diff --git a/tasks/cilium.yml b/tasks/cilium.yml
new file mode 100644
index 0000000..7b1e680
--- /dev/null
+++ b/tasks/cilium.yml
@@ -0,0 +1,16 @@
+---
+- name: Create the RKE2 manifests directory
+  ansible.builtin.file:
+    state: directory
+    path: "{{ rke2_data_path }}/server/manifests"
+    owner: root
+    group: root
+    mode: 0700
+
+- name: Copy cilium-config files to first server
+  ansible.builtin.template:
+    src: "templates/cilium-config.yml.j2"
+    dest: "{{ rke2_data_path }}/server/manifests/rke2-cilium-config.yaml"
+    owner: root
+    group: root
+    mode: 0664
diff --git a/tasks/main.yml b/tasks/main.yml
index 5c42807..d881e3b 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -45,6 +45,13 @@
     - rke2_ingress_nginx_values is defined
     - rke2_ingress_nginx_values | length > 0
 
+- name: Copy cilium-config manifests to the masternode
+  ansible.builtin.include_tasks: cilium.yml
+  when:
+    - inventory_hostname == groups[rke2_servers_group_name].0
+    - rke2_cilium_values is defined
+    - rke2_cilium_values | length > 0
+
 - name: Prepare very first server node in the cluster
   ansible.builtin.include_tasks: first_server.yml
   when:
diff --git a/templates/cilium-config.yml.j2 b/templates/cilium-config.yml.j2
new file mode 100644
index 0000000..0189cb2
--- /dev/null
+++ b/templates/cilium-config.yml.j2
@@ -0,0 +1,10 @@
+apiVersion: helm.cattle.io/v1
+kind: HelmChartConfig
+metadata:
+  name: rke2-cilium
+  namespace: kube-system
+spec:
+  valuesContent: |-
+{% if rke2_cilium_values | length > 0 %}
+    {{ rke2_cilium_values | to_nice_yaml(indent=2) | indent(4) }}
+{% endif %}