diff --git a/internalproxy/templates/duplicati-ingress.yaml b/internalproxy/templates/duplicati-ingress.yaml
index d885614..0531f79 100644
--- a/internalproxy/templates/duplicati-ingress.yaml
+++ b/internalproxy/templates/duplicati-ingress.yaml
@@ -25,49 +25,7 @@ subsets:
     port: 8200
     protocol: TCP
 
-#---    
-#
-#apiVersion: networking.k8s.io/v1
-#kind: Ingress
-#metadata:
-#  name: duplicati-ingress
-#  annotations:
-#    kubernetes.io/ingress.class: nginx
-#    cert-manager.io/cluster-issuer: letsencrypt-production 
-#    nginx.ingress.kubernetes.io/whitelist-source-range: "192.168.0.0/16"
-#    nginx.ingress.kubernetes.io/auth-url: |-
-#        http://ak-outpost-authentik-embedded-outpost.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/nginx
-#    nginx.ingress.kubernetes.io/auth-signin: |-
-#        https://duplicati.internal.durp.info/outpost.goauthentik.io/start?rd=$escaped_request_uri
-#    nginx.ingress.kubernetes.io/auth-response-headers: |-
-#        Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid
-#    nginx.ingress.kubernetes.io/auth-snippet: |
-#        proxy_set_header X-Forwarded-Host $http_host;
-#spec:
-#  rules:
-#  - host: duplicati.internal.durp.info
-#    http:
-#      paths:
-#      - path: /
-#        pathType: Prefix
-#        backend:
-#          service:
-#            name: duplicati
-#            port: 
-#              number: 8200         
-#      - path: /outpost.goauthentik.io
-#        pathType: Prefix
-#        backend:
-#          service:
-#            name: ak-outpost-authentik-embedded-outpost
-#            port: 
-#              number: 9000
-#  tls:
-#    - hosts: 
-#      - duplicati.internal.durp.info
-#      secretName: duplicati-tls
-
----
+---    
 
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
@@ -75,8 +33,6 @@ metadata:
   name: duplicati-ingress
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-production
-    #traefik.ingress.kubernetes.io/router.middlewares: default-auth@duplicati,auth-redirect@duplicati
-    #traefik.ingress.kubernetes.io/auth-type: forward
 spec:
   entryPoints:
     - websecure
@@ -97,29 +53,6 @@ spec:
   tls:
     secretName: duplicati-tls
 
----
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
-    name: authentik
-    namespace: traefik
-spec:
-  forwardAuth:
-    address: http://ak-outpost-authentik-embedded-outpost.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik
-    trustForwardHeader: true
-    authResponseHeaders:
-      - X-authentik-username
-      - X-authentik-groups
-      - X-authentik-email
-      - X-authentik-name
-      - X-authentik-uid
-      - X-authentik-jwt
-      - X-authentik-meta-jwks
-      - X-authentik-meta-outpost
-      - X-authentik-meta-provider
-      - X-authentik-meta-app
-      - X-authentik-meta-version
-
 ---
 
 kind: Service
diff --git a/traefik/templates/middlewares.yaml b/traefik/templates/middlewares.yaml
new file mode 100644
index 0000000..a7ff92c
--- /dev/null
+++ b/traefik/templates/middlewares.yaml
@@ -0,0 +1,21 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+    name: authentik
+    namespace: traefik
+spec:
+  forwardAuth:
+    address: http://ak-outpost-authentik-embedded-outpost.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik
+    trustForwardHeader: true
+    authResponseHeaders:
+      - X-authentik-username
+      - X-authentik-groups
+      - X-authentik-email
+      - X-authentik-name
+      - X-authentik-uid
+      - X-authentik-jwt
+      - X-authentik-meta-jwks
+      - X-authentik-meta-outpost
+      - X-authentik-meta-provider
+      - X-authentik-meta-app
+      - X-authentik-meta-version
\ No newline at end of file