diff --git a/docs/local_dev_remote_kratos.md b/docs/local_dev_remote_kratos.md
index b8e660f53493497f37a5664c7c75a6b5c222dd7f..7c153665f88452446da21c5647dd1b389ec3f3eb 100644
--- a/docs/local_dev_remote_kratos.md
+++ b/docs/local_dev_remote_kratos.md
@@ -49,169 +49,109 @@ want to test / install (optional) improvements of login panel.
 
 Once this is all fetched, installation can be done with the following steps:
 
-1. Suspend the automatic updating:
-   As we are gonna use a non-release version, the flux application management 
-   system will rollback changes to follow the released versions. However, during 
-   development we want to prevent this. We can suspend the service with:
+1. Create an overwrite ConfigMap file:
 
+   For local development, we have to configure the endpoint of the application to
+   be pointing to our development system. In this example, we use `localhost` on
+   http.
 
-```
-flux suspend source chart stackspin-single-sign-on
-```
-
-2. Make a backup of the current keys and configuration values. We needs those
-   when we install the new version of the `single-sign-on` helmchart:
-
-```
-helm get values single-sign-on -n stackspin > /to/a/path/my_cluster_values.yaml
-```
-
-Keep this file on a safe place. It contains important passwords and also we need
-to add extra settings to this file once we switch to local development for the
-login panel.
-
-3. Install all helm dependencies
-
-Before we install the dependencies, you can remove the `charts` folder, just to
-be sure there are no other conflicting helm charts in that folder which can lead
-to unexpected results
-
-```
-rm -rf charts
-helm dep update
-```
-
-4. Configure variables
+   Because of CORS and strict configuration, all needs to end up on the same
+   system. With modern browser, it even have to run on the same port (at least with
+   firefox). As we want to mimic the real life setup as much as possible as,
+   we will do this by running a local proxy. In production this will be handled by
+   kubernetes ingress configuration.
 
-Currently there are  default passwords configured for postgresql in
-`values.yaml`.
+   First we will tell kratos and hydra where to find the right endpoints. An
+   overview of all relevant end-points:
 
-It is not advices to change `values.yaml` directly, but use your
-`my-cluster-values.yaml` to make overrides of the defaults.
+   The endpoints used by the browser are (public accessible)
 
-You can change the default passwords before installation. Please make sure it
-in sync with the dsn settings for Hydra and Kratos. Note that the databases are
-only created once, and passwords are set at creation time. If you want to change
-the passwords later, you have to do this manually in the Postgres database and 
-use your variables file to modify the settings for kratos/hydra.
+   - `localhost/api` -> kratos public API
+   - `localhost/login` -> login flask app
 
-The database passwords are set here:
-
-```
-postgresql:
-  initdbScripts:
-    setup.sql: |
-      CREATE USER hydra WITH PASSWORD 'hydra';
-      CREATE USER kratos WITH PASSWORD 'kratos';
-      CREATE USER stackspin WITH PASSWORD 'stackspin';
-      CREATE DATABASE kratos WITH OWNER kratos;
-      CREATE DATABASE hydra WITH OWNER hydra;
-      CREATE DATABASE stackspin WITH OWNER stackspin;
-```
+   The endpoint used by the login app/API are:
+   - `localhost:8000` -> kratos Admin API (only local accessible)
+   - `localhost/api`  -> kratos Public API
+   - `localhost:4445` -> hydra Admin API (only local accessible)
+   - `localhost:5432` -> PostgreSQL
 
-Please make sure it is in sync with the password for kratos and hydra in you
-`my-cluster-values.yaml` file
+   To reflect those public endpoints in your cluster, we have to override the 
+   default URLs in the cluster. We do this with a ConfigMap.
 
-```
-kratos:
-  kratos:
-    config:
-      dsn: postgres://kratos:kratos@single-sign-on-postgresql:5432/kratos
+   It is essential SMTP/e-mail is working during development, so an example 
+   is included on how to override those if SMTP is not working on your 
+   cluster. Otherwise those lines are irrelevant.
 
-hydra:
-  hydra:
-    config:
-      dsn: postgres://hydra:hydra@single-sign-on-postgresql:5432/hydra
+   Create a file with the following content:
 
 ```
-
-For local development, we have to configure the endpoint of the application to
-be pointing to our development system. In this example, we use `localhost` on
-http.
-
-Because of CORS and strict configuration, all needs to end up on the same
-system. With modern browser, it even have to run on the same port (at least with
-firefox). As we want to mimic the real life setup as much as possible as well, 
-we will do this by running a local proxy. In production this will be handled by
-kubernetes ingress configuration.
-
-First we will tell kratos and hydra where to find the right endpoints. An 
-overview of all relevant end-points:
-
-The endpoints used by the browser are:
-
- - `localhost/api` -> kratos public API
- - `localhost/login` -> login flask app
-
-The endpoint used by the login app/API are:
- - `localhost:8000` -> kratos Admin API
- - `localhost/api`  -> kratos Public API
- - `localhost:4445` -> hydra Admin API
- - `localhost:5432` -> PostgreSQL
-
-To reflect those public endpoints in your cluster, we have to override the 
-default URLs from `values.yaml` in our `my-cluster-values.yaml` file. Also we
- set the SMTP settings as well, as for a proper development experience it is 
-required to be able to send out e-mails.
-
-Configuration of the login app API endpoints is discussed in the next chapter.
-
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: stackspin-single-sign-on-override
+data:
+  values.yaml: |
+    kratos:
+      kratos:
+        config:
+          courier:
+            smtp:
+             # Kratos enforces the use of STARTTLS. Be sure your SMTP provider
+             # supports that (if not, it is time to switch providers)
+             #
+             # Uncomment and correct below lines if e-mail is not working in your
+             # cluster
+             # connection_uri: smtp://user@password@smtp.example.com:25/
+             # from_address: stackspin-admin@example.com
+
+          # For development, we forward all to our local server (or your dev server
+          # if that is remote)
+          serve:
+            public:
+              base_url: http://localhost/api/
+
+          selfservice:
+            default_browser_return_url: http://localhost/login/login
+
+            flows:
+              recovery:
+                ui_url: http://localhost/login/recovery
+
+              login:
+                ui_url: http://localhost/login/login
+
+              settings:
+                ui_url: http://localhost/login/settings
+
+              registration:
+                ui_url: http://localhost/login/registration
+
+    hydra:
+      hydra:
+        config:
+          urls:
+            # For development we redirect to localhost (or your dev server)
+            login: http://localhost/login/auth
+            consent: http://localhost/login/consent
+            logout: http://localhost/login/logout
 ```
 
-kratos:
-  kratos:
-    config:
-      courier:
-        smtp:
-         # Kratos enforces the use of STARTTLS. Be sure your SMTP provider
-         # supports that (if not, it is time to switch providers)
-         connection_uri: smtp://stackspin@example.com:MyPassword@smtp.greenhost.nl:25/
-         from_address: no-reply@example.com
-
-      # For development, we forward all to our local server (or your dev server
-      # if that is remote)
-      serve:
-        public:
-          base_url: http://localhost/api/
-
-      selfservice:
-        default_browser_return_url: http://localhost/login/login
-
-        flows:
-          recovery:
-            ui_url: http://localhost/login/recovery
-
-          login:
-            ui_url: http://localhost/login/login
+2. Apply the ConfigMap to your cluster:
+ 
+   ```
+   kubectl apply -n stackspin -f stackspin-single-sign-on-override.yaml
+   ```
 
-          settings:
-            ui_url: http://localhost/login/settings
+3. Tell flux to reconcile the configuration
 
-          registration:
-            ui_url: http://localhost/login/registration
+   Normally flux will do this on some interval. We will tell flux to apply
+   the override immediately.
 
-
-hydra:
-  hydra:
-    config:
-      urls:
-        # For development we redirect to localhost (or your dev server)
-        login: http://localhost/login/auth
-        consent: http://localhost/login/consent
-        logout: http://localhost/login/logout
-
-
-```
-
-5. Install the single-sign-on helmchart
-
-So all is configured for local development, and we are good to go to configure
-our modified setup on our cluster:
-
-```
-cd helmchart/single-sign-on
-helm upgrade -f /to/a/path/my_cluster_values.yaml single-sign-on . -n stackspin --debug
-```
+   ```
+   flux reconcile kustomization core
+   flux reconcile helmrelease -n stackspin single-sign-on
+   ```
 
 ## Development
 
@@ -286,16 +226,10 @@ sudo systemctl reload nginx.service
 
 3. Run FLASK app
 
-Now it is time to start our flask app. Of course you can use a `virtualenv`, but
-it is not needed if your system has a modern package manager and as the
-app is designed to be compatible with those systems defaults, we can use OS
-based flask and python. Other requirements are still installed with PIP
-
-Lets install the requirements:
+Now it is time to start the flask app. Please sure you are using python 3 in your enviroment. And install the required dependencies:
 
 ```
 cd projectroot/login
-sudo apt-get install python3-flask python3-pip
 pip3 install -r requirements.txt
 ```