diff --git a/prototypes/nextcloud/helm/nextcloud.yaml b/prototypes/nextcloud/helm/nextcloud.yaml
index b7c0ae0..541fd75 100644
--- a/prototypes/nextcloud/helm/nextcloud.yaml
+++ b/prototypes/nextcloud/helm/nextcloud.yaml
@@ -32,16 +32,31 @@ nextcloud:
         accessKey: ACCESS_KEY_ID
         secretKey: SECRET_ACCESS_KEY
 
-  configs:
-    proxy.config.php: |-
-      <?php
-      $CONFIG = array(
-        'trusted_proxies' => ['10.0.0.0/8'],
-        'overwriteprotocol' => 'https',
-        'overwritehost' => 'nextcloud.tr1ceracop.de',
-        'overwrite.cli.url' => 'https://nextcloud.tr1ceracop.de',
-        'default_phone_region' => 'DE',
-      );
+  defaultConfigs:
+    .htaccess: false
+    apache-pretty-urls.config.php: false
+    apcu.config.php: false
+    apps.config.php: false
+    autoconfig.php: false
+    redis.config.php: false
+    reverse-proxy.config.php: false
+    s3.config.php: false
+    smtp.config.php: false
+    swift.config.php: false
+    upgrade-disable-web.config.php: false
+    helm-metrics.config.php: false
+
+  extraEnv:
+    - name: TRUSTED_PROXIES
+      value: "10.0.0.0/8"
+    - name: OVERWRITEPROTOCOL
+      value: "https"
+    - name: OVERWRITEHOST
+      value: *hostname
+    - name: OVERWRITECLIURL
+      value: "https://nextcloud.tr1ceracop.de"
+    - name: NC_default_phone_region
+      value: "DE"
 
   phpConfigs:
     uploadLimit.ini: |
diff --git a/rendered/envs/production/nextcloud/configmap-nextcloud-config.yaml b/rendered/envs/production/nextcloud/configmap-nextcloud-config.yaml
deleted file mode 100644
index 0ebc9d5..0000000
--- a/rendered/envs/production/nextcloud/configmap-nextcloud-config.yaml
+++ /dev/null
@@ -1,278 +0,0 @@
-apiVersion: v1
-data:
-  .htaccess: |-
-    # line below if for Apache 2.4
-    <ifModule mod_authz_core.c>
-    Require all denied
-    </ifModule>
-    # line below if for Apache 2.2
-    <ifModule !mod_authz_core.c>
-    deny from all
-    </ifModule>
-    # section for Apache 2.2 and 2.4
-    <ifModule mod_autoindex.c>
-    IndexIgnore *
-    </ifModule>
-  apache-pretty-urls.config.php: |-
-    <?php
-    $CONFIG = array (
-      'htaccess.RewriteBase' => '/',
-    );
-  apcu.config.php: |-
-    <?php
-    $CONFIG = array (
-      'memcache.local' => '\OC\Memcache\APCu',
-    );
-  apps.config.php: |-
-    <?php
-    $CONFIG = array (
-      'apps_paths' => array (
-          0 => array (
-                  'path'     => OC::$SERVERROOT.'/apps',
-                  'url'      => '/apps',
-                  'writable' => false,
-          ),
-          1 => array (
-                  'path'     => OC::$SERVERROOT.'/custom_apps',
-                  'url'      => '/custom_apps',
-                  'writable' => true,
-          ),
-      ),
-    );
-  autoconfig.php: |-
-    <?php
-
-    $autoconfig_enabled = false;
-
-    if (getenv('SQLITE_DATABASE')) {
-        $AUTOCONFIG['dbtype'] = 'sqlite';
-        $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE');
-        $autoconfig_enabled = true;
-    } elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) {
-        $AUTOCONFIG['dbtype'] = 'mysql';
-        $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE')));
-        $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE')));
-        $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE')));
-        $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
-        $autoconfig_enabled = true;
-    } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) {
-        $AUTOCONFIG['dbtype'] = 'mysql';
-        $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE');
-        $AUTOCONFIG['dbuser'] = getenv('MYSQL_USER');
-        $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD');
-        $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST');
-        $autoconfig_enabled = true;
-    } elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) {
-        $AUTOCONFIG['dbtype'] = 'pgsql';
-        $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE')));
-        $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE')));
-        $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE')));
-        $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
-        $autoconfig_enabled = true;
-    } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) {
-        $AUTOCONFIG['dbtype'] = 'pgsql';
-        $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB');
-        $AUTOCONFIG['dbuser'] = getenv('POSTGRES_USER');
-        $AUTOCONFIG['dbpass'] = getenv('POSTGRES_PASSWORD');
-        $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST');
-        $autoconfig_enabled = true;
-    }
-
-    if ($autoconfig_enabled) {
-        $AUTOCONFIG['directory'] = getenv('NEXTCLOUD_DATA_DIR') ?: '/var/www/html/data';
-    }
-  helm-metrics.config.php: |-
-    <?php
-
-    $openmetricsAllowedClients = getenv('OPENMETRICS_ALLOWED_CLIENTS');
-    if ($openmetricsAllowedClients) {
-      $CONFIG['openmetrics_allowed_clients'] = array_filter(array_map('trim', explode(',', $openmetricsAllowedClients)));
-    }
-  proxy.config.php: |-
-    <?php
-    $CONFIG = array(
-      'trusted_proxies' => ['10.0.0.0/8'],
-      'overwriteprotocol' => 'https',
-      'overwritehost' => 'nextcloud.tr1ceracop.de',
-      'overwrite.cli.url' => 'https://nextcloud.tr1ceracop.de',
-      'default_phone_region' => 'DE',
-    );
-  redis.config.php: |-
-    <?php
-    if (getenv('REDIS_HOST')) {
-      $CONFIG = array(
-        'memcache.distributed' => '\OC\Memcache\Redis',
-        'memcache.locking' => '\OC\Memcache\Redis',
-        'redis' => array(
-          'host' => getenv('REDIS_HOST'),
-          'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'),
-        ),
-      );
-
-      if (getenv('REDIS_HOST_PORT') !== false) {
-        $CONFIG['redis']['port'] = (int) getenv('REDIS_HOST_PORT');
-      } elseif (getenv('REDIS_HOST')[0] != '/') {
-        $CONFIG['redis']['port'] = 6379;
-      }
-
-      if (getenv('REDIS_HOST_USER') !== false) {
-        $CONFIG['redis']['user'] = (string) getenv('REDIS_HOST_USER');
-      }
-    }
-  reverse-proxy.config.php: |-
-    <?php
-    $overwriteHost = getenv('OVERWRITEHOST');
-    if ($overwriteHost) {
-      $CONFIG['overwritehost'] = $overwriteHost;
-    }
-
-    $overwriteProtocol = getenv('OVERWRITEPROTOCOL');
-    if ($overwriteProtocol) {
-      $CONFIG['overwriteprotocol'] = $overwriteProtocol;
-    }
-
-    $overwriteCliUrl = getenv('OVERWRITECLIURL');
-    if ($overwriteCliUrl) {
-      $CONFIG['overwrite.cli.url'] = $overwriteCliUrl;
-    }
-
-    $overwriteWebRoot = getenv('OVERWRITEWEBROOT');
-    if ($overwriteWebRoot) {
-      $CONFIG['overwritewebroot'] = $overwriteWebRoot;
-    }
-
-    $overwriteCondAddr = getenv('OVERWRITECONDADDR');
-    if ($overwriteCondAddr) {
-      $CONFIG['overwritecondaddr'] = $overwriteCondAddr;
-    }
-
-    $trustedProxies = getenv('TRUSTED_PROXIES');
-    if ($trustedProxies) {
-      $CONFIG['trusted_proxies'] = array_filter(array_map('trim', explode(' ', $trustedProxies)));
-    }
-
-    $forwardedForHeaders = getenv('FORWARDED_FOR_HEADERS');
-    if ($forwardedForHeaders) {
-      $CONFIG['forwarded_for_headers'] = array_filter(array_map('trim', explode(' ', $forwardedForHeaders)));
-    }
-  s3.config.php: |-
-    <?php
-    if (getenv('OBJECTSTORE_S3_BUCKET')) {
-      $use_ssl = getenv('OBJECTSTORE_S3_SSL');
-      $use_path = getenv('OBJECTSTORE_S3_USEPATH_STYLE');
-      $use_legacyauth = getenv('OBJECTSTORE_S3_LEGACYAUTH');
-      $autocreate = getenv('OBJECTSTORE_S3_AUTOCREATE');
-      $CONFIG = array(
-        'objectstore' => array(
-          'class' => '\OC\Files\ObjectStore\S3',
-          'arguments' => array(
-            'bucket' => getenv('OBJECTSTORE_S3_BUCKET'),
-            'region' => getenv('OBJECTSTORE_S3_REGION') ?: '',
-            'hostname' => getenv('OBJECTSTORE_S3_HOST') ?: '',
-            'port' => getenv('OBJECTSTORE_S3_PORT') ?: '',
-            'storageClass' => getenv('OBJECTSTORE_S3_STORAGE_CLASS') ?: '',
-            'objectPrefix' => getenv("OBJECTSTORE_S3_OBJECT_PREFIX") ? getenv("OBJECTSTORE_S3_OBJECT_PREFIX") : "urn:oid:",
-            'autocreate' => strtolower($autocreate) !== 'false',
-            'use_ssl' => strtolower($use_ssl) !== 'false',
-            // required for some non Amazon S3 implementations
-            'use_path_style' => $use_path == true && strtolower($use_path) !== 'false',
-            // required for older protocol versions
-            'legacy_auth' => $use_legacyauth == true && strtolower($use_legacyauth) !== 'false'
-          )
-        )
-      );
-
-      if (getenv('OBJECTSTORE_S3_KEY_FILE')) {
-        $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE')));
-      } elseif (getenv('OBJECTSTORE_S3_KEY')) {
-        $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY');
-      } else {
-        $CONFIG['objectstore']['arguments']['key'] = '';
-      }
-
-      if (getenv('OBJECTSTORE_S3_SECRET_FILE')) {
-        $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE')));
-      } elseif (getenv('OBJECTSTORE_S3_SECRET')) {
-        $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET');
-      } else {
-        $CONFIG['objectstore']['arguments']['secret'] = '';
-      }
-
-      if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) {
-        $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')));
-      } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) {
-        $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY');
-      }
-    }
-  smtp.config.php: |-
-    <?php
-    if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) {
-      $CONFIG = array (
-        'mail_smtpmode' => 'smtp',
-        'mail_smtphost' => getenv('SMTP_HOST'),
-        'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25),
-        'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '',
-        'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')),
-        'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN',
-        'mail_smtpname' => getenv('SMTP_NAME') ?: '',
-        'mail_from_address' => getenv('MAIL_FROM_ADDRESS'),
-        'mail_domain' => getenv('MAIL_DOMAIN'),
-      );
-
-      if (getenv('SMTP_PASSWORD_FILE')) {
-          $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE')));
-      } elseif (getenv('SMTP_PASSWORD')) {
-          $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD');
-      } else {
-          $CONFIG['mail_smtppassword'] = '';
-      }
-    }
-  swift.config.php: |-
-    <?php
-    if (getenv('OBJECTSTORE_SWIFT_URL')) {
-        $autocreate = getenv('OBJECTSTORE_SWIFT_AUTOCREATE');
-      $CONFIG = array(
-        'objectstore' => [
-          'class' => 'OC\\Files\\ObjectStore\\Swift',
-          'arguments' => [
-            'autocreate' => $autocreate == true && strtolower($autocreate) !== 'false',
-            'user' => [
-              'name' => getenv('OBJECTSTORE_SWIFT_USER_NAME'),
-              'password' => getenv('OBJECTSTORE_SWIFT_USER_PASSWORD'),
-              'domain' => [
-                'name' => (getenv('OBJECTSTORE_SWIFT_USER_DOMAIN')) ?: 'Default',
-              ],
-            ],
-            'scope' => [
-              'project' => [
-                'name' => getenv('OBJECTSTORE_SWIFT_PROJECT_NAME'),
-                'domain' => [
-                  'name' => (getenv('OBJECTSTORE_SWIFT_PROJECT_DOMAIN')) ?: 'Default',
-                ],
-              ],
-            ],
-            'serviceName' => (getenv('OBJECTSTORE_SWIFT_SERVICE_NAME')) ?: 'swift',
-            'region' => getenv('OBJECTSTORE_SWIFT_REGION'),
-            'url' => getenv('OBJECTSTORE_SWIFT_URL'),
-            'bucket' => getenv('OBJECTSTORE_SWIFT_CONTAINER_NAME'),
-          ]
-        ]
-      );
-    }
-  upgrade-disable-web.config.php: |-
-    <?php
-    $CONFIG = array (
-      'upgrade.disable-web' => true,
-    );
-kind: ConfigMap
-metadata:
-  annotations:
-    a8r.io/repository: ssh://git@git.tr1ceracop.de:222/gitea_admin/k8s-and-chill.git
-  labels:
-    app.kubernetes.io/instance: nextcloud
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/name: nextcloud
-    app.kubernetes.io/version: 33.0.0
-    helm.sh/chart: nextcloud-9.0.4
-  name: nextcloud-config
-  namespace: nextcloud
diff --git a/rendered/envs/production/nextcloud/deployment-nextcloud.yaml b/rendered/envs/production/nextcloud/deployment-nextcloud.yaml
index 3ddfc64..4009e7c 100644
--- a/rendered/envs/production/nextcloud/deployment-nextcloud.yaml
+++ b/rendered/envs/production/nextcloud/deployment-nextcloud.yaml
@@ -25,7 +25,7 @@ spec:
     metadata:
       annotations:
         hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204
-        nextcloud-config-hash: ec89ea6d9676ed525984771aab8f4536c9f4f62736b2c9898e883f5d0a7f90f8
+        nextcloud-config-hash: 97fd373864ae7c5da0eb066761ee479483364e3957160cacca360fc6a66c03f7
         php-config-hash: b638f66fd8d65de8364dbad6efc59a6524c7b2e2377b5623cf5e921e4d3d2400
       labels:
         app.kubernetes.io/component: app
@@ -101,6 +101,16 @@ spec:
                   name: nextcloud-s3-credentials
             - name: OBJECTSTORE_S3_SSE_C_KEY
               value: ""
+            - name: TRUSTED_PROXIES
+              value: 10.0.0.0/8
+            - name: OVERWRITEPROTOCOL
+              value: https
+            - name: OVERWRITEHOST
+              value: nextcloud.tr1ceracop.de
+            - name: OVERWRITECLIURL
+              value: https://nextcloud.tr1ceracop.de
+            - name: NC_default_phone_region
+              value: DE
           image: docker.io/library/nextcloud:33.0.0-fpm-alpine
           imagePullPolicy: IfNotPresent
           livenessProbe:
@@ -160,45 +170,6 @@ spec:
             - mountPath: /var/www/html/themes
               name: nextcloud-main
               subPath: themes
-            - mountPath: /var/www/html/config/proxy.config.php
-              name: nextcloud-config
-              subPath: proxy.config.php
-            - mountPath: /var/www/html/config/.htaccess
-              name: nextcloud-config
-              subPath: .htaccess
-            - mountPath: /var/www/html/config/apache-pretty-urls.config.php
-              name: nextcloud-config
-              subPath: apache-pretty-urls.config.php
-            - mountPath: /var/www/html/config/apcu.config.php
-              name: nextcloud-config
-              subPath: apcu.config.php
-            - mountPath: /var/www/html/config/apps.config.php
-              name: nextcloud-config
-              subPath: apps.config.php
-            - mountPath: /var/www/html/config/autoconfig.php
-              name: nextcloud-config
-              subPath: autoconfig.php
-            - mountPath: /var/www/html/config/helm-metrics.config.php
-              name: nextcloud-config
-              subPath: helm-metrics.config.php
-            - mountPath: /var/www/html/config/redis.config.php
-              name: nextcloud-config
-              subPath: redis.config.php
-            - mountPath: /var/www/html/config/reverse-proxy.config.php
-              name: nextcloud-config
-              subPath: reverse-proxy.config.php
-            - mountPath: /var/www/html/config/s3.config.php
-              name: nextcloud-config
-              subPath: s3.config.php
-            - mountPath: /var/www/html/config/smtp.config.php
-              name: nextcloud-config
-              subPath: smtp.config.php
-            - mountPath: /var/www/html/config/swift.config.php
-              name: nextcloud-config
-              subPath: swift.config.php
-            - mountPath: /var/www/html/config/upgrade-disable-web.config.php
-              name: nextcloud-config
-              subPath: upgrade-disable-web.config.php
             - mountPath: /usr/local/etc/php/conf.d/opcache.ini
               name: nextcloud-phpconfig
               subPath: opcache.ini
@@ -275,6 +246,16 @@ spec:
                   name: nextcloud-s3-credentials
             - name: OBJECTSTORE_S3_SSE_C_KEY
               value: ""
+            - name: TRUSTED_PROXIES
+              value: 10.0.0.0/8
+            - name: OVERWRITEPROTOCOL
+              value: https
+            - name: OVERWRITEHOST
+              value: nextcloud.tr1ceracop.de
+            - name: OVERWRITECLIURL
+              value: https://nextcloud.tr1ceracop.de
+            - name: NC_default_phone_region
+              value: DE
           image: docker.io/library/nextcloud:33.0.0-fpm-alpine
           imagePullPolicy: IfNotPresent
           name: nextcloud-cron
@@ -301,45 +282,6 @@ spec:
             - mountPath: /var/www/html/themes
               name: nextcloud-main
               subPath: themes
-            - mountPath: /var/www/html/config/proxy.config.php
-              name: nextcloud-config
-              subPath: proxy.config.php
-            - mountPath: /var/www/html/config/.htaccess
-              name: nextcloud-config
-              subPath: .htaccess
-            - mountPath: /var/www/html/config/apache-pretty-urls.config.php
-              name: nextcloud-config
-              subPath: apache-pretty-urls.config.php
-            - mountPath: /var/www/html/config/apcu.config.php
-              name: nextcloud-config
-              subPath: apcu.config.php
-            - mountPath: /var/www/html/config/apps.config.php
-              name: nextcloud-config
-              subPath: apps.config.php
-            - mountPath: /var/www/html/config/autoconfig.php
-              name: nextcloud-config
-              subPath: autoconfig.php
-            - mountPath: /var/www/html/config/helm-metrics.config.php
-              name: nextcloud-config
-              subPath: helm-metrics.config.php
-            - mountPath: /var/www/html/config/redis.config.php
-              name: nextcloud-config
-              subPath: redis.config.php
-            - mountPath: /var/www/html/config/reverse-proxy.config.php
-              name: nextcloud-config
-              subPath: reverse-proxy.config.php
-            - mountPath: /var/www/html/config/s3.config.php
-              name: nextcloud-config
-              subPath: s3.config.php
-            - mountPath: /var/www/html/config/smtp.config.php
-              name: nextcloud-config
-              subPath: smtp.config.php
-            - mountPath: /var/www/html/config/swift.config.php
-              name: nextcloud-config
-              subPath: swift.config.php
-            - mountPath: /var/www/html/config/upgrade-disable-web.config.php
-              name: nextcloud-config
-              subPath: upgrade-disable-web.config.php
             - mountPath: /usr/local/etc/php/conf.d/opcache.ini
               name: nextcloud-phpconfig
               subPath: opcache.ini
@@ -408,9 +350,6 @@ spec:
         - name: nextcloud-main
           persistentVolumeClaim:
             claimName: nextcloud-nextcloud
-        - configMap:
-            name: nextcloud-config
-          name: nextcloud-config
         - configMap:
             name: nextcloud-phpconfig
           name: nextcloud-phpconfig