diff --git a/apps/test.yaml b/apps/test.yaml
index f6df571..ecb0f86 100644
--- a/apps/test.yaml
+++ b/apps/test.yaml
@@ -6,27 +6,13 @@ metadata:
   finalizers:
     - resources-finalizer.argocd.argoproj.io
 spec:
-  project: applications
+  project: app-of-apps
   source:
-    path: helm/application
+    path: apps/test
     repoURL: https://github.com/vehagn/homelab
     targetRevision: HEAD
-    helm:
-      values: |
-        name: test
-        namespace: test
-        image: 
-          name: containous/whoami
-        service:
-          containerPort: 80
-        auth:
-          enabled: true
-          host: auth-test
-          whitelist:
-            - veghag@gmail.com
-            - wiredmatrices@gmail.com
   destination:
-    namespace: test
+    namespace: argocd
     name: in-cluster
   syncPolicy:
     automated:
diff --git a/apps/test2.yaml b/apps/test/app1.yaml
similarity index 94%
rename from apps/test2.yaml
rename to apps/test/app1.yaml
index 4bf1f91..375351a 100644
--- a/apps/test2.yaml
+++ b/apps/test/app1.yaml
@@ -1,7 +1,7 @@
 apiVersion: argoproj.io/v1alpha1
 kind: Application
 metadata:
-  name: test2
+  name: test-app1
   namespace: argocd
   finalizers:
     - resources-finalizer.argocd.argoproj.io
@@ -13,7 +13,7 @@ spec:
     targetRevision: HEAD
     helm:
       values: |
-        name: test2
+        name: app1
         namespace: test
         image: 
           name: containous/whoami
diff --git a/apps/test/app2.yaml b/apps/test/app2.yaml
new file mode 100644
index 0000000..b1086a3
--- /dev/null
+++ b/apps/test/app2.yaml
@@ -0,0 +1,33 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: test-app2
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: applications
+  source:
+    path: helm/application
+    repoURL: https://github.com/vehagn/homelab
+    targetRevision: HEAD
+    helm:
+      values: |
+        name: app2
+        namespace: test
+        image: 
+          name: containous/whoami
+        service:
+          containerPort: 80
+        auth:
+          enabled: true
+          create: false
+  destination:
+    namespace: test
+    name: in-cluster
+  syncPolicy:
+    automated:
+      selfHeal: true
+      prune: true
+    syncOptions:
+      - CreateNamespace=true
diff --git a/apps/test/auth.yaml b/apps/test/auth.yaml
new file mode 100644
index 0000000..f8bc92c
--- /dev/null
+++ b/apps/test/auth.yaml
@@ -0,0 +1,32 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: test-auth
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  project: applications
+  source:
+    path: helm/application
+    repoURL: https://github.com/vehagn/homelab
+    targetRevision: HEAD
+    helm:
+      values: |
+        name: test-auth
+        namespace: test
+        authOnly: true
+        auth:
+          host: auth-test
+          whitelist:
+            - veghag@gmail.com
+            - wiredmatrices@gmail.com
+  destination:
+    namespace: test
+    name: in-cluster
+  syncPolicy:
+    automated:
+      selfHeal: true
+      prune: true
+    syncOptions:
+      - CreateNamespace=true
diff --git a/apps/test/kustomization.yaml b/apps/test/kustomization.yaml
new file mode 100644
index 0000000..0713db2
--- /dev/null
+++ b/apps/test/kustomization.yaml
@@ -0,0 +1,7 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - app1.yaml
+  - app2.yaml
+  - auth.yaml
\ No newline at end of file
diff --git a/helm/application/templates/_helpers.tpl b/helm/application/templates/_helpers.tpl
new file mode 100644
index 0000000..92c2b9a
--- /dev/null
+++ b/helm/application/templates/_helpers.tpl
@@ -0,0 +1,35 @@
+{{/*
+Returns string "true" or empty which will be evaluated to boolean false
+*/}}
+{{- define "deployment.create" -}}
+{{- if not .Values.authOnly }}
+{{- true }}
+{{- end }}
+{{- end }}
+
+{{/*
+Returns string "true" or empty which will be evaluated to boolean false
+*/}}
+{{- define "service.create" -}}
+{{- if and .Values.service.create (include "deployment.create" .) }}
+{{- true }}
+{{- end }}
+{{- end }}
+
+{{/*
+Returns string "true" or empty which will be evaluated to boolean false
+*/}}
+{{- define "ingressRoute.create" -}}
+{{- if and .Values.ingressRoute.create (or .Values.authOnly (include "service.create" .)) }}
+{{- true }}
+{{- end }}
+{{- end }}
+
+{{/*
+Returns string "true" or empty which will be evaluated to boolean false
+*/}}
+{{- define "auth.create" -}}
+{{- if or .Values.authOnly (and .Values.auth.enabled .Values.auth.create (include "ingressRoute.create" .)) }}
+{{- true }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/helm/application/templates/application/deployment.yaml b/helm/application/templates/application/deployment.yaml
index 0f87e33..bcb4b13 100644
--- a/helm/application/templates/application/deployment.yaml
+++ b/helm/application/templates/application/deployment.yaml
@@ -1,3 +1,4 @@
+{{- if include "deployment.create" . }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -23,3 +24,4 @@ spec:
               protocol: TCP
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
+{{- end }}
\ No newline at end of file
diff --git a/helm/application/templates/application/service.yaml b/helm/application/templates/application/service.yaml
index 102af47..461ecfc 100644
--- a/helm/application/templates/application/service.yaml
+++ b/helm/application/templates/application/service.yaml
@@ -1,3 +1,4 @@
+{{- if include "service.create" .}}
 apiVersion: v1
 kind: Service
 metadata:
@@ -12,3 +13,4 @@ spec:
       protocol: TCP
   selector:
     app: {{ .Values.name }}
+{{- end }}
\ No newline at end of file
diff --git a/helm/application/templates/ingress-route.yaml b/helm/application/templates/ingress-route.yaml
index 4099580..fab32ac 100644
--- a/helm/application/templates/ingress-route.yaml
+++ b/helm/application/templates/ingress-route.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.ingressRoute.enabled }}
+{{- if include "ingressRoute.create" . }}
 apiVersion: traefik.containo.us/v1alpha1
 kind: IngressRoute
 metadata:
@@ -12,6 +12,7 @@ spec:
   tls:
     certResolver: letsencrypt
   routes:
+    {{- if include "service.create" . }}
     - match: Host(`{{ .Values.name }}.stonegarden.dev`)
       kind: Rule
       services:
@@ -20,6 +21,9 @@ spec:
     {{- if .Values.auth.enabled }}
       middlewares:
         - name: traefik-forward-auth
+    {{- end }}
+    {{- end }}
+    {{- if include "auth.create" . }}
     - match: Host(`{{ .Values.auth.host }}.stonegarden.dev`)
       kind: Rule
       services:
diff --git a/helm/application/templates/traefik-forward-auth/config-map.yaml b/helm/application/templates/traefik-forward-auth/config-map.yaml
index 1cfe09a..9a35221 100644
--- a/helm/application/templates/traefik-forward-auth/config-map.yaml
+++ b/helm/application/templates/traefik-forward-auth/config-map.yaml
@@ -1,4 +1,4 @@
-{{- if and .Values.auth.create .Values.auth.enabled }}
+{{- if include "auth.create" . }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
diff --git a/helm/application/templates/traefik-forward-auth/deployment.yaml b/helm/application/templates/traefik-forward-auth/deployment.yaml
index 722ac55..b13e373 100644
--- a/helm/application/templates/traefik-forward-auth/deployment.yaml
+++ b/helm/application/templates/traefik-forward-auth/deployment.yaml
@@ -1,4 +1,4 @@
-{{- if and .Values.auth.create .Values.auth.enabled }}
+{{- if include "auth.create" . }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
diff --git a/helm/application/templates/traefik-forward-auth/middleware.yaml b/helm/application/templates/traefik-forward-auth/middleware.yaml
index bd52256..3152612 100644
--- a/helm/application/templates/traefik-forward-auth/middleware.yaml
+++ b/helm/application/templates/traefik-forward-auth/middleware.yaml
@@ -1,4 +1,4 @@
-{{- if and .Values.auth.create .Values.auth.enabled }}
+{{- if include "auth.create" . }}
 apiVersion: traefik.containo.us/v1alpha1
 kind: Middleware
 metadata:
diff --git a/helm/application/templates/traefik-forward-auth/service.yaml b/helm/application/templates/traefik-forward-auth/service.yaml
index a36ccd7..567c7fa 100644
--- a/helm/application/templates/traefik-forward-auth/service.yaml
+++ b/helm/application/templates/traefik-forward-auth/service.yaml
@@ -1,4 +1,4 @@
-{{- if and .Values.auth.create .Values.auth.enabled }}
+{{- if include "auth.create" . }}
 apiVersion: v1
 kind: Service
 metadata:
diff --git a/helm/application/values.yaml b/helm/application/values.yaml
index 7e3b190..dd8d816 100644
--- a/helm/application/values.yaml
+++ b/helm/application/values.yaml
@@ -1,6 +1,9 @@
 name: name
 namespace: namespace
 
+# Skip deployment and only do auth
+authOnly: false
+
 image:
   name: image
   tag: latest
@@ -9,12 +12,13 @@ image:
 replicas: 1
 
 service:
+  create: true
   type: ClusterIP
   port: 80
   containerPort: 8080
 
 ingressRoute:
-  enabled: true
+  create: true
 
 resources: { }
 #  limits:
diff --git a/infra/dashboard/kustomization.yaml b/infra/dashboard/kustomization.yaml
index fafc1aa..64120b7 100644
--- a/infra/dashboard/kustomization.yaml
+++ b/infra/dashboard/kustomization.yaml
@@ -3,7 +3,7 @@ kind: Kustomization
 namespace: kubernetes-dashboard
 
 resources:
-  - https://raw.githubusercontent.com/kubernetes/dashboard/v2.6.1/aio/deploy/alternative.yaml
+  - https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/alternative.yaml
   - traefik-forward-auth
   - ingress.yaml
   - serviceAccount.yaml