diff --git a/backend/cliapp/cliapp/cli.py b/backend/cliapp/cliapp/cli.py
index 38d5a20f82ea43cf321c3e9ef3344e59792b1a84..ca93b5e17198d7828ec7785c6cef5736ade3972e 100644
--- a/backend/cliapp/cliapp/cli.py
+++ b/backend/cliapp/cliapp/cli.py
@@ -55,7 +55,7 @@ def create_app(slug, name, external_url = None):
     :param extenal-url: if set, it marks this as an external app and 
                         configures the url
     """
-    current_app.logger.info(f"Creating app definition: {name} ({slug}")
+    current_app.logger.info(f"Creating app definition: {name} ({slug})")
 
     obj = App(name=name, slug=slug)
 
diff --git a/backend/helpers/kubernetes.py b/backend/helpers/kubernetes.py
index de35673ac9430e6cce2c03f2a5d34074a5c192c3..2c49d6ec1cf7560b18ed727d7e06435d4d4085f4 100644
--- a/backend/helpers/kubernetes.py
+++ b/backend/helpers/kubernetes.py
@@ -436,17 +436,17 @@ def debounce(timeout: float):
     return decorator
 
 def watch_dashboard_config(app, reload):
+    # Number of seconds to wait before reloading in case more secrets show up.
+    # In particular this prevents us from reloading once for every
+    # secret that exists at startup in succession.
+    debounce_timeout = 1
+    @debounce(debounce_timeout)
+    def debounced_reload():
+        reload()
     w = watch.Watch()
     api_instance = client.CoreV1Api(api_client.ApiClient())
-    def p():
+    def watch_scim_secrets():
         with app.app_context():
-            # Number of seconds to wait before reloading in case more secrets show up.
-            # In particular this prevents us from reloading once for every
-            # secret that exists at startup in succession.
-            debounce_timeout = 1
-            @debounce(debounce_timeout)
-            def debounced_reload():
-                reload()
             for event in w.stream(
                     api_instance.list_namespaced_secret,
                     'flux-system',
@@ -455,8 +455,18 @@ def watch_dashboard_config(app, reload):
                 ):
                 current_app.logger.info(f"{event['type']} SCIM config secret: {event['object'].metadata.name}")
                 debounced_reload()
-    thread = threading.Thread(target=p)
-    thread.start()
+    threading.Thread(target=watch_scim_secrets).start()
+    def watch_dashboard_configmaps():
+        with app.app_context():
+            for event in w.stream(
+                    api_instance.list_namespaced_config_map,
+                    'flux-system',
+                    label_selector="stackspin.net/dashboard-config=1",
+                    watch=True
+                ):
+                current_app.logger.info(f"{event['type']} dashboard config configmap: {event['object'].metadata.name}")
+                debounced_reload()
+    threading.Thread(target=watch_dashboard_configmaps).start()
 
 def check_condition(status):
     """
diff --git a/deployment/helmchart/templates/job-initialize-user.yaml b/deployment/helmchart/templates/job-initialize-user.yaml
index 90ea48a7e1cbdc8c746f3fd4e58f50dca3ee3c5f..bd4594854f9ccf2e492e390cbdd0d48edc83ab36 100644
--- a/deployment/helmchart/templates/job-initialize-user.yaml
+++ b/deployment/helmchart/templates/job-initialize-user.yaml
@@ -27,31 +27,26 @@ spec:
         image: {{ template "backend.image" . }}
         imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
         envFrom:
-          - configMapRef:
-              name: {{ include "common.names.fullname" . }}
-          {{- if .Values.backend.extraEnvVarsCM }}
-          - configMapRef:
-              name: {{ .Values.backend.extraEnvVarsCM }}
-          {{- end }}
-          {{- if .Values.backend.extraEnvVarsSecret }}
-          - secretRef:
-              name: {{ .Values.backend.extraEnvVarsSecret }}
-          {{- end }}
+        - configMapRef:
+            name: {{ include "common.names.fullname" . }}
+        {{- if .Values.backend.extraEnvVarsCM }}
+        - configMapRef:
+            name: {{ .Values.backend.extraEnvVarsCM }}
+        {{- end }}
+        {{- if .Values.backend.extraEnvVarsSecret }}
+        - secretRef:
+            name: {{ .Values.backend.extraEnvVarsSecret }}
+        {{- end }}
         env:
-          - name: SETUP_EMAIL
-            value: {{ .Values.backend.initialUser.email }}
-          - name: SETUP_PASSWORD
-            value: {{ .Values.backend.initialUser.password }}
-          - name: KRATOS_PUBLIC_URL
-            value: http://kratos-public:80
+        - name: SETUP_EMAIL
+          value: {{ .Values.backend.initialUser.email }}
+        - name: SETUP_PASSWORD
+          value: {{ .Values.backend.initialUser.password }}
+        - name: KRATOS_PUBLIC_URL
+          value: http://kratos-public:80
         command: ["/bin/bash", "-c"]
         args:
-          - flask cli user create $SETUP_EMAIL;
-            flask cli user setpassword $SETUP_EMAIL $SETUP_PASSWORD;
-            flask cli app create dashboard Dashboard;
-            flask cli user setrole $SETUP_EMAIL dashboard admin;
-            flask cli user setrole $SETUP_EMAIL nextcloud admin;
-            flask cli user setrole $SETUP_EMAIL wordpress admin;
-            flask cli user setrole $SETUP_EMAIL wekan admin;
-            flask cli user setrole $SETUP_EMAIL zulip admin;
-            flask cli user setrole $SETUP_EMAIL hedgedoc admin;
+        - flask cli user create $SETUP_EMAIL;
+          flask cli user setpassword $SETUP_EMAIL $SETUP_PASSWORD;
+          flask cli app create dashboard Dashboard;
+          flask cli user setrole $SETUP_EMAIL dashboard admin;