diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml
index 5429f81..e22842c 100644
--- a/config/crd/kustomization.yaml
+++ b/config/crd/kustomization.yaml
@@ -4,6 +4,7 @@
 resources:
 # This creates problems! Find a better solution
 # - edgenet_system_namespace.yaml
+- secrets/maxmind_secret.yaml
 - bases/multitenancy.edge-net.io_tenants.yaml
 - bases/multitenancy.edge-net.io_tenantresourcequotas.yaml
 #+kubebuilder:scaffold:crdkustomizeresource
diff --git a/config/crd/secrets/maxmind_secret.yaml b/config/crd/secrets/maxmind_secret.yaml
new file mode 100644
index 0000000..c8a1d5b
--- /dev/null
+++ b/config/crd/secrets/maxmind_secret.yaml
@@ -0,0 +1,11 @@
+# https://kubernetes.io/docs/concepts/configuration/secret/
+apiVersion: v1
+kind: Secret
+metadata:
+  name: maxmind-secret
+  namespace: edgenet-system
+type: Opaque
+data:
+  # Specify the maxmind accountid and the access token here in base64 encoding to enable nodelabeller.
+  maxmind_accountid: ""
+  maxmind_token: ""
diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
index e319273..8d6e8b6 100644
--- a/config/manager/manager.yaml
+++ b/config/manager/manager.yaml
@@ -76,6 +76,11 @@ spec:
         - --disabled-reconcilers=""
         image: controller
         name: manager
+        volumeMounts:
+        # Try to mount the secret where it is filled in the secrets/maxmind_secret.yaml
+        # The controller trys to read from the 1. args, 2. environment variables, 3. the secrets in this path.
+        - mountPath: "/var/run/secrets/edge-net.io/maxmind-secret"
+          name: "maxmind-secret"
         securityContext:
           allowPrivilegeEscalation: false
           capabilities: