diff --git a/stages/delivery/helmfile.yaml b/stages/delivery/helmfile.yaml
index 6810034..6080032 100644
--- a/stages/delivery/helmfile.yaml
+++ b/stages/delivery/helmfile.yaml
@@ -10,11 +10,9 @@ releases:
     version: 7.7.21
     values:
       - ./values/argocd.values.yaml.gotmpl
-    installed: false
   - name: forgejo
     namespace: forgejo
     chart: oci://code.forgejo.org/forgejo-helm/forgejo
     version: 11.0.3
     values:
       - ./values/forgejo.values.yaml.gotmpl
-    installed: false
diff --git a/stages/delivery/values/argocd.values.yaml.gotmpl b/stages/delivery/values/argocd.values.yaml.gotmpl
index af041ab..32bbe03 100644
--- a/stages/delivery/values/argocd.values.yaml.gotmpl
+++ b/stages/delivery/values/argocd.values.yaml.gotmpl
@@ -1,13 +1,14 @@
 global:
   domain: argo.kropcloud.net
 
-secret:
-  extra:
-    dex.kropcloud-idp.clientSecret: {{ readFile "../.envs/.argocd-oidc-secret" }}
-
 configs:
+  secret:
+    extra:
+      dex.kropcloud-idp.clientSecret: {{ readFile "../.envs/.argocd-oidc-secret" }}
+
   params:
     server.insecure: true
+
   cm:
     dex.config: |
       connectors:
@@ -17,7 +18,7 @@ configs:
         config:
           issuer: https://idp.kropcloud.net/application/o/argocd/
           clientID: R6KnCiwgsevzTkWhB9dopV80sHxL8kS4QjVlMmqI
-          clientSecret: $oidc.kropcloud-idp.clientSecret
+          clientSecret: $dex.kropcloud-idp.clientSecret
         insecureEnableGroups: true
         scopes:
           - openid
diff --git a/stages/delivery/values/forgejo.values.yaml.gotmpl b/stages/delivery/values/forgejo.values.yaml.gotmpl
index d666620..4ee271b 100644
--- a/stages/delivery/values/forgejo.values.yaml.gotmpl
+++ b/stages/delivery/values/forgejo.values.yaml.gotmpl
@@ -38,7 +38,7 @@ gitea:
       REPO_INDEXER_ENABLED: true
     mailer:
       ENABLED: true
-      FROM: no-reply@kropcloud.net
+      FROM: Forgejo <no-reply@kropcloud.net>
       PROTOCOL: smtps
       SMTP_ADDR: smtp.seznam.cz
       SMTP_PORT: 465
@@ -56,6 +56,7 @@ ingress:
   annotations:
     nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
     nginx.ingress.kubernetes.io/baWckend-protocol: "HTTP"
+    nginx.ingress.kubernetes.io/proxy-body-size: "0"
     cert-manager.io/cluster-issuer: cloudflare-issuer
   tls:
     - hosts:
diff --git a/stages/identity/values/authentik.values.yaml.gotmpl b/stages/identity/values/authentik.values.yaml.gotmpl
index 7a26b11..3cf23e9 100644
--- a/stages/identity/values/authentik.values.yaml.gotmpl
+++ b/stages/identity/values/authentik.values.yaml.gotmpl
@@ -12,7 +12,7 @@ authentik:
     host: smtp.seznam.cz
     port: 465
     use_ssl: true
-    from: no-reply@kropcloud.net
+    from: KropCloud IDP <no-reply@kropcloud.net>
     username: no-reply@kropcloud.net
     password: {{ readFile "../../.common/.noreply-email-password" }}