diff --git a/charts/villas/Chart.lock b/charts/villas/Chart.lock
index fa2977d..1f51ea1 100644
--- a/charts/villas/Chart.lock
+++ b/charts/villas/Chart.lock
@@ -1,12 +1,12 @@
 dependencies:
 - name: rabbitmq
-  repository: https://charts.bitnami.com/bitnami
-  version: 10.3.6
-- name: postgresql
-  repository: https://charts.bitnami.com/bitnami
-  version: 11.9.1
+  repository: oci://registry-1.docker.io/cloudpirates
+  version: 0.3.2
+- name: postgres
+  repository: oci://registry-1.docker.io/cloudpirates
+  version: 0.7.3
 - name: minio
   repository: https://charts.bitnami.com/bitnami
   version: 11.10.3
-digest: sha256:402fe7dacea276f5fb96caa8e4837bcb6309d3bb2e41dc7113adfaaf78ca6e66
-generated: "2022-09-28T11:25:46.960695+02:00"
+digest: sha256:0e95383933f3249335bb0b5e6b72b45763dc9fd078e3d86a37bf46e910c51de3
+generated: "2025-10-09T13:47:55.981685779Z"
diff --git a/charts/villas/Chart.yaml b/charts/villas/Chart.yaml
index d9ee2fb..adacf6d 100644
--- a/charts/villas/Chart.yaml
+++ b/charts/villas/Chart.yaml
@@ -16,14 +16,14 @@ maintainers:
 
 dependencies:
   - name: rabbitmq
-    version: 10.3.6
-    repository: "https://charts.bitnami.com/bitnami"
+    version: 0.3.2
+    repository: "oci://registry-1.docker.io/cloudpirates"
     condition: "broker.enabled"
     alias: broker
 
-  - name: postgresql
-    version: 11.9.1
-    repository: "https://charts.bitnami.com/bitnami"
+  - name: postgres
+    version: 0.7.3
+    repository: "oci://registry-1.docker.io/cloudpirates"
     condition: "database.enabled"
     alias: database
 
diff --git a/charts/villas/charts/postgres-0.7.3.tgz b/charts/villas/charts/postgres-0.7.3.tgz
new file mode 100644
index 0000000..31122d9
Binary files /dev/null and b/charts/villas/charts/postgres-0.7.3.tgz differ
diff --git a/charts/villas/charts/postgresql-11.9.1.tgz b/charts/villas/charts/postgresql-11.9.1.tgz
deleted file mode 100644
index f14b338..0000000
Binary files a/charts/villas/charts/postgresql-11.9.1.tgz and /dev/null differ
diff --git a/charts/villas/charts/rabbitmq-0.3.2.tgz b/charts/villas/charts/rabbitmq-0.3.2.tgz
new file mode 100644
index 0000000..7dc8e74
Binary files /dev/null and b/charts/villas/charts/rabbitmq-0.3.2.tgz differ
diff --git a/charts/villas/charts/rabbitmq-10.3.6.tgz b/charts/villas/charts/rabbitmq-10.3.6.tgz
deleted file mode 100644
index 82290a4..0000000
Binary files a/charts/villas/charts/rabbitmq-10.3.6.tgz and /dev/null differ
diff --git a/charts/villas/templates/controller-deployment.yaml b/charts/villas/templates/controller-deployment.yaml
index fe4de81..7a72633 100644
--- a/charts/villas/templates/controller-deployment.yaml
+++ b/charts/villas/templates/controller-deployment.yaml
@@ -46,7 +46,7 @@ spec:
           valueFrom:
             secretKeyRef:
               name: {{ include "broker.secretName" . }}
-              key: rabbitmq-password
+              key: password
 {{- else }}
         - name: AMQP_USER
           value: {{ .Values.broker.external.username | quote }}
diff --git a/charts/villas/templates/ingress.yaml b/charts/villas/templates/ingress.yaml
index 6514223..d877f92 100644
--- a/charts/villas/templates/ingress.yaml
+++ b/charts/villas/templates/ingress.yaml
@@ -12,8 +12,16 @@ metadata:
   labels:
     {{- include "villas.labels" . | nindent 4 }}
   annotations:
+{{- if .Values.web.auth.external.enabled }}
+    nginx.ingress.kubernetes.io/proxy-set-headers: "true"
+    nginx.ingress.kubernetes.io/proxy-buffer-size: "128k"
+    nginx.ingress.kubernetes.io/proxy-buffers-number: "4"
+    nginx.ingress.kubernetes.io/proxy-buffering: "on"
+{{- else }}
     nginx.ingress.kubernetes.io/proxy-buffering: "off"
     nginx.ingress.kubernetes.io/proxy-request-buffering: "off"
+    nginx.ingress.kubernetes.io/proxy-body-size: 1024m
+{{- end }}
     nginx.ingress.kubernetes.io/rewrite-target: /$1
     nginx.ingress.kubernetes.io/use-regex: "true"
     nginx.ingress.kubernetes.io/proxy-body-size: 1024m
diff --git a/charts/villas/templates/proxy-deployment.yaml b/charts/villas/templates/proxy-deployment.yaml
index 414b4a5..51bfb2a 100644
--- a/charts/villas/templates/proxy-deployment.yaml
+++ b/charts/villas/templates/proxy-deployment.yaml
@@ -31,16 +31,16 @@ spec:
           value: "http://{{ include "villas.fullname" . }}-web-backend"
         - name: OAUTH2_PROXY_CLIENT_ID
           value: {{ .Values.web.auth.external.client_id | quote }}
+        - name: OAUTH2_PROXY_REDIRECT_URL
+          value: "https://{{ .Values.ingress.host}}/oauth2/callback"
+        - name: OAUTH2_PROXY_CODE_CHALLENGE_METHOD
+          value: {{ .Values.web.auth.external.pkce_method | quote }}
         - name: OAUTH2_PROXY_CLIENT_SECRET
           value: {{ .Values.web.auth.external.client_secret | quote }}
         - name: OAUTH2_PROXY_COOKIE_SECRET
           value: {{ .Values.web.auth.external.cookie_secret }}
-        - name: OAUTH2_PROXY_LOGIN_URL
-          value: {{ .Values.web.auth.external.login_url | quote }}
-        - name: OAUTH2_PROXY_REDEEM_URL
-          value: {{ .Values.web.auth.external.redeem_url | quote }}
-        - name: OAUTH2_PROXY_VALIDATE_URL
-          value: {{ .Values.web.auth.external.validate_url | quote }}
+        - name: OAUTH2_PROXY_OIDC_ISSUER_URL
+          value: {{ .Values.web.auth.external.issuer_url | quote }}
         - name: OAUTH2_PROXY_REVERSE_PROXY
           value: "true"
         - name: OAUTH2_PROXY_SET_XAUTHREQUEST
diff --git a/charts/villas/templates/web-backend-deployment.yaml b/charts/villas/templates/web-backend-deployment.yaml
index 793a642..193cdb8 100644
--- a/charts/villas/templates/web-backend-deployment.yaml
+++ b/charts/villas/templates/web-backend-deployment.yaml
@@ -51,7 +51,7 @@ spec:
           valueFrom:
             secretKeyRef:
               name: {{ include "database.secretName" . }}
-              key: password
+              key: postgres-password
 {{- else }}
           value: {{ .Values.database.external.password | quote }}
 {{- end }}
@@ -60,7 +60,7 @@ spec:
           valueFrom:
             secretKeyRef:
               name: {{ include "broker.secretName" . }}
-              key: rabbitmq-password
+              key: password
 {{- else }}
           value: {{ .Values.broker.external.password | quote }}
 {{- end }}
diff --git a/charts/villas/values.yaml b/charts/villas/values.yaml
index 8acd1d9..1ac46d2 100644
--- a/charts/villas/values.yaml
+++ b/charts/villas/values.yaml
@@ -57,24 +57,19 @@ web:
       # password: changeme
 
     external:
-      enabled: false
+      enabled: true
 
       client_id: villas
-      client_secret: "Ho0Zeilahxoh3Cae0ao9rieHooL1oonah0nash6aiNae7phaiceeCoo9Eesh6tei"
-
+      pkce_method: S256
+      client_secret: ff
       cookie_secret: "ohth8iin6QuiequeGu5tiengizip4eid"
-
       # email_domains:
       # - "*"
       # allowed_groups:
       # - student
-
-      provider: jupyterhub
-      provider_name: JupyterHub
-
-      login_url: https://jupyter.k8s.eonerc.rwth-aachen.de/hub/api/oauth2/authorize
-      redeem_url: https://jupyter.k8s.eonerc.rwth-aachen.de/hub/api/oauth2/token
-      validate_url: https://jupyter.k8s.eonerc.rwth-aachen.de/hub/api/oauth2/validate
+      provider_name: keycloak
+      provider: oidc
+      issuer_url: https://keycloak.k8s.eonerc.rwth-aachen.de/realms/s-dev-realm
 
   backend:
     enabled: true
@@ -91,7 +86,7 @@ proxy:
   image: quay.io/oauth2-proxy/oauth2-proxy
 
   extraEnv:
-    OAUTH2_PROXY_JUPYTERHUB_URL: https://jupyter.k8s.eonerc.rwth-aachen.de
+    OAUTH2_PROXY_SILENCE_PING_LOGGING: true
 
 node:
   enabled: true
@@ -222,6 +217,8 @@ controller:
   extraConfig: {}
 
 database:
+  image:
+    tag: 14.5-bullseye
   # Set to false for using an external broker
   # If so, provide the connection details in broker.external
   enabled: true