diff --git a/kube/deploy/core/monitoring/smartctl-exporter/app/hr.yaml b/kube/deploy/core/monitoring/smartctl-exporter/app/hr.yaml
index 966702bc..362f7299 100644
--- a/kube/deploy/core/monitoring/smartctl-exporter/app/hr.yaml
+++ b/kube/deploy/core/monitoring/smartctl-exporter/app/hr.yaml
@@ -3,7 +3,7 @@ apiVersion: helm.toolkit.fluxcd.io/v2beta2
 kind: HelmRelease
 metadata:
   name: &app smartctl-exporter
-  namespace: monitoring
+  namespace: *app
 spec:
   interval: 5m
   chart:
diff --git a/kube/deploy/core/monitoring/smartctl-exporter/ks.yaml b/kube/deploy/core/monitoring/smartctl-exporter/ks.yaml
index b75b298f..d2b52b74 100644
--- a/kube/deploy/core/monitoring/smartctl-exporter/ks.yaml
+++ b/kube/deploy/core/monitoring/smartctl-exporter/ks.yaml
@@ -5,10 +5,10 @@ metadata:
   name: 1-core-monitoring-smartctl-exporter-app
   namespace: flux-system
   labels: &l
-    app.kubernetes.io/name: "smartctl-exporter"
+    app.kubernetes.io/name: &app "smartctl-exporter"
 spec:
   commonMetadata:
     labels: *l
   path: ./kube/deploy/core/monitoring/smartctl-exporter/app
-  targetNamespace: "monitoring"
+  targetNamespace: *app
   dependsOn: []
\ No newline at end of file
diff --git a/kube/deploy/core/monitoring/smartctl-exporter/kustomization.yaml b/kube/deploy/core/monitoring/smartctl-exporter/kustomization.yaml
index 70a77029..5eeb2657 100644
--- a/kube/deploy/core/monitoring/smartctl-exporter/kustomization.yaml
+++ b/kube/deploy/core/monitoring/smartctl-exporter/kustomization.yaml
@@ -2,4 +2,5 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
+  - ns.yaml
   - ks.yaml
diff --git a/kube/deploy/core/monitoring/smartctl-exporter/ns.yaml b/kube/deploy/core/monitoring/smartctl-exporter/ns.yaml
new file mode 100644
index 00000000..c79ced73
--- /dev/null
+++ b/kube/deploy/core/monitoring/smartctl-exporter/ns.yaml
@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: smartctl-exporter
+  labels:
+    kustomize.toolkit.fluxcd.io/prune: disabled
+    pod-security.kubernetes.io/enforce: &ps privileged
+    pod-security.kubernetes.io/audit: *ps
+    pod-security.kubernetes.io/warn: *ps