diff --git a/manifests/extra-resources/nextcloud/external-secret.yaml b/manifests/extra-resources/nextcloud/external-secret.yaml
deleted file mode 100644
index 2d36518..0000000
--- a/manifests/extra-resources/nextcloud/external-secret.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
-  name: keycloak-client-secret
-  namespace: my-apps
-spec:
-  refreshInterval: 1h
-  secretStoreRef:
-    name: vault-oidc-clients
-    kind: ClusterSecretStore
-  target:
-    name: keycloak-client-secret
-    template:
-      engineVersion: v2
-      data:
-        keycloak-client-secret: "{{ .client_secret }}"
-  data:
-    - secretKey: client_secret
-      remoteRef:
-        key: oidc-clients/nextcloud-oidc
-        property: client_secret
diff --git a/manifests/extra-resources/nextcloud/keycloak-post-install-cm.yaml b/manifests/extra-resources/nextcloud/keycloak-post-install-cm.yaml
deleted file mode 100644
index fdd3707..0000000
--- a/manifests/extra-resources/nextcloud/keycloak-post-install-cm.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: nextcloud-post-install
-  namespace: my-apps
-data:
-  keycloak-post-install.sh: |
-    #!/bin/bash
-    echo "🔐 Enabling sociallogin app..."
-    occ app:install sociallogin || true
-    occ app:enable sociallogin
-
-    echo "🔐 Configuring Keycloak OIDC provider..."
-    occ sociallogin:custom_oidc keycloak \
-      --client-id="nextcloud" \
-      --client-secret="$(cat /secrets/keycloak-client-secret)" \
-      --issuer-uri="https://keycloak.dvirlabs.com/realms/dvirlabs" \
-      --auto-provision 1 \
-      --hide-login-form 0 \
-      --scope="openid profile email"
diff --git a/manifests/extra-resources/nextcloud/keycloak-post-install.sh b/manifests/extra-resources/nextcloud/keycloak-post-install.sh
deleted file mode 100644
index e2899ba..0000000
--- a/manifests/extra-resources/nextcloud/keycloak-post-install.sh
+++ /dev/null
@@ -1,13 +0,0 @@
-#!/bin/bash
-echo "🔐 Enabling sociallogin app..."
-occ app:install sociallogin || true
-occ app:enable sociallogin
-
-echo "🔐 Configuring Keycloak OIDC provider..."
-occ sociallogin:custom_oidc keycloak \
-  --client-id="nextcloud" \
-  --client-secret="$(cat /secrets/keycloak-client-secret)" \
-  --issuer-uri="https://keycloak.dvirlabs.com/realms/dvirlabs" \
-  --auto-provision 1 \
-  --hide-login-form 0 \
-  --scope="openid profile email"
diff --git a/manifests/nextcloud/values.yaml b/manifests/nextcloud/values.yaml
index ca5a1bc..eba70a7 100644
--- a/manifests/nextcloud/values.yaml
+++ b/manifests/nextcloud/values.yaml
@@ -24,20 +24,6 @@ nextcloud:
     - name: OVERWRITEPROTOCOL
       value: https
 
-  extraVolumes:
-    - name: keycloak-post-install
-      configMap:
-        name: nextcloud-post-install
-    - name: keycloak-secret
-      secret:
-        secretName: keycloak-client-secret
-
-  extraVolumeMounts:
-    - name: keycloak-post-install
-      mountPath: /docker-entrypoint-hooks.d/post-installation
-    - name: keycloak-secret
-      mountPath: /secrets
-
 internalDatabase:
   enabled: false