diff --git a/modules/server/containers/apps/authentik.nix b/modules/server/containers/apps/authentik.nix
index 6f563b9..5c54850 100644
--- a/modules/server/containers/apps/authentik.nix
+++ b/modules/server/containers/apps/authentik.nix
@@ -86,6 +86,9 @@ in {
         AUTHENTIK_HOST = "https://${containerCfg.subdomain}.${serverCfg.hostDomain}"; 
         AUTHENTIK_INSECURE = "false"; 
       };
+      overrides = {
+        ports = [ "6636:636" ]; 
+      };
     };
   };
 
diff --git a/modules/server/containers/apps/gitea.nix b/modules/server/containers/apps/gitea.nix
index 0799bd5..de616b5 100644
--- a/modules/server/containers/apps/gitea.nix
+++ b/modules/server/containers/apps/gitea.nix
@@ -130,7 +130,7 @@ in {
 
       ${lib.optionalString (serverCfg.containers ? authentik) ''
       $GT admin auth delete --id 1
-      $GT admin auth add-ldap --name Authentik --host authentik-ldap --port 3389 --security-protocol unencrypted \
+      $GT admin auth add-ldap --name Authentik --host ${builder.host} --port 636 --security-protocol ldaps \
           --bind-dn "cn=ldap-service,ou=users,${LDAP_DC_DOMAIN}" --bind-password $DEFAULT_LDAP_PASSWORD \
           --user-search-base "ou=users,${LDAP_DC_DOMAIN}" --user-filter "(|(username=%s)(email=%s))" \
           --username-attribute "username" --firstname-attribute "givenName" --surname-attribute "sn" --email-attribute "mail" \