diff --git a/argocd/apps/.idea/.gitignore b/argocd/apps/.idea/.gitignore
new file mode 100644
index 0000000..ab1f416
--- /dev/null
+++ b/argocd/apps/.idea/.gitignore
@@ -0,0 +1,10 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Ignored default folder with query files
+/queries/
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml
+# Editor-based HTTP Client requests
+/httpRequests/
diff --git a/argocd/apps/.idea/apps.iml b/argocd/apps/.idea/apps.iml
new file mode 100644
index 0000000..c956989
--- /dev/null
+++ b/argocd/apps/.idea/apps.iml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="WEB_MODULE" version="4">
+  <component name="NewModuleRootManager">
+    <content url="file://$MODULE_DIR$" />
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+</module>
\ No newline at end of file
diff --git a/argocd/apps/.idea/kubernetes/configs/kubeconfig_20251210_105343_563.yaml b/argocd/apps/.idea/kubernetes/configs/kubeconfig_20251210_105343_563.yaml
new file mode 100644
index 0000000..bf4d958
--- /dev/null
+++ b/argocd/apps/.idea/kubernetes/configs/kubeconfig_20251210_105343_563.yaml
@@ -0,0 +1,18 @@
+apiVersion: v1
+clusters:
+  - cluster:
+      certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkakNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUzTWpnMU16a3lNVFV3SGhjTk1qUXhNREV3TURVME5qVTFXaGNOTXpReE1EQTRNRFUwTmpVMQpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUzTWpnMU16a3lNVFV3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFRYm1mSjgwRy9aREVIbUs3U3lPd0cvVExuL1dqWStyMEhKVkhrTFVzM3cKcTZFc1ExZnczbHcybHcrV0d1UFVrcVBwZUp6RlpmOG4rRCt4QUdzSk5RN2lvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWIvZXY4andrcnR1Q1ZNVEZpWTdRCjQ1dTh1c1V3Q2dZSUtvWkl6ajBFQXdJRFJ3QXdSQUlnT2ZwaDJROElya1NYMUdoUUtib0MwS3E5VE5vR0pVRU8KLzdmQjY5OHFPeU1DSUFWUHgwc1hLUnlKQmk4YjM2UXdzWlM3UFJVbUZiUzJXdjBBdlgrRG9nRXIKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
+      server: https://192.168.4.102:6443
+    name: k3s-prod
+contexts:
+  - context:
+      cluster: k3s-prod
+      user: k3s-prod
+    name: prod
+current-context: prod
+kind: Config
+users:
+  - name: k3s-prod
+    user:
+      client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrVENDQVRlZ0F3SUJBZ0lJTmk5ZU5rY01oeUl3Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOekk0TlRNNU1qRTFNQjRYRFRJME1UQXhNREExTkRZMU5Wb1hEVEkyTURjeApNVEEyTWpneE1sb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJDNklqc1Njb3cyeTB4Q2QKZVUzM09LUVROSU9FbjlZa1d0aS9pKzV6ckp6M2xGQ284bnhtQlBUUVhSUGNUN0g5S2VHOXQvOWxhSHI4SW9kSwpjQ05FeFN1alNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCU3A4Ylc3ak44S1R2U2hCamJoaUxUb09PZWxtakFLQmdncWhrak9QUVFEQWdOSUFEQkYKQWlBNzdEaWY0TG1wOG4wUTYyTkJiUTFnNGhnS3laRktCMzlpQ3lGYVhoTG1qQUloQUk3dTVzRFdQdXZKNXR0TQp0R3ROQ2pYeEJmUzBibzR3UTlBT3ZCQ21EQVh6Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUzTWpnMU16a3lNVFV3SGhjTk1qUXhNREV3TURVME5qVTFXaGNOTXpReE1EQTRNRFUwTmpVMQpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUzTWpnMU16a3lNVFV3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFUTGMrKzdrQ2QxU1hTZTZraVhQSkI3bE83dE1NYnl0RU55YXBaMXh5SmoKeDc3RzJuRnNVc0tBdjZSVTNmQXBxc1lTaWZ4RVpDSU5oUUtqeDJpaFVlOEdvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVXFmRzF1NHpmQ2s3MG9RWTI0WWkwCjZEam5wWm93Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnR05rc2xVa1l0U2ZZbmhWREJUVGNldnl0SG5yM2xHMWYKaWhpbkIwQlBRaThDSVFEc2c4bktCZk5GTGlNMXhoZnRmMmxtZGM4T3VoV05nUDNuOFZpZDJzcTRzZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+      client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUpXMm1XK2dIQnJvaWd4R2pjNy9jRmZEK3dsWkRiT0kzZlpRV01KNmlkUGpvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFTG9pT3hKeWpEYkxURUoxNVRmYzRwQk0wZzRTZjFpUmEyTCtMN25Pc25QZVVVS2p5ZkdZRQo5TkJkRTl4UHNmMHA0YjIzLzJWb2V2d2loMHB3STBURkt3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
\ No newline at end of file
diff --git a/argocd/apps/.idea/modules.xml b/argocd/apps/.idea/modules.xml
new file mode 100644
index 0000000..44330cb
--- /dev/null
+++ b/argocd/apps/.idea/modules.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/apps.iml" filepath="$PROJECT_DIR$/.idea/apps.iml" />
+    </modules>
+  </component>
+</project>
\ No newline at end of file
diff --git a/argocd/apps/.idea/vcs.xml b/argocd/apps/.idea/vcs.xml
new file mode 100644
index 0000000..b2bdec2
--- /dev/null
+++ b/argocd/apps/.idea/vcs.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="$PROJECT_DIR$/../.." vcs="Git" />
+  </component>
+</project>
\ No newline at end of file
diff --git a/argocd/apps/cert-manager/include/wekantest-cerficate.yaml b/argocd/apps/cert-manager/include/wekantest-cerficate.yaml
new file mode 100644
index 0000000..f449d0e
--- /dev/null
+++ b/argocd/apps/cert-manager/include/wekantest-cerficate.yaml
@@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: innovation-hub-niedersachsen.de-wekantest
+  namespace: kube-system
+spec:
+  secretName: wekantest-tls
+  commonName: 'wekantest.innovation-hub-niedersachsen.de'
+  dnsNames:
+    - 'wekantest.innovation-hub-niedersachsen.de'
+  issuerRef:
+    name: lets-encrypt
+    kind: ClusterIssuer
+    group: cert-manager.io
diff --git a/argocd/apps/keycloak/values-keycloak.tmp b/argocd/apps/keycloak/values-keycloak.tmp
new file mode 100644
index 0000000..fae404e
--- /dev/null
+++ b/argocd/apps/keycloak/values-keycloak.tmp
@@ -0,0 +1,47 @@
+#apiVersion: argoproj.io/v1alpha1
+#kind: Application
+#metadata:
+#  name: keycloak
+#  finalizers:
+#  - resources-finalizer.argocd.argoproj.io
+#spec:
+#  project: default
+#  source:
+#    repoURL: 'registry-1.docker.io/cloudpirates'
+#    path: keycloak
+#    targetRevision: 0.*.*
+#    chart: keycloak    
+#    helm:
+#      values: |
+#        auth:
+#
+#        ingress:
+#          enabled: true
+#          className: "traefik"
+#          annotations:
+#            kubernetes.io/ingress.class: traefik
+#            traefik.ingress.kubernetes.io/router.tls: "true"
+#            cert-manager.io/cluster-issuer: lets-encrypt
+#            traefik.ingress.kubernetes.io/router.entrypoints: websecure
+#          hosts:
+#            - host: "keycloak.innovation-hub-niedersachsen.de"
+#              paths:
+#                - path: /
+#                  pathType: "Prefix"
+#          tls:
+#            - secretName: "keycloak-tls"
+#              hosts:
+#                - "keycloak.innovation-hub-niedersachsen.de" 
+#
+#  destination:
+#    server: 'https://kubernetes.default.svc'
+#    namespace: keycloak
+#  syncPolicy:
+#    managedNamespaceMetadata:
+#      labels: 
+#        pod-security.kubernetes.io/enforce: "privileged"
+#    automated:
+#      selfHeal: true
+#      prune: true
+#    syncOptions:
+#      - CreateNamespace=true
diff --git a/argocd/apps/wekantest/values-wekantest.yaml b/argocd/apps/wekantest/values-wekantest.yaml
new file mode 100644
index 0000000..e38cf99
--- /dev/null
+++ b/argocd/apps/wekantest/values-wekantest.yaml
@@ -0,0 +1,80 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: wekantest
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  source:
+    repoURL: 'https://wekan.github.io/charts/'
+    chart: wekan
+    targetRevision: 7.97.0
+    helm:
+      values: |
+        replicaCount: 1
+        dbname: wekan
+        env:
+          - name: MONGO_URL
+            value: mongodb://wekan-mongodb:27017/wekan
+          - name: MAIL_URL
+            value: smtp://192.168.4.125:25?ignoreTLS=true&tls={rejectUnauthorized:false}&secure=false
+          - name: MAIL_FROM
+            value: Noreplay admin@innovation-hub-niedersachsen.de
+
+        end_point: wekantest.innovation-hub-niedersachsen.de
+        root_url: https://wekantest.innovation-hub-niedersachsen.de
+        
+        # Probe-Einstellungen anpassen
+        livenessProbe:
+          enabled: true
+          initialDelaySeconds: 60
+          periodSeconds: 15
+          timeoutSeconds: 10
+          failureThreshold: 5
+        
+        readinessProbe:
+          enabled: true
+          initialDelaySeconds: 20
+          periodSeconds: 15
+          timeoutSeconds: 10
+          failureThreshold: 3
+        
+        ingress:
+          enabled: true
+          annotations: 
+            kubernetes.io/ingress.class: traefik
+            traefik.ingress.kubernetes.io/router.entrypoints: websecure
+            traefik.ingress.kubernetes.io/router.tls: "true"
+            cert-manager.io/cluster-issuer: lets-encrypt
+          hosts:
+            - wekantest.innovation-hub-niedersachsen.de
+          tls:
+            - secretName: wekantest-tls
+              hosts:
+                - wekantest.innovation-hub-niedersachsen.de
+        route:
+          enabled: false
+
+        sharedDataFolder:
+          enabled: true
+          storageClass: longhorn
+      
+        mongodb:
+          enabled: true
+          storage:
+            className: longhorn
+          nodeSelector:
+            kubernetes.io/hostname: k3s-prod
+
+  destination:
+    server: 'https://kubernetes.default.svc'
+    namespace: wekantest
+  syncPolicy:
+    managedNamespaceMetadata:
+      labels: 
+        pod-security.kubernetes.io/enforce: "privileged"
+    automated:
+      prune: true
+    syncOptions:
+      - CreateNamespace=true