diff --git a/helm/nextcloud/values.yaml b/helm/nextcloud/values.yaml
index 92880f8..4dca9eb 100644
--- a/helm/nextcloud/values.yaml
+++ b/helm/nextcloud/values.yaml
@@ -3,8 +3,11 @@
 image:
   repository: nextcloud
   flavor: apache
+  # default is generated by flavor and appVersion
   tag:
   pullPolicy: IfNotPresent
+  # pullSecrets:
+  #   - myRegistrKeySecretName
 
 nameOverride: ""
 fullnameOverride: ""
@@ -12,60 +15,71 @@ podAnnotations: {}
 deploymentAnnotations: {}
 deploymentLabels: {}
 
-replicaCount: 2
+# Number of replicas to be deployed
+replicaCount: 1
 
+## Allowing use of ingress controllers
+## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
+##
 ingress:
   enabled: false
-  classname: nginx
+  # className: nginx
   annotations: {}
-    nginx.ingress.kubernetes.io/proxy-body-size: 4G
-    kubernetes.io/tls-acme: "true"
-    cert-manager.io/cluster-issuer: letsencrypt-prod
-    # Keep this in sync with the README.md:
-    nginx.ingress.kubernetes.io/server-snippet: |-
-      server_tokens off;
-      proxy_hide_header X-Powered-By;
-      rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last;
-      rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last;
-      rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
-      rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
-      location = /.well-known/carddav {
-        return 301 $scheme://$host/remote.php/dav;
-      }
-      location = /.well-known/caldav {
-        return 301 $scheme://$host/remote.php/dav;
-      }
-      location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-      }
-      location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
-        deny all;
-      }
-      location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
-        deny all;
-      }
-   #tls:
-   #  - secretName: nextcloud-tls
-   #    hosts:
-   #      - nextcloud.darkstars.local
+  #  nginx.ingress.kubernetes.io/proxy-body-size: 4G
+  #  kubernetes.io/tls-acme: "true"
+  #  cert-manager.io/cluster-issuer: letsencrypt-prod
+  #  # Keep this in sync with the README.md:
+  #  nginx.ingress.kubernetes.io/server-snippet: |-
+  #    server_tokens off;
+  #    proxy_hide_header X-Powered-By;
+  #    rewrite ^/.well-known/webfinger /index.php/.well-known/webfinger last;
+  #    rewrite ^/.well-known/nodeinfo /index.php/.well-known/nodeinfo last;
+  #    rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+  #    rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
+  #    location = /.well-known/carddav {
+  #      return 301 $scheme://$host/remote.php/dav;
+  #    }
+  #    location = /.well-known/caldav {
+  #      return 301 $scheme://$host/remote.php/dav;
+  #    }
+  #    location = /robots.txt {
+  #      allow all;
+  #      log_not_found off;
+  #      access_log off;
+  #    }
+  #    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
+  #      deny all;
+  #    }
+  #    location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
+  #      deny all;
+  #    }
+  # tls:
+  #   - secretName: nextcloud-tls
+  #     hosts:
+  #       - nextcloud.kube.home
   labels: {}
   path: /
   pathType: Prefix
 
+# Allow configuration of lifecycle hooks
+# ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
 lifecycle: {}
+# lifecycle:
+#   postStartCommand: []
+#   preStopCommand: []
 
 phpClientHttpsFix:
   enabled: false
   protocol: https
 
 nextcloud:
-  host: nextcloud.darkstars.local
+  host: nextcloud.kube.home
   username: admin
   password: changeme
+  ## Use an existing secret
   existingSecret:
     enabled: false
+    # secretName: nameofsecret
     usernameKey: nextcloud-username
     passwordKey: nextcloud-password
     tokenKey: ""
@@ -73,14 +87,19 @@ nextcloud:
     smtpPasswordKey: smtp-password
     smtpHostKey: smtp-host
   update: 0
+  # If web server is not binding default port, you can define it
   containerPort: 80
   datadir: /var/www/html/data
   persistence:
     subPath:
+  # if set, we'll template this list to the NEXTCLOUD_TRUSTED_DOMAINS env var
   trustedDomains: []
+  ## SMTP configuration
   mail:
     enabled: false
+    # the user we send email as
     fromAddress: user
+    # the domain we send email from
     domain: domain.com
     smtp:
       host: domain.com
@@ -89,7 +108,10 @@ nextcloud:
       authtype: LOGIN
       name: user
       password: pass
+  ## Primary ObjectStore options
+  # see: https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/primary_storage.html#configuring-object-storage-as-primary-storage
   objectStore:
+    # https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/primary_storage.html#simple-storage-service-s3
     s3:
       enabled: false
       # ignored if nextcloud.objectstore.s3.existingSecret is not empty string