diff --git a/values/keycloak/README.md b/values/keycloak/README.md
new file mode 100644
index 00000000..4a194ae5
--- /dev/null
+++ b/values/keycloak/README.md
@@ -0,0 +1,8 @@
+# Keycloak export and import
+
+```
+kc.sh -Djgroups.bind.port=7801 export --dir /tmp/backup --realm oceanbox --users same_file
+kubectl cp -n keycloak oceanbox-realm.json prod-keycloak-0:/tmp/backup/oceanbox-realm.json
+kubectl cp -n keycloak oceanbox-users-0.json prod-keycloak-0:/tmp/backup/oceanbox-users-0.json
+kc.sh -Djgroups.bind.port=7801 import --dir /tmp/backup
+```
diff --git a/values/keycloak/values-prod.yaml b/values/keycloak/values-prod.yaml
index 5da042e9..1661b992 100644
--- a/values/keycloak/values-prod.yaml
+++ b/values/keycloak/values-prod.yaml
@@ -37,7 +37,6 @@ ingress:
     nginx.ingress.kubernetes.io/backend-protocol: HTTP
     nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
     nginx.ingress.kubernetes.io/ssl-redirect: "true"
-    nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
   enabled: true
   hostname: auth.svc.oceanbox.io
   ingressClassName: nginx
@@ -111,11 +110,3 @@ extraDeploy:
     backup:
       retentionPolicy: 60d
       target: prefer-standby
-
-sidecars:
-- name: import-export
-  image: docker.io/bitnami/keycloak:26.0.2-debian-12-r0
-  imagePullPolicy: Always
-  command:
-  - /usr/bin/sleep
-  - 365d
diff --git a/values/keycloak/values.yaml b/values/keycloak/values.yaml
index 70b44899..0d016a86 100644
--- a/values/keycloak/values.yaml
+++ b/values/keycloak/values.yaml
@@ -72,11 +72,3 @@ initContainers: |
     volumeMounts:
       - name: theme
         mountPath: /keycloak/themes/oceanbox
-
-sidecars:
-- name: import-export
-  image: docker.io/bitnami/keycloak:26.0.2-debian-12-r0
-  imagePullPolicy: Always
-  command:
-  - /usr/bin/sleep
-  - 365d