         }
     }
 
+    server {
+        listen      443 ssl http2;
+        listen      [::]:443 ssl http2;
+        server_name grafana.sprinthub.ru;
+
+        ssl_certificate     /etc/nginx/fullchain.pem;
+        ssl_certificate_key /etc/nginx/privkey.pem;
+
+        add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header X-XSS-Protection "1; mode=block" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header Referrer-Policy "no-refferer-when-downgrade" always;
+        add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
+
+        location / {
+            proxy_pass http://dev.sprinthub.ru:3000/;
+        }
+    }
+
     server {
         listen      443 ssl http2;
         listen      [::]:443 ssl http2;