diff --git a/values/dex/env-hel1.yaml.gotmpl b/values/dex/env-hel1.yaml.gotmpl
index 822821bb..beb39531 100644
--- a/values/dex/env-hel1.yaml.gotmpl
+++ b/values/dex/env-hel1.yaml.gotmpl
@@ -1,2 +1,2 @@
 dex:
-  enabled: true
+  enabled: false
diff --git a/values/dex/env-oceanbox.yaml.gotmpl b/values/dex/env-oceanbox.yaml.gotmpl
new file mode 100644
index 00000000..822821bb
--- /dev/null
+++ b/values/dex/env-oceanbox.yaml.gotmpl
@@ -0,0 +1,2 @@
+dex:
+  enabled: true
diff --git a/values/dex/values/values.yaml b/values/dex/values/values.yaml
index 2d290809..f8db519b 100644
--- a/values/dex/values/values.yaml
+++ b/values/dex/values/values.yaml
@@ -1,7 +1,7 @@
 replicaCount: 2
 
 config:
-  issuer: https://auth.adm.hel1.obx
+  issuer: https://auth.adm.oceanbox.io
   storage:
     type: postgres
     config:
@@ -30,7 +30,7 @@ config:
     config:
       clientID: "43667ac0-37e1-422f-99fc-50a699bb255c"
       clientSecret: $MICROSOFT_CLIENT_SECRET
-      redirectURI: https://auth.adm.hel1.obx/callback
+      redirectURI: https://auth.adm.oceanbox.io/callback
 
   staticClients:
   - id: dex
@@ -144,18 +144,18 @@ ingress:
   enabled: true
   className: nginx
   annotations:
-    cert-manager.io/cluster-issuer: ca-issuer
+    cert-manager.io/cluster-issuer: letsencrypt-production
     nginx.ingress.kubernetes.io/ssl-redirect: "true"
     nginx.ingress.kubernetes.io/backend-protocol: HTTP
   hosts:
-  - host: auth.adm.hel1.obx
+  - host: auth.adm.oceanbox.io
     paths:
     - path: /
       pathType: ImplementationSpecific
   tls:
-  - secretName: auth.adm.hel1.obx-tls
+  - secretName: auth.adm.oceanbox.io-tls
     hosts:
-    - auth.adm.hel1.obx
+    - auth.adm.oceanbox.io
 
 resources:
   limits: