diff --git a/dmz/internalproxy/templates/authentik.yaml b/dmz/internalproxy/templates/authentik.yaml
index c19d34e..498ac89 100644
--- a/dmz/internalproxy/templates/authentik.yaml
+++ b/dmz/internalproxy/templates/authentik.yaml
@@ -1,45 +1,40 @@
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: authentik-ingress
-spec:
-  entryPoints:
-    - websecure
-  routes:
-  - match: Host(`test.durp.info`) && PathPrefix(`/`) 
-    kind: Rule
-    services:
-    - name: authentik-server
-      port: 443
-  services:
-    authentik-server:
-      loadBalancer:
-        servers:
-        - url: https://google.com
-  tls:
-    secretName: authentik-tls
-
----
-
+#apiVersion: traefik.io/v1alpha1
+#kind: IngressRoute
+#metadata:
+#  name: authentik-ingress
+#spec:
+#  entryPoints:
+#    - websecure
+#  routes:
+#  - match: Host(`test.durp.info`) && PathPrefix(`/`) 
+#    kind: Rule
+#    services:
+#    - name: authentik-server
+#      port: 443
+#  tls:
+#    secretName: authentik-tls
+#
+#---
+#
 #apiVersion: v1
 #kind: Service
 #metadata:
 #  name: authentik-server
 #spec:
 #  type: ExternalName
-#  externalName: google.com
-
----
-
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: authentik-tls
-spec:
-  issuerRef:
-    name: vault-issuer
-    kind: ClusterIssuer
-  secretName: authentik-tls
-  commonName: "test.durp.info"
-  dnsNames:
-  - "test.durp.info"
+#  externalName: authentik.durp.info
+#
+#---
+#
+#apiVersion: cert-manager.io/v1
+#kind: Certificate
+#metadata:
+#  name: authentik-tls
+#spec:
+#  issuerRef:
+#    name: vault-issuer
+#    kind: ClusterIssuer
+#  secretName: authentik-tls
+#  commonName: "test.durp.info"
+#  dnsNames:
+#  - "test.durp.info"
diff --git a/dmz/traefik/templates/config.yaml b/dmz/traefik/templates/config.yaml
new file mode 100644
index 0000000..28b1191
--- /dev/null
+++ b/dmz/traefik/templates/config.yaml
@@ -0,0 +1,22 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: traefik-configmap
+data:
+  traefik.yaml: |
+    http:
+      routers:
+        router0:
+          entryPoints:
+          - web
+          service: service-foo
+          rule: host(`test.durp.info`)
+          tls:
+            cert-resolver: default
+
+      services:
+        service-foo:
+          loadBalancer:
+            servers:
+            - url: https://authentik.infra.durp.info
+            passHostHeader: true
diff --git a/dmz/traefik/values.yaml b/dmz/traefik/values.yaml
index 12fba73..7d40f11 100644
--- a/dmz/traefik/values.yaml
+++ b/dmz/traefik/values.yaml
@@ -11,6 +11,10 @@ traefik:
   deployment:
     replicas: 3
     revisionHistoryLimit: 1
+    additionalVolumes:
+      - name: traefik-configmap
+        mountPath: "/config"
+        type: configMap
   
   ingressRoute:
     dashboard: