diff --git a/dmz/internalproxy/templates/authentik.yaml b/dmz/internalproxy/templates/authentik.yaml
index 498ac89..b1deaeb 100644
--- a/dmz/internalproxy/templates/authentik.yaml
+++ b/dmz/internalproxy/templates/authentik.yaml
@@ -1,40 +1,40 @@
-#apiVersion: traefik.io/v1alpha1
-#kind: IngressRoute
-#metadata:
-#  name: authentik-ingress
-#spec:
-#  entryPoints:
-#    - websecure
-#  routes:
-#  - match: Host(`test.durp.info`) && PathPrefix(`/`) 
-#    kind: Rule
-#    services:
-#    - name: authentik-server
-#      port: 443
-#  tls:
-#    secretName: authentik-tls
-#
-#---
-#
-#apiVersion: v1
-#kind: Service
-#metadata:
-#  name: authentik-server
-#spec:
-#  type: ExternalName
-#  externalName: authentik.durp.info
-#
-#---
-#
-#apiVersion: cert-manager.io/v1
-#kind: Certificate
-#metadata:
-#  name: authentik-tls
-#spec:
-#  issuerRef:
-#    name: vault-issuer
-#    kind: ClusterIssuer
-#  secretName: authentik-tls
-#  commonName: "test.durp.info"
-#  dnsNames:
-#  - "test.durp.info"
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: authentik-ingress
+spec:
+  entryPoints:
+    - websecure
+  routes:
+  - match: Host(`test.durp.info`) && PathPrefix(`/`) 
+    kind: Rule
+    services:
+    - name: authentik-server
+      port: 443
+  tls:
+    secretName: authentik-tls
+
+---
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: authentik-server
+spec:
+  type: ExternalName
+  externalName: authentik.durp.info
+
+---
+
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: authentik-tls
+spec:
+  issuerRef:
+    name: letsencrypt-production
+    kind: ClusterIssuer
+  secretName: authentik-tls
+  commonName: "test.durp.info"
+  dnsNames:
+  - "test.durp.info"
diff --git a/dmz/traefik/templates/authentik.yaml b/dmz/traefik/templates/authentik.yaml
deleted file mode 100644
index 9d82551..0000000
--- a/dmz/traefik/templates/authentik.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-#apiVersion: traefik.io/v1alpha1
-#kind: IngressRoute
-#metadata:
-#  name: authentik-ingress
-#spec:
-#  entryPoints:
-#    - websecure
-#  routes:
-#  - match: Host(`test.durp.info`) && PathPrefix(`/`) 
-#    kind: Rule
-#    services:
-#    - name: authentik-server
-#      port: 443
-#  tls:
-#    secretName: authentik-tls
-#
-#---
-#
-#apiVersion: cert-manager.io/v1
-#kind: Certificate
-#metadata:
-#  name: authentik-tls
-#spec:
-#  issuerRef:
-#    name: vault-issuer
-#    kind: ClusterIssuer
-#  secretName: authentik-tls
-#  commonName: "test.durp.info"
-#  dnsNames:
-#  - "test.durp.info"