diff --git a/app-files/apps.yaml b/app-files/apps.yaml
index c614c0e..3b7ab59 100644
--- a/app-files/apps.yaml
+++ b/app-files/apps.yaml
@@ -29,7 +29,7 @@ spec:
   sources:
     - chart: woodpecker
       repoURL: oci://ghcr.io/woodpecker-ci/helm
-      targetRevision: 2.0.3
+      targetRevision: 2.0.2
       helm:
         releaseName: woodpecker
         valueFiles:
diff --git a/traefik-certmanager/base/kustomization.yaml b/traefik-certmanager/base/kustomization.yaml
deleted file mode 100644
index df9d748..0000000
--- a/traefik-certmanager/base/kustomization.yaml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-  - traefik-certmanager.yaml
diff --git a/traefik-certmanager/base/traefik-certmanager.yaml b/traefik-certmanager/base/traefik-certmanager.yaml
deleted file mode 100644
index 2eade77..0000000
--- a/traefik-certmanager/base/traefik-certmanager.yaml
+++ /dev/null
@@ -1,66 +0,0 @@
-# from https://github.com/ncsa/traefik-certmanager
-#
-# Used to automatically create cert request for IngressRoute Objects
-#
-# Added by Aaron
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: traefik-certmanager
-  namespace: traefik
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: traefik-certmanager
-rules:
-- apiGroups: ["traefik.io"]
-  resources: ["ingressroutes"]
-  verbs: ["watch", "patch"]
-- apiGroups: ["cert-manager.io"]
-  resources: ["certificates"]
-  verbs: ["get", "create", "delete"]
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
-  name: traefik-certmanager
-subjects:
-- kind: ServiceAccount
-  name: traefik-certmanager
-  namespace: traefik
-roleRef:
-  kind: ClusterRole
-  name: traefik-certmanager
-  apiGroup: rbac.authorization.k8s.io
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: traefik-certmanager
-  namespace: traefik
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: traefik-certmanager
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: traefik-certmanager
-    spec:
-      serviceAccount: traefik-certmanager
-      containers:
-      - name: traefik-certmanager
-        image: git.ar21.de/yolokube/traefik-certmanager:latest
-        imagePullPolicy: Always
-        env:
-        - name: ISSUER_NAME
-          value: letsencrypt-prod
-        - name: ISSUER_KIND
-          value: ClusterIssuer
-        - name: CERT_CLEANUP
-          value: "true"
-        - name: PATCH_SECRETNAME
-          value: "true"
diff --git a/traefik-certmanager/overlay/kustomization.yaml b/traefik-certmanager/overlay/kustomization.yaml
deleted file mode 100644
index 359b287..0000000
--- a/traefik-certmanager/overlay/kustomization.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-resources:
-- ../base
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-images:
-- name: git.ar21.de/yolokube/traefik-certmanager
-  newName: git.ar21.de/yolokube/traefik-certmanager
-  newTag: "1"
diff --git a/traefik/dashboard-cert.yaml b/traefik/dashboard-cert.yaml
new file mode 100644
index 0000000..b567b03
--- /dev/null
+++ b/traefik/dashboard-cert.yaml
@@ -0,0 +1,13 @@
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: traefik-cert
+  namespace: traefik
+spec:
+  secretName: traefik-tls-key
+  issuerRef:
+    name: letsencrypt-prod
+    kind: ClusterIssuer
+  dnsNames:
+    - traefik.services.yolokube.de
diff --git a/woodpecker/grpc-ingress/ingress.yaml b/woodpecker/grpc-ingress/ingress.yaml
index 0573e30..1fcc5a3 100644
--- a/woodpecker/grpc-ingress/ingress.yaml
+++ b/woodpecker/grpc-ingress/ingress.yaml
@@ -16,20 +16,28 @@ spec:
       port: 9000
       targetPort: grpc
 ---
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
+apiVersion: networking.k8s.io/v1
+kind: Ingress
 metadata:
-  namespace: woodpecker
+  annotations:
+    kubernetes.io/tls-acme: "true"
+    traefik.ingress.kubernetes.io/loadbalancer.server.scheme: h2c
+    traefik.ingress.kubernetes.io/service.serversscheme: h2c
   name: woodpecker-grpc
+  namespace: woodpecker
 spec:
-  entryPoints:
-    - websecure
-  routes:
-    - kind: Rule
-      match: Host(`woodpecker-grpc.apps.yolokube.de`) && Header(`Content-Type`, `application/grpc`)
-      services:
-        - name: woodpecker-grpc
-          port: grpc
-          scheme: h2c
+  rules:
+    - host: "woodpecker-grpc.apps.yolokube.de"
+      http:
+        paths:
+          - pathType: Prefix
+            path: "/"
+            backend:
+              service:
+                name: woodpecker-grpc
+                port:
+                  name: grpc
   tls:
-    secretName: woodpecker-grpc-tls-key
+    - hosts:
+        - woodpecker-grpc.apps.yolokube.de
+      secretName: woodpecker-grpc-tls-key