diff --git a/_sys/descheduler-cronjob.yaml b/_sys/descheduler-cronjob.yaml
index 214014f..dddd1c6 100644
--- a/_sys/descheduler-cronjob.yaml
+++ b/_sys/descheduler-cronjob.yaml
@@ -5,7 +5,7 @@ metadata:
   name: descheduler-cronjob
   namespace: kube-system
 spec:
-  schedule: "*/2 * * * *"
+  schedule: "40 */1 * * *"
   concurrencyPolicy: "Forbid"
   jobTemplate:
     spec:
diff --git a/apps/gitea.yaml b/apps/gitea.yaml
index cf6e2d6..f3cb62c 100644
--- a/apps/gitea.yaml
+++ b/apps/gitea.yaml
@@ -84,6 +84,7 @@ metadata:
     app: gitea
 spec:
   type: LoadBalancer
+  loadBalancerIP: 172.23.255.2
   ports:
     - port: 3000
       targetPort: http
diff --git a/apps/mariadb/mariadb-deployment.yaml b/apps/mariadb/mariadb-deployment.yaml
index c95060d..8a17b53 100644
--- a/apps/mariadb/mariadb-deployment.yaml
+++ b/apps/mariadb/mariadb-deployment.yaml
@@ -98,4 +98,4 @@ spec:
   claimRef:
     kind: PersistentVolumeClaim
     name: mariadb-data
-    namespace: default
+    namspace: live-env
diff --git a/apps/mariadb/mariadb/Dockerfile b/apps/mariadb/mariadb/Dockerfile
index 436b201..c5bac2d 100644
--- a/apps/mariadb/mariadb/Dockerfile
+++ b/apps/mariadb/mariadb/Dockerfile
@@ -6,6 +6,8 @@ RUN groupadd -r mysql && useradd -r -g mysql mysql
 
 # https://bugs.debian.org/830696 (apt uses gpgv by default in newer releases, rather than gpg)
 RUN set -ex; \
+	sed -i 's@deb.debian.org@apt-cache.lan/deb.debian.org@g' /etc/apt/sources.list; \
+	sed -i 's@security.debian.org@apt-cache.lan/security.debian.org@g' /etc/apt/sources.list; \
 	apt-get update; \
 	if ! which gpg; then \
 		apt-get install -y --no-install-recommends gnupg; \
@@ -93,6 +95,7 @@ RUN set -ex; \
 		| xargs -rt -0 sed -Ei 's/^(bind-address|log)/#&/'; \
 # don't reverse lookup hostnames, they are usually another container
 	echo '[mysqld]\nskip-host-cache\nskip-name-resolve' > /etc/mysql/conf.d/docker.cnf; \
+	mkdir -p /run/mysqld; \
 	apt-get clean -y;
 	
 VOLUME /var/lib/mysql
diff --git a/apps/mosquitto/deployment.yaml b/apps/mosquitto/deployment.yaml
index 2b35a17..0022724 100644
--- a/apps/mosquitto/deployment.yaml
+++ b/apps/mosquitto/deployment.yaml
@@ -6,7 +6,6 @@ metadata:
     app: mosquitto
     release: mqtt
   name: mqtt-mosquitto
-  namespace: default
 spec:
   replicas: 1
   selector:
@@ -63,7 +62,7 @@ spec:
           name: mosquitto-data
           subPath: mosquitto/data
       - name: mosquitto-exporter
-        image: cr.lan/mosquitto-exporter
+        image: cr.lan/mosquitto-exporter:arm64
         imagePullPolicy: Always
         ports:
         - containerPort: 9234
@@ -96,7 +95,6 @@ metadata:
     labels:
         app: mosquitto
         release: mqtt
-    namespace: default
     name: mqtt-mosquitto
 spec:
     externalTrafficPolicy: Cluster
@@ -121,7 +119,6 @@ metadata:
     app: mosquitto
     release: mqtt
   name: mqtt-mosquitto
-  namespace: default
 spec:
   accessModes:
   - ReadWriteOnce
@@ -135,7 +132,6 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
     name: mqtt-mosquitto
-    namespace: default
     labels:
       app: mosquitto
       release: mqtt
diff --git a/apps/pihole-deployment.yaml b/apps/pihole-deployment.yaml
index 02738d8..300f444 100644
--- a/apps/pihole-deployment.yaml
+++ b/apps/pihole-deployment.yaml
@@ -3,7 +3,7 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: pihole-password
-  namespace: default
+  namespace: live-env 
 type: Opaque
 data:
   password: YWRtaW4yMDIw
@@ -172,7 +172,7 @@ metadata:
   labels:
     app: pihole
   name: pihole-tcp
-  namespace: default
+  namespace: live-env 
 spec:
   type: LoadBalancer
   loadBalancerIP: 172.23.255.253
@@ -204,7 +204,7 @@ metadata:
   labels:
     app: pihole
   name: pihole-udp
-  namespace: default
+  namespace: live-env 
 spec:
   type: LoadBalancer
   loadBalancerIP: 172.23.255.253
diff --git a/apps/postgresql/postgresql-deploy.yaml b/apps/postgresql/postgresql-deploy.yaml
index 5f0361c..7be5d53 100644
--- a/apps/postgresql/postgresql-deploy.yaml
+++ b/apps/postgresql/postgresql-deploy.yaml
@@ -40,7 +40,7 @@ spec:
       volumes:
       - name: postgres-disk
         persistentVolumeClaim:
-          claimName: postgres
+          claimName: postgres-data
 #  volumeClaimTemplates:
 #  - metadata:
 #      name: postgres-disk
@@ -54,17 +54,37 @@ spec:
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: postgres
+  name: postgres-data
   labels:
     app: postgres
 spec:
   storageClassName: nfs-ssd
+  volumeName: postgres-data
   accessModes:
   - ReadWriteOnce
   resources:
     requests:
-      storage: 20Mi
-# service.yml
+      storage: 40Gi
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: postgres-data 
+spec:
+  storageClassName: "nfs-ssd"
+  nfs:
+    path: /data/raid1-ssd/k8s-data/postgres-data
+    server: ebin01
+  capacity:
+    storage: 40Gi
+  accessModes:
+    - ReadWriteOnce
+  volumeMode: Filesystem
+  persistentVolumeReclaimPolicy: Retain
+  claimRef:
+    kind: PersistentVolumeClaim
+    name: postgres-data
+    namespace: live-env
 ---
 apiVersion: v1
 kind: Service
@@ -77,6 +97,7 @@ spec:
   selector:
     env: live
   type: LoadBalancer
+  loadBalancerIP: 172.23.255.4
   ports:
   - port: 5432
     targetPort: 5432