diff --git a/nextcloud/application.yaml b/nextcloud/application.yaml
index 2bf3061..bbb8fb9 100644
--- a/nextcloud/application.yaml
+++ b/nextcloud/application.yaml
@@ -45,7 +45,8 @@ spec:
   displayName: Nextcloud
   uri: https://nextcloud.k-space.ee
   redirectUris:
-    - https://nextcloud.k-space.ee/apps/oidc_login/oidc
+    - https://nextcloud.k-space.ee/apps/user_oidc/code
+    - https://nextcloud.k-space.ee/apps/user_oidc
   allowedGroups:
     - k-space:floor
   grantTypes:
@@ -78,16 +79,33 @@ spec:
     spec:
       enableServiceLinks: false
       initContainers:
+        - name: fix-permissions
+          image: busybox
+          command: ["sh", "-c", "chown -R 1000:1000 /var/www/html/"]
+          securityContext:
+            runAsUser: 0
+          volumeMounts:
+            - mountPath: /var/www/html/
+              name: data
         - name: setup-php-config
-          image: mirror.gcr.io/library/nextcloud:31.0.2@sha256:c418eb78924b446c744eee30587564a8d5ef625ad64369c81936bd1491f589e3
+          image: mirror.gcr.io/library/nextcloud:32.0.2@sha256:8cb1dc8c26944115469dd22f4965d2ed35bab9cf8c48d2bb052c8e9f83821ded
           command: [ "/bin/sh","-c" ]
           args: ["cp -r /usr/local/etc/php/conf.d/. /config/"]
           volumeMounts:
             - mountPath: /config
               name: php-config
+        - name: setup-nextcloud-config
+          image: busybox
+          command: [ "/bin/sh","-c" ]
+          args: ["cp -r /config/. /var/www/html/config/"]
+          volumeMounts:
+            - mountPath: /config
+              name: config       
+            - name: data
+              mountPath: /var/www/html
       containers:
         - name: nextcloud
-          image: mirror.gcr.io/library/nextcloud:31.0.2@sha256:c418eb78924b446c744eee30587564a8d5ef625ad64369c81936bd1491f589e3
+          image: mirror.gcr.io/library/nextcloud:32.0.2@sha256:8cb1dc8c26944115469dd22f4965d2ed35bab9cf8c48d2bb052c8e9f83821ded
           resources:
             limits:
               cpu: 4000m
@@ -95,14 +113,14 @@ spec:
             requests:
               cpu: 400m
               memory: 500Mi
-          readinessProbe:
+          livenessProbe:
             exec:
               command:
                 - /usr/local/bin/php
                 - /var/www/html/cron.php
-            initialDelaySeconds: 1
+            initialDelaySeconds: 300
             periodSeconds: 300
-            timeoutSeconds: 30
+            timeoutSeconds: 300
           env:
             - name: OIDC_CLIENT_ID
               valueFrom:
@@ -127,13 +145,13 @@ spec:
             - name: UPLOAD_LIMIT
               value: 10G
             - name: MYSQL_USER
-              value: kspace_nextcloud
+              value: nextcloud
             - name: MYSQL_DATABASE
-              value: kspace_nextcloud
+              value: nextcloud
             - name: MYSQL_HOST
-              value: mariadb.infra.k-space.ee
+              value: mariadb
             - name: NEXTCLOUD_ADMIN_USER
-              value: admin
+              value: k6_admin
             - name: NEXTCLOUD_TRUSTED_DOMAINS
               value: nextcloud.k-space.ee nextcloud # This is for reference - these values are not actually changed by env after installation.
             - name: OBJECTSTORE_S3_HOST
@@ -173,7 +191,7 @@ spec:
             - name: MYSQL_PASSWORD
               valueFrom:
                 secretKeyRef:
-                  name: nextcloud-imported-secrets
+                  name: mariadb-secrets
                   key: MYSQL_PASSWORD
             - name: OBJECTSTORE_S3_SECRET
               valueFrom:
@@ -186,12 +204,6 @@ spec:
           volumeMounts:
             - mountPath: /var/www/html
               name: data
-            - mountPath: /var/www/html/config/oidc.config.php
-              name: config
-              subPath: oidc.config.php
-            - mountPath: /var/www/html/config/override.config.php
-              name: config
-              subPath: override.config.php
             - name: php-config
               mountPath: /usr/local/etc/php/conf.d/
           securityContext:
@@ -279,12 +291,6 @@ kind: ConfigMap
 metadata:
   name: nextcloud-config
 data:
-  override.config.php: |-
-    <?php
-    $CONFIG = array (
-        'skeletondirectory' => '',
-        'default_phone_region' => 'EE',
-    );
   oidc.config.php: |-
     <?php
     $CONFIG = array (
diff --git a/nextcloud/mariadb.yml b/nextcloud/mariadb.yml
new file mode 100644
index 0000000..e273338
--- /dev/null
+++ b/nextcloud/mariadb.yml
@@ -0,0 +1,99 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: mariadb
+spec:
+  revisionHistoryLimit: 0
+  serviceName: mariadb
+  selector:
+    matchLabels:
+      app: mariadb
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: mariadb
+      annotations:
+        prometheus.io/port: '9104'
+        prometheus.io/scrape: 'true'
+    spec:
+      containers:
+      - name: exporter
+        image: mirror.gcr.io/prom/mysqld-exporter:latest
+        args: 
+        - --mysqld.username
+        - exporter
+      - name: mariadb
+        image: mirror.gcr.io/library/mariadb:12.1
+        imagePullPolicy: Always
+        env:
+        - name: MYSQL_ROOT_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: mariadb-secrets
+              key: MYSQL_ROOT_PASSWORD
+        - name: MYSQL_USER
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        - name: MYSQL_DATABASE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        - name: MYSQL_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: mariadb-secrets
+              key: MYSQL_PASSWORD
+        volumeMounts:
+        - name: mariadb-data
+          mountPath: /var/lib/mysql
+        - name: mariadb-init
+          mountPath: /docker-entrypoint-initdb.d
+      volumes:
+        - name: mariadb-init
+          configMap:
+            name: mariadb-init-config
+  volumeClaimTemplates:
+  - metadata:
+      name: mariadb-data
+    spec:
+      storageClassName: ceph-rbd
+      accessModes:
+        - ReadWriteOnce
+      resources:
+        requests:
+          storage: 2Gi
+---
+apiVersion: codemowers.cloud/v1beta1
+kind: SecretClaim
+metadata:
+  name: mariadb-secrets
+spec:
+  size: 32
+  mapping:
+    - key: MYSQL_ROOT_PASSWORD
+      value: "%(plaintext)s"
+    - key: MYSQL_PASSWORD
+      value: "%(plaintext)s"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: mariadb
+spec:
+  ports:
+    - protocol: TCP
+      port: 3306
+  selector:
+    app: mariadb
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: mariadb-init-config
+data:
+  initdb.sql: |
+    CREATE USER 'exporter'@'127.0.0.1' WITH MAX_USER_CONNECTIONS 3;
+    GRANT PROCESS, REPLICATION CLIENT, SLAVE MONITOR, SELECT ON *.* TO 'exporter'@'127.0.0.1';