diff --git a/infra/argocd/templates/authentik.yaml b/infra/argocd/templates/authentik.yaml
new file mode 100644
index 0000000..16ff58a
--- /dev/null
+++ b/infra/argocd/templates/authentik.yaml
@@ -0,0 +1,21 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: authentik
+  namespace: argocd
+spec:
+  project: default
+  source:
+    repoURL: https://gitlab.com/developerdurp/homelab.git
+    targetRevision: main
+    path: infra/authentik
+  destination:
+    namespace: authentik
+    name: in-cluster
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true  
+    syncOptions:
+      - CreateNamespace=true 
+
diff --git a/infra/authentik/templates/ingress.yaml b/infra/authentik/templates/ingress.yaml
index ac10303..2e17729 100644
--- a/infra/authentik/templates/ingress.yaml
+++ b/infra/authentik/templates/ingress.yaml
@@ -1,42 +1,42 @@
-apiVersion: traefik.containo.us/v1alpha1
-kind: IngressRoute
-metadata:
-  name: authentik-ingress
-spec:
-  entryPoints:
-    - websecure
-  routes:
-  - match: Host(`authentik.durp.info`) && PathPrefix(`/`) 
-    kind: Rule
-    services:
-    - name: authentik-server
-      port: 80
-  tls:
-    secretName: authentik-tls
-
----
-
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: authentik-tls
-spec:
-  secretName: authentik-tls
-  issuerRef:
-    name: letsencrypt-production
-    kind: ClusterIssuer
-  commonName: "authentik.durp.info"
-  dnsNames:
-  - "authentik.durp.info" 
-
----
-
-kind: Service
-apiVersion: v1
-metadata:
-  name: authentik-external-dns
-  annotations:
-    external-dns.alpha.kubernetes.io/hostname: authentik.durp.info
-spec:
-  type: ExternalName
-  externalName: durp.info
+#apiVersion: traefik.containo.us/v1alpha1
+#kind: IngressRoute
+#metadata:
+#  name: authentik-ingress
+#spec:
+#  entryPoints:
+#    - websecure
+#  routes:
+#  - match: Host(`authentik.durp.info`) && PathPrefix(`/`) 
+#    kind: Rule
+#    services:
+#    - name: authentik-server
+#      port: 80
+#  tls:
+#    secretName: authentik-tls
+#
+#---
+#
+#apiVersion: cert-manager.io/v1
+#kind: Certificate
+#metadata:
+#  name: authentik-tls
+#spec:
+#  secretName: authentik-tls
+#  issuerRef:
+#    name: letsencrypt-production
+#    kind: ClusterIssuer
+#  commonName: "authentik.durp.info"
+#  dnsNames:
+#  - "authentik.durp.info" 
+#
+#---
+#
+#kind: Service
+#apiVersion: v1
+#metadata:
+#  name: authentik-external-dns
+#  annotations:
+#    external-dns.alpha.kubernetes.io/hostname: authentik.durp.info
+#spec:
+#  type: ExternalName
+#  externalName: durp.info
diff --git a/infra/authentik/templates/secrets.yaml b/infra/authentik/templates/secrets.yaml
index 07b7747..53585a3 100644
--- a/infra/authentik/templates/secrets.yaml
+++ b/infra/authentik/templates/secrets.yaml
@@ -11,18 +11,18 @@ spec:
   data:
   - secretKey: dbpass
     remoteRef:
-      key: secrets/authentik/database
+      key: kv/authentik/database
       property: dbpass
   - secretKey: secretkey
     remoteRef:
-      key: secrets/authentik/database
+      key: kv/authentik/database
       property: secretkey     
   - secretKey: postgresql-postgres-password 
     remoteRef:
-      key: secrets/authentik/database
+      key: kv/authentik/database
       property: dbpass
   - secretKey: postgresql-password 
     remoteRef:
-      key: secrets/authentik/database
+      key: kv/authentik/database
       property: dbpass