diff --git a/.bin/singleNode.yaml b/.bin/singleNode.yaml
index 856065c..777a11c 100644
--- a/.bin/singleNode.yaml
+++ b/.bin/singleNode.yaml
@@ -1,6 +1,7 @@
 logLevel: debug
 global:
   ldapDomain: "singlenode.org"
+  existingSecret: "my-super-secret"
 resources: 
   limits:
     cpu: "128m"
@@ -8,10 +9,51 @@ resources:
 replicaCount: 1
 replication:
   enabled: false
+# customLdifFiles:
+#   0-root.ldif: |-
+#     dn: dc=singlenode,dc=org
+#     objectClass: top
+#     objectClass: dcObject
+#     objectClass: organization
+#     o: MY-DOMAIN
+#     dc: singlenode
+#   02-users-group.ldif: |-
+#     dn: ou=users,dc=singlenode,dc=org
+#     ou: users
+#     objectClass: organizationalUnit
+#     objectClass: top
+#   01-admin-read-user.ldif: |-
+#     dn: cn=admin-read,dc=singlenode,dc=org
+#     cn: admin-read
+#     mail: admin-read@singlenode.org
+#     objectClass: inetOrgPerson
+#     objectClass: top
+#     userPassword: {SSHA}E2vRX2ssn7ckfjXBzP27SZH9Ast4rOEo
+#     sn: Admin read only
+# customAcls: |-
+#   dn: olcDatabase={2}mdb,cn=config
+#   changetype: modify
+#   replace: olcAccess
+#   olcAccess: {0}to *
+#     by dn.exact=gidNumber=0+uidNumber=1001,cn=peercred,cn=external,cn=auth manage
+#     by * break
+#   olcAccess: {1}to attrs=userPassword,shadowLastChange
+#     by self write
+#     by dn="cn=admin,dc=singlenode,dc=org" write
+#     by anonymous auth by * none
+#   olcAccess: {2}to *
+#     by dn="cn=admin-read,dc=singlenode,dc=org" read
+#     by dn="cn=admin,dc=singlenode,dc=org" write
+#     by self read
+#     by * none
 ltb-passwd:
   ingress:
     hosts:
     - "ssl-ldap2.example"
+  # ldap:
+  #   searchBase: "ou=users,dc=singlenode,dc=org"
+  #   bindDN: "cn=admin-read,dc=singlenode,dc=org"
+  #   passKey: LDAP_ADMIN_READ_PASSWORD
 phpldapadmin:
   ingress:
     hosts:
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 203e2a1..fa6ef62 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -20,9 +20,9 @@ jobs:
       - name: setup cluster
         shell: bash
         run: |
-          curl -Lo /tmp/kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-amd64
+          curl -Lo /tmp/kind https://kind.sigs.k8s.io/dl/v0.23.0/kind-linux-amd64
           chmod +x /tmp/kind
-          /tmp/kind create cluster --config=$GITHUB_WORKSPACE/.bin/kind-conf.yml --image=kindest/node:v1.28.0@sha256:9f3ff58f19dcf1a0611d11e8ac989fdb30a28f40f236f59f0bea31fb956ccf5c
+          /tmp/kind create cluster --config=$GITHUB_WORKSPACE/.bin/kind-conf.yml --image=kindest/node:v1.30.0@sha256:047357ac0cfea04663786a612ba1eaba9702bef25227a794b52890dd8bcd692e
           kubectl apply -f https://projectcontour.io/quickstart/contour.yaml
           kubectl patch daemonsets -n projectcontour envoy -p '{"spec":{"template":{"spec":{"nodeSelector":{"ingress-ready":"true"}}}}}'
       - name: setup chaos mesh