diff --git a/frigate/frigate.yaml b/frigate/frigate.yaml
index 91249d4..4d14535 100644
--- a/frigate/frigate.yaml
+++ b/frigate/frigate.yaml
@@ -17,7 +17,7 @@ data:
       enabled: true
 
     tls:
-      enabled: false
+      enabled: true
 
     cameras:
       Stairway:
diff --git a/frigate/ingress.yaml b/frigate/ingress.yaml
index 54bc45e..7fe33fe 100644
--- a/frigate/ingress.yaml
+++ b/frigate/ingress.yaml
@@ -5,7 +5,7 @@ metadata:
   namespace: frigate
   annotations:
     kubernetes.io/ingress.class: nginx
-    nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
+    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
     cert-manager.io/cluster-issuer: letsencrypt
 spec:
   rules:
diff --git a/grafana/dashboards/dashboards.yaml b/grafana/dashboards.yaml
similarity index 100%
rename from grafana/dashboards/dashboards.yaml
rename to grafana/dashboards.yaml
diff --git a/grafana/dashboards/proxmox-dashboard.yaml b/grafana/proxmox-dashboard.yaml
similarity index 100%
rename from grafana/dashboards/proxmox-dashboard.yaml
rename to grafana/proxmox-dashboard.yaml
diff --git a/home-assistant/home-assistant.yaml b/home-assistant/home-assistant.yaml
index 6c507fc..aef099f 100644
--- a/home-assistant/home-assistant.yaml
+++ b/home-assistant/home-assistant.yaml
@@ -1,4 +1,3 @@
----
 apiVersion: v1
 kind: ConfigMap
 metadata:
@@ -12,6 +11,9 @@ data:
         - 10.0.0.0/8
         - fd00::/8
         - 2001:470:7116:a::/64
+
+    auth_header:
+      username_header: X-authentik-username
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
@@ -41,6 +43,39 @@ spec:
       labels:
         app: home-assistant
     spec:
+      initContainers:
+        - name: copy-config
+          image: busybox:1.36
+          command:
+            - sh
+            - -c
+            - |
+              mkdir -p /config
+              cp /src/configuration.yaml /config/configuration.yaml
+              chmod 0644 /config/configuration.yaml
+          volumeMounts:
+            - name: config
+              mountPath: /config
+            - name: configmap
+              mountPath: /src
+
+        - name: install-auth-header
+          image: alpine:3.20
+          command:
+            - sh
+            - -c
+            - |
+              set -e
+              apk add --no-cache git
+              rm -rf /tmp/hass-auth-header
+              git clone --depth=1 https://github.com/BeryJu/hass-auth-header /tmp/hass-auth-header
+              mkdir -p /config/custom_components
+              rm -rf /config/custom_components/auth_header
+              cp -r /tmp/hass-auth-header/custom_components/auth_header /config/custom_components/
+          volumeMounts:
+            - name: config
+              mountPath: /config
+
       containers:
         - name: home-assistant
           image: ghcr.io/home-assistant/home-assistant:stable
@@ -50,9 +85,6 @@ spec:
           volumeMounts:
             - name: config
               mountPath: /config
-            - name: configmap
-              mountPath: /config/configuration.yaml
-              subPath: configuration.yaml
           env:
             - name: TZ
               value: Europe/Berlin
@@ -62,6 +94,7 @@ spec:
               memory: 512Mi
             limits:
               memory: 1Gi
+
       volumes:
         - name: config
           persistentVolumeClaim:
@@ -88,5 +121,4 @@ spec:
       protocol: TCP
       targetPort: 8123
   sessionAffinity: None
-  type: ClusterIP
----
+  type: ClusterIP
\ No newline at end of file