diff --git a/share/authentik/datas.tf b/share/authentik/datas.tf
index 6d44830..8baedf2 100644
--- a/share/authentik/datas.tf
+++ b/share/authentik/datas.tf
@@ -25,8 +25,8 @@ data "kustomization_overlay" "data" {
   resources = [for file in fileset(path.module, "*.yaml"): file if file != "index.yaml"]
   images {
     name = "ghcr.io/goauthentik/server"
-    new_name = "${var.image.app.registry}/${var.image.app.repository}"
-    new_tag  = "${var.image.app.tag}"
+    new_name = "${var.images.app.registry}/${var.images.app.repository}"
+    new_tag  = "${var.images.app.tag}"
   }
   config_map_generator {
     name = var.component
@@ -41,7 +41,7 @@ data "kustomization_overlay" "data" {
       "AUTHENTIK_ERROR_REPORTING__SEND_PII=${var.error_reporting.send_pii}",
       "AUTHENTIK_GEOIP=${var.geoip}",
       "AUTHENTIK_LOG_LEVEL=${var.loglevel}",
-      "AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=${var.image.app.registry}/${var.image.app.project}/%(type)s:%(version)s",
+      "AUTHENTIK_OUTPOSTS__CONTAINER_IMAGE_BASE=${var.images.app.registry}/${var.images.app.project}/%(type)s:%(version)s",
       "AUTHENTIK_POSTGRESQL__NAME=${var.component}",
       "AUTHENTIK_POSTGRESQL__PORT=5432",
       "AUTHENTIK_POSTGRESQL__USER=${var.component}",
@@ -64,8 +64,8 @@ data "kustomization_overlay" "data" {
           spec:
             containers:
               - name: authentik
-                image: "${var.image.app.registry}/${var.image.app.repository}:${var.image.app.tag}"
-                imagePullPolicy: "${var.image.app.pullPolicy}"
+                image: "${var.images.app.registry}/${var.images.app.repository}:${var.images.app.tag}"
+                imagePullPolicy: "${var.images.app.pullPolicy}"
                 env:
                 - name: "AUTHENTIK_POSTGRESQL__HOST"
                   value: "${var.instance}-${var.component}-pool.${var.namespace}.svc"
@@ -96,8 +96,8 @@ data "kustomization_overlay" "data" {
           spec:
             containers:
               - name: authentik
-                image: "${var.image.app.registry}/${var.image.app.repository}:${var.image.app.tag}"
-                imagePullPolicy: "${var.image.app.pullPolicy}"
+                image: "${var.images.app.registry}/${var.images.app.repository}:${var.images.app.tag}"
+                imagePullPolicy: "${var.images.app.pullPolicy}"
                 env:
                 - name: "AUTHENTIK_POSTGRESQL__HOST"
                   value: "${var.instance}-${var.component}-pool.${var.namespace}.svc"
diff --git a/share/authentik/index.yaml b/share/authentik/index.yaml
index 5947996..e6e2f33 100644
--- a/share/authentik/index.yaml
+++ b/share/authentik/index.yaml
@@ -6,21 +6,65 @@ metadata:
   name: authentik
   description: authentik is an open-source Identity Provider focused on flexibility and versatility
 options:
-  loglevel:
-    default: info
-    examples:
-    - info
-    type: string
-  admin:
+  email:
     default:
-      email: auth-admin
+      port: 587
+      timeout: 30
+      use_ssl: false
+      use_tls: false
     examples:
-    - email: auth-admin
+    - port: 587
+      timeout: 30
+      use_ssl: false
+      use_tls: false
     properties:
-      email:
-        default: auth-admin
-        type: string
+      port:
+        default: 587
+        type: integer
+      timeout:
+        default: 30
+        type: integer
+      use_ssl:
+        default: false
+        type: boolean
+      use_tls:
+        default: false
+        type: boolean
     type: object
+  storage:
+    default:
+      postgres:
+        size: 8Gi
+      redis:
+        size: 8Gi
+    examples:
+    - postgres:
+        size: 8Gi
+      redis:
+        size: 8Gi
+    properties:
+      postgres:
+        default:
+          size: 8Gi
+        properties:
+          size:
+            default: 8Gi
+            type: string
+        type: object
+      redis:
+        default:
+          size: 8Gi
+        properties:
+          size:
+            default: 8Gi
+            type: string
+        type: object
+    type: object
+  domain_name:
+    default: your_company.com
+    examples:
+    - your_company.com
+    type: string
   backups:
     default:
       enable: false
@@ -80,6 +124,36 @@ options:
         default: false
         type: boolean
     type: object
+  admin:
+    default:
+      email: auth-admin
+    examples:
+    - email: auth-admin
+    properties:
+      email:
+        default: auth-admin
+        type: string
+    type: object
+  domain:
+    default: your-company
+    examples:
+    - your-company
+    type: string
+  geoip:
+    default: /geoip/GeoLite2-City.mmdb
+    examples:
+    - /geoip/GeoLite2-City.mmdb
+    type: string
+  loglevel:
+    default: info
+    examples:
+    - info
+    type: string
+  ingress_class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
   redis:
     default:
       exporter:
@@ -97,45 +171,6 @@ options:
             type: boolean
         type: object
     type: object
-  ingress_class:
-    default: traefik
-    examples:
-    - traefik
-    type: string
-  storage:
-    default:
-      postgres:
-        size: 8Gi
-      redis:
-        size: 8Gi
-    examples:
-    - postgres:
-        size: 8Gi
-      redis:
-        size: 8Gi
-    properties:
-      postgres:
-        default:
-          size: 8Gi
-        properties:
-          size:
-            default: 8Gi
-            type: string
-        type: object
-      redis:
-        default:
-          size: 8Gi
-        properties:
-          size:
-            default: 8Gi
-            type: string
-        type: object
-    type: object
-  geoip:
-    default: /geoip/GeoLite2-City.mmdb
-    examples:
-    - /geoip/GeoLite2-City.mmdb
-    type: string
   postgres:
     default:
       replicas: 1
@@ -146,26 +181,6 @@ options:
         default: 1
         type: integer
     type: object
-  error_reporting:
-    default:
-      enabled: false
-      environment: k8s
-      send_pii: false
-    examples:
-    - enabled: false
-      environment: k8s
-      send_pii: false
-    properties:
-      enabled:
-        default: false
-        type: boolean
-      environment:
-        default: k8s
-        type: string
-      send_pii:
-        default: false
-        type: boolean
-    type: object
   images:
     default:
       app:
@@ -303,51 +318,36 @@ options:
             type: string
         type: object
     type: object
-  domain:
-    default: your-company
-    examples:
-    - your-company
-    type: string
-  domain_name:
-    default: your_company.com
-    examples:
-    - your_company.com
-    type: string
-  email:
-    default:
-      port: 587
-      timeout: 30
-      use_ssl: false
-      use_tls: false
-    examples:
-    - port: 587
-      timeout: 30
-      use_ssl: false
-      use_tls: false
-    properties:
-      port:
-        default: 587
-        type: integer
-      timeout:
-        default: 30
-        type: integer
-      use_ssl:
-        default: false
-        type: boolean
-      use_tls:
-        default: false
-        type: boolean
-    type: object
-  issuer:
-    default: letsencrypt-prod
-    examples:
-    - letsencrypt-prod
-    type: string
   sub_domain:
     default: auth
     examples:
     - auth
     type: string
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
+  error_reporting:
+    default:
+      enabled: false
+      environment: k8s
+      send_pii: false
+    examples:
+    - enabled: false
+      environment: k8s
+      send_pii: false
+    properties:
+      enabled:
+        default: false
+        type: boolean
+      environment:
+        default: k8s
+        type: string
+      send_pii:
+        default: false
+        type: boolean
+    type: object
 dependencies:
 - dist: null
   category: core