diff --git a/authentik/.nextcloud.tf.swp b/authentik/.nextcloud.tf.swp
deleted file mode 100644
index 78cce5a..0000000
Binary files a/authentik/.nextcloud.tf.swp and /dev/null differ
diff --git a/authentik/chat.tf b/authentik/chat.tf
index 8310de4..e36874e 100644
--- a/authentik/chat.tf
+++ b/authentik/chat.tf
@@ -1,3 +1,23 @@
+#resource "authentik_provider_proxy" "chat" {
+#  name          = "Chat"
+#  internal_host = "http://open-webui.ollama:8080"
+#  external_host = "https://chat.lab.cowley.tech"
+#
+#  internal_host_ssl_validation = false
+#
+#  authentication_flow = data.authentik_flow.default-authentication-flow.id
+#  authorization_flow  = data.authentik_flow.default-provider-authorization-implicit-consent.id
+#  invalidation_flow   = data.authentik_flow.default-provider-invalidation-flow.id
+#
+#  access_token_validity = "hours=24"
+#}
+#
+#resource "authentik_application" "chat" {
+#  name = "Chat"
+#  slug = "chat"
+#
+#  protocol_provider = authentik_provider_proxy.chat.id
+#}
 
 resource "random_id" "chat_client_id" {
   byte_length = 16
@@ -8,7 +28,8 @@ resource "random_id" "chat_secret_key" {
 resource "authentik_provider_oauth2" "chat" {
   name = "Chat"
 
-  client_id           = random_id.chat_client_id.id
+  #client_id           = random_id.chat_client_id.id
+  client_id           = "2VbXTsFUJV5fgrRJTeQ"
   authentication_flow = data.authentik_flow.default-authentication-flow.id
   authorization_flow  = data.authentik_flow.default-provider-authorization-implicit-consent.id
   invalidation_flow   = data.authentik_flow.default-invalidation-flow.id
diff --git a/authentik/outposts.tf b/authentik/outposts.tf
index 3be216b..d8fbebb 100644
--- a/authentik/outposts.tf
+++ b/authentik/outposts.tf
@@ -1,10 +1,11 @@
 resource "authentik_outpost" "embedded_outpost" {
   name = "authentik Embedded Outpost"
   protocol_providers = [
+    #authentik_provider_proxy.chat.id,
     authentik_provider_proxy.esphome.id,
     authentik_provider_proxy.pinchflat.id,
     authentik_provider_proxy.paperless-gpt.id,
-    #authentik_provider_proxy.tubearchivist.id,
+    #authentik_provider_proxy.proxy-test.id,
     #authentik_provider_proxy.spotizerr.id,
   ]
   service_connection = authentik_service_connection_kubernetes.local.id
diff --git a/authentik/test.tf b/authentik/test.tf
new file mode 100644
index 0000000..8266563
--- /dev/null
+++ b/authentik/test.tf
@@ -0,0 +1,20 @@
+resource "authentik_provider_proxy" "proxy-test" {
+  name          = "Proxy Test"
+  internal_host = "http://homelab-proxy-test.tools:8000"
+  external_host = "https://proxy-test.lab.cowley.tech"
+
+  internal_host_ssl_validation = false
+
+  authentication_flow = data.authentik_flow.default-authentication-flow.id
+  authorization_flow  = data.authentik_flow.default-provider-authorization-implicit-consent.id
+  invalidation_flow   = data.authentik_flow.default-provider-invalidation-flow.id
+
+  access_token_validity = "hours=24"
+}
+
+resource "authentik_application" "proxy-test" {
+  name = "Proxy Test"
+  slug = "proxy-test"
+
+  protocol_provider = authentik_provider_proxy.proxy-test.id
+}