diff --git a/keycloak/application.yaml b/keycloak/application.yaml
index b8efcbd4..48a98867 100644
--- a/keycloak/application.yaml
+++ b/keycloak/application.yaml
@@ -7,53 +7,15 @@ spec:
   project: atlantis
   destination:
     server: https://kubernetes.default.svc
-    namespace: atlantis
-  source:
-    repoURL: https://charts.bitnami.com/bitnami
+    namespace: idp
+  sources:
+  - repoURL: https://charts.bitnami.com/bitnami
     targetRevision: 18.3.3
     chart: keycloak
     helm:
-      values: |
-        auth:
-          adminPassword: en to tre fire
-          adminUser: admin
-          existingSecret: ""
-          managementPassword: ""
-          managementUser: manager
-        extraVolumeMounts:
-        - mountPath: /opt/bitnami/keycloak/themes/oceanbox
-          name: theme
-        extraVolumes:
-        - emptyDir: {}
-          name: theme
-        ingress:
-          annotations:
-            cert-manager.io/cluster-issuer: letsencrypt-production
-            nginx.ingress.kubernetes.io/enable-cors: "true"
-            nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
-            nginx.ingress.kubernetes.io/ssl-redirect: "true"
-          enabled: true
-          extraHosts: []
-          extraPaths: []
-          hostname: auth.oceanbox.io
-          ingressClassName: nginx
-          path: /
-          pathType: ImplementationSpecific
-          selfSigned: false
-          servicePort: http
-          tls: true
-        initContainers: |
-          - name: keycloak-theme-provider
-            image: docker.io/juselius/oceanbox-theme:1.0
-            imagePullPolicy: IfNotPresent
-            command:
-              - sh
-            args:
-              - -c
-              - |
-                echo "Copying theme..."
-                cp -R /theme/* /keycloak/themes/oceanbox
-            volumeMounts:
-              - name: theme
-                mountPath: /keycloak/themes/oceanbox
+      valueFiles:
+        - $values/keycloak/values.yaml
+  - repoURL: https://gitlab.com/oceanbox/manifests.git
+    targetRevision: HEAD
+    ref: values
 
diff --git a/keycloak/values.yaml b/keycloak/values.yaml
new file mode 100644
index 00000000..e7b5f109
--- /dev/null
+++ b/keycloak/values.yaml
@@ -0,0 +1,42 @@
+auth:
+  adminPassword: en to tre fire
+  adminUser: admin
+  existingSecret: ""
+  managementPassword: ""
+  managementUser: manager
+extraVolumeMounts:
+- mountPath: /opt/bitnami/keycloak/themes/oceanbox
+  name: theme
+extraVolumes:
+- emptyDir: {}
+  name: theme
+ingress:
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-production
+    nginx.ingress.kubernetes.io/enable-cors: "true"
+    nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+  enabled: true
+  extraHosts: []
+  extraPaths: []
+  hostname: auth.srv.oceanbox.io
+  ingressClassName: nginx
+  path: /
+  pathType: ImplementationSpecific
+  selfSigned: false
+  servicePort: http
+  tls: true
+initContainers: |
+  - name: keycloak-theme-provider
+    image: docker.io/juselius/oceanbox-theme:1.0
+    imagePullPolicy: IfNotPresent
+    command:
+      - sh
+    args:
+      - -c
+      - |
+        echo "Copying theme..."
+        cp -R /theme/* /keycloak/themes/oceanbox
+    volumeMounts:
+      - name: theme
+        mountPath: /keycloak/themes/oceanbox