diff --git a/kubernetes/apps/networking/cloudflared/app/helmrelease.yaml b/kubernetes/apps/networking/cloudflared/app/helmrelease.yaml
index d52eade1f..222b998a9 100644
--- a/kubernetes/apps/networking/cloudflared/app/helmrelease.yaml
+++ b/kubernetes/apps/networking/cloudflared/app/helmrelease.yaml
@@ -9,7 +9,7 @@ spec:
   chart:
     spec:
       chart: app-template
-      version: 2.4.0
+      version: 1.5.1
       sourceRef:
         kind: HelmRepository
         name: bjw-s
@@ -25,52 +25,33 @@ spec:
   uninstall:
     keepHistory: false
   values:
-    controllers:
-      main:
-        replicas: 1
-        strategy: RollingUpdate
-        annotations:
-          reloader.stakater.com/auto: "true"
-        containers:
-          main:
-            image:
-              repository: docker.io/cloudflare/cloudflared
-              tag: 2023.8.2
-            env:
-              NO_AUTOUPDATE: "true"
-              TUNNEL_CRED_FILE: /etc/cloudflared/creds/credentials.json
-              TUNNEL_METRICS: 0.0.0.0:8080
-              TUNNEL_TRANSPORT_PROTOCOL: quic
-              TUNNEL_POST_QUANTUM: true
-              TUNNEL_ID:
-                valueFrom:
-                  secretKeyRef:
-                    name: cloudflared-secret
-                    key: TUNNEL_ID
-            command:
-              - tunnel
-            args:
-              - --config=/etc/cloudflared/config/config.yaml
-              - run
-              - "$(TUNNEL_ID)"
-            probes:
-              liveness: &probes
-                enabled: true
-                custom: true
-                spec:
-                  httpGet:
-                    path: /ready
-                    port: http
-                  initialDelaySeconds: 0
-                  periodSeconds: 10
-                  timeoutSeconds: 1
-                  failureThreshold: 3
-              readiness: *probes
-              startup:
-                enabled: false
+    controller:
+      replicas: 1
+      strategy: RollingUpdate
+      annotations:
+        reloader.stakater.com/auto: "true"
+    image:
+      repository: docker.io/cloudflare/cloudflared
+      tag: 2023.8.2
+    env:
+      NO_AUTOUPDATE: "true"
+      TUNNEL_CRED_FILE: /etc/cloudflared/creds/credentials.json
+      TUNNEL_METRICS: 0.0.0.0:8080
+      TUNNEL_TRANSPORT_PROTOCOL: quic
+      TUNNEL_POST_QUANTUM: true
+      TUNNEL_ID:
+        valueFrom:
+          secretKeyRef:
+            name: cloudflared-secret
+            key: TUNNEL_ID
+    args:
+      - tunnel
+      - --config
+      - /etc/cloudflared/config/config.yaml
+      - run
+      - "$(TUNNEL_ID)"
     service:
       main:
-        controller: main
         ports:
           http:
             port: 8080
@@ -83,21 +64,39 @@ spec:
             path: /metrics
             interval: 1m
             scrapeTimeout: 30s
-
+    probes:
+      liveness: &probes
+        enabled: true
+        custom: true
+        spec:
+          httpGet:
+            path: /ready
+            port: http
+          initialDelaySeconds: 0
+          periodSeconds: 10
+          timeoutSeconds: 1
+          failureThreshold: 3
+      readiness: *probes
+      startup:
+        enabled: false
     persistence:
       config:
         enabled: true
         type: configMap
         name: cloudflared-configmap
-        globalMounts:
-          - path: /etc/cloudflared/config/config.yaml
-            subPath: config.yaml
-            readOnly: true
+        subPath: config.yaml
+        mountPath: /etc/cloudflared/config/config.yaml
+        readOnly: true
       creds:
         enabled: true
         type: secret
         name: cloudflared-secret
-        globalMounts:
-          - path: /etc/cloudflared/creds/credentials.json
-            subPath: credentials.json
-            readOnly: true
+        subPath: credentials.json
+        mountPath: /etc/cloudflared/creds/credentials.json
+        readOnly: true
+    resources:
+      requests:
+        cpu: 5m
+        memory: 10Mi
+      limits:
+        memory: 256Mi