diff --git a/applications/30-domain-names/certmanager.yaml b/applications/30-domain-names/certmanager.yaml
index 83befe8..95511fd 100644
--- a/applications/30-domain-names/certmanager.yaml
+++ b/applications/30-domain-names/certmanager.yaml
@@ -1,38 +1,37 @@
 ---
-# 1. cert-manager Helm chart
-apiVersion: argoproj.io/v1alpha1
-kind: Application
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+  name: jetstack
+  namespace: flux-system
+spec:
+  url: https://charts.jetstack.io
+  interval: 1h
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
 metadata:
   name: cert-manager
-  namespace: argocd
+  namespace: home-server
 spec:
-  project: default
-  source:
-    repoURL: "https://charts.jetstack.io"
-    chart: "cert-manager"
-    targetRevision: "v1.18.2"
-    helm:
-      releaseName: "cert-manager"
-      values: |
-        installCRDs: true
-        extraArgs:
-          - --dns01-recursive-nameservers-only
-          - --dns01-recursive-nameservers=8.8.8.8:53,1.1.1.1:53
-  destination:
-    server: "https://kubernetes.default.svc"
-    namespace: home-server
-  syncPolicy:
-    automated:
-      prune: true
-      selfHeal: true
-    syncOptions:
-      - CreateNamespace=true
-      - ApplyOutOfSyncOnly=true
-      - SkipHooks=false
-      - SyncWave=0   # ensure cert-manager is installed first
-
+  interval: 30m
+  chart:
+    spec:
+      chart: cert-manager
+      version: v1.18.2
+      sourceRef:
+        kind: HelmRepository
+        name: jetstack
+        namespace: flux-system
+  install:
+    crds: CreateReplace
+    createNamespace: true
+  values:
+    installCRDs: true
+    extraArgs:
+      - --dns01-recursive-nameservers-only
+      - --dns01-recursive-nameservers=8.8.8.8:53,1.1.1.1:53
 ---
-# 2. ClusterIssuer
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
@@ -41,20 +40,19 @@ spec:
   acme:
     email: admin@hxme.net
     server: https://acme-v02.api.letsencrypt.org/directory
+    #server: https://acme-staging-v02.api.letsencrypt.org/directory
     privateKeySecretRef:
       name: letsencrypt-rfc2136
     solvers:
-      - dns01:
-          rfc2136:
-            nameserver: hawke.hxst.com.au:53
-            tsigKeyName: "hxme-update-key"
-            tsigAlgorithm: HMACSHA512
-            tsigSecretSecretRef:
-              name: hxme-update-key
-              key: hxme-update-key
-
+    - dns01:
+        rfc2136:
+          nameserver: hawke.hxst.com.au:53
+          tsigKeyName: "hxme-update-key"
+          tsigAlgorithm: HMACSHA512
+          tsigSecretSecretRef:
+            name: hxme-update-key
+            key:  hxme-update-key
 ---
-# 3. Certificate
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
@@ -73,4 +71,3 @@ spec:
   dnsNames:
     - "hxme.net"
     - "*.hxme.net"
-
diff --git a/deploy/server.yaml b/deploy/server.yaml
index bce36e5..e022c17 100644
--- a/deploy/server.yaml
+++ b/deploy/server.yaml
@@ -14,8 +14,8 @@ spec:
             path: applications/10-replicator
           - name: databases
             path: applications/20-databases
-          - name: domain-names
-            path: applications/30-domain-names
+         #- name: domain-names
+         #  path: applications/30-domain-names
   template:
     metadata:
       name: '{{name}}'