diff --git a/CI/renovate/renovate-job.yaml b/CI/renovate/renovate-job.yaml
index bab384b..b5b0383 100644
--- a/CI/renovate/renovate-job.yaml
+++ b/CI/renovate/renovate-job.yaml
@@ -33,9 +33,7 @@ spec:
                   value: "https://git.roxedus.dev/api/v1"
               envFrom:
                 - secretRef:
-                    name: renovate-pat
-                - secretRef:
-                    name: renovate-gh
+                    name: renovate-secret
               volumeMounts:
                 - name: work-volume
                   mountPath: /tmp/renovate/
diff --git a/MetaObjects/ext-store.yml b/MetaObjects/cloudflare-keys.yml
similarity index 100%
rename from MetaObjects/ext-store.yml
rename to MetaObjects/cloudflare-keys.yml
diff --git a/MetaObjects/renovate-keys.yml b/MetaObjects/renovate-keys.yml
new file mode 100644
index 0000000..6217f3e
--- /dev/null
+++ b/MetaObjects/renovate-keys.yml
@@ -0,0 +1,36 @@
+apiVersion: external-secrets.io/v1alpha1
+kind: SecretStore
+metadata:
+  name: ext-renovate-backend
+  namespace: ci
+spec:
+  provider:
+    vault:
+      server: "http://vault.vault:8200"
+      path: "kv"
+      version: "v2"
+      auth:
+        kubernetes:
+          mountPath: "kubernetes"
+          role: "kube-role"
+---
+apiVersion: external-secrets.io/v1alpha1
+kind: ExternalSecret
+metadata:
+  name: ext-renovate
+  namespace: ci
+spec:
+  secretStoreRef:
+    name: ext-renovate-backend
+    kind: SecretStore
+  target:
+    name: renovate-secret
+  data:
+    - secretKey: GITHUB_COM_TOKEN
+      remoteRef:
+        key: ci/renovate
+        property: github
+    - secretKey: RENOVATE_TOKEN
+      remoteRef:
+        key: ci/renovate
+        property: token
diff --git a/apps/templates-old/ci.yaml b/apps/templates-old/ci.yaml
new file mode 100644
index 0000000..40392d1
--- /dev/null
+++ b/apps/templates-old/ci.yaml
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: ci
+  namespace: argo-cd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: ci
+  project: default
+  source:
+    path: CI/
+    repoURL: https://git.roxedus.dev/Roxedus/Argo.git
+    targetRevision: HEAD
+    directory:
+      recurse: true
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
\ No newline at end of file