diff --git a/modules/server/containers/apps/homepage.nix b/modules/server/containers/apps/homepage.nix
index eaa0458..c721890 100644
--- a/modules/server/containers/apps/homepage.nix
+++ b/modules/server/containers/apps/homepage.nix
@@ -13,6 +13,17 @@ let
     #     columns = 3;
     #   };
     # };
+    auth = {
+        oidc = {
+            enabled = true;
+            provider = "authentik";
+            issuerUrl = "https://${serverCfg.containers.authentik.subdomain}.${serverCfg.domain}";
+            clientId = "{{AUTHENTIK_HOME_CID}}";
+            clientSecret = "{{AUTHENTIK_HOME_CSEC}}";
+            groupsProperty = "groups";
+
+        };
+    };
     };
 
     services = pkgs.writers.writeYAML "services.yaml" [
@@ -84,7 +95,10 @@ let
                 };
             })
         ];}
-         {Admin = lib.flatten [
+         {Admin = {
+            ({permissions.groups = ["admin"];})
+            ({services = lib.flatten [
+            
             (lib.optional (serverCfg.containers?authentik) { 
                 Authentik={
                     icon = "authentik.png";
@@ -170,7 +184,7 @@ let
                 };
             })
             ))
-        ];}
+        ];})};}
     ];
 in {
     sops = false;
diff --git a/modules/server/containers/apps/nextcloud.nix b/modules/server/containers/apps/nextcloud.nix
index 6dfe10a..75ee75b 100644
--- a/modules/server/containers/apps/nextcloud.nix
+++ b/modules/server/containers/apps/nextcloud.nix
@@ -150,8 +150,8 @@ in {
         $OCC saml:config:set 1 --saml-attribute-mapping-group_mapping="http://schemas.xmlsoap.org/claims/Group"
 
         $OCC config:app:set user_saml general-allowed_groups --value="admin,cloud"
-        $OCC group:add admin || true
         $OCC group:add cloud || true
+        $OCC group:adduser admin $DEFAULT_ADMIN_USERNAME
         $OCC config:app:set user_saml general-group_provisioning --value="0"
         $OCC config:app:set user_saml general-require_provisioning_groups --value="1"
         ''}