diff --git a/ansible/group_vars/all/oas.yml b/ansible/group_vars/all/oas.yml
index 2a0dd84125561a9cef70a4dae9f843d6897179bd..95d9797fd922ea4761c52d77619308a15c392302 100644
--- a/ansible/group_vars/all/oas.yml
+++ b/ansible/group_vars/all/oas.yml
@@ -29,10 +29,16 @@ kubernetes_version: "v1.14.3-rancher1-1"
 git_charts_version: 'HEAD'
 git_local_storage_version: 'HEAD'
 # version of the https://open.greenhost.net/openappstack/nextcloud repo
-git_nextcloud_version: '569aedb4e8831fb81c84f4087c142b739b9e6521'
+git_nextcloud_version: 'd882b6952c32b5cce03e6ad9a534035ce6f01230'
 
 # Application versions
-# https://github.com/kubernetes-sigs/krew/releases
+helm:
+  # helm snap 2.15 broke for us
+  # (https://open.greenhost.net/openappstack/openappstack/issues/338), so we
+  # use a pinned version for now.
+  # We use the official helm install script for now which has no checksum.
+  version: '2.14.3'
+
 helmfile:
   # At the moment, helmfile doesn't provide sha256 sums,
   # see https://github.com/roboll/helmfile/issues/654
diff --git a/ansible/roles/apps/tasks/cert-manager.yml b/ansible/roles/apps/tasks/cert-manager.yml
index 7260efd02b9a5e87f388689da8b4964a9dcffa00..f8e0adff4f80a3cd2c543bea6218607de07dc7ec 100644
--- a/ansible/roles/apps/tasks/cert-manager.yml
+++ b/ansible/roles/apps/tasks/cert-manager.yml
@@ -47,7 +47,7 @@
   shell: |
     set -e -x -o pipefail
     /usr/local/bin/helmfile \
-    -b /snap/bin/helm \
+    -b /usr/local/bin/helm \
     -e oas \
     -f {{ data_directory }}/source/helmfiles/helmfile.d/05-cert-manager.yaml \
     apply \
diff --git a/ansible/roles/apps/tasks/helmfiles.yml b/ansible/roles/apps/tasks/helmfiles.yml
index 57e1494003465f0065b7ef09b533fb089dc819b9..37d6c33f57cf7543284365ff3f1c3fbdbcb07160 100644
--- a/ansible/roles/apps/tasks/helmfiles.yml
+++ b/ansible/roles/apps/tasks/helmfiles.yml
@@ -39,7 +39,7 @@
     - GRAFANA_ADMIN_PASSWORD: "{{ grafana_admin_password }}"
   shell: |
     set -e -x -o pipefail
-    /usr/local/bin/helmfile -b /snap/bin/helm -e oas \
+    /usr/local/bin/helmfile -b /usr/local/bin/helm -e oas \
     -f {{ data_directory }}/source/helmfiles/helmfile.d/{{ item }}.yaml \
     apply --suppress-secrets \
     | sed 's/\x1B\[[0-9;]*[JKmsu]//g' \
diff --git a/ansible/roles/configure/tasks/main.yml b/ansible/roles/configure/tasks/main.yml
index 3142009593cdf25f7a3cdf26fa4778add4c4de50..6ef0ad579ed40e2e11770776676d899a30676001 100644
--- a/ansible/roles/configure/tasks/main.yml
+++ b/ansible/roles/configure/tasks/main.yml
@@ -49,31 +49,63 @@
   set_fact:
     configuration_directory: "{{ configuration_directory }}"
 
-- name: Install helm snap
-  # helm needs to get installed as "classic" snap
-  command: snap install --classic helm
+- name: Remove old helm snap installation
+  tags:
+    - helm
+  command: snap remove helm
   args:
-    creates: /snap/bin/helm
+    removes: /snap/bin/helm
 
-- name: Create kubectl symlink to /usr/local/bin
-  file:
-    state: link
-    src: /snap/bin/helm
-    dest: /usr/local/bin/helm
+- name: Get current helm version
+  tags:
+    - helm
+  shell: helm version | grep 'Client' | cut -d'"' -f 2 | tr -d 'v'
+  failed_when: false
+  register: helm_version
+  changed_when: false
+
+- name: Show current helm version
+  tags:
+    - helm
+    - debug
+  debug:
+    msg: 'Current helm version is: {{ helm_version.stdout }}'
+
+- name: Download helm install script
+  tags:
+    - helm
+  get_url:
+    url: https://raw.githubusercontent.com/helm/helm/master/scripts/get
+    dest: /usr/local/bin/get-helm
+    force: yes
+    mode: '0755'
+  become: true
+
+- name: Install helm
+  tags:
+    - helm
+  command: /usr/local/bin/get-helm --version v{{ helm.version }}
+  when: helm_version.stdout != helm.version
 
 - name: Create helm plugins config directory
+  tags:
+    - helm
   file:
     state: directory
     path: /root/.helm/plugins
 
 - name: Install helm diff plugin
-  command: /snap/bin/helm plugin install https://github.com/databus23/helm-diff
+  tags:
+    - helm
+  command: /usr/local/bin/helm plugin install https://github.com/databus23/helm-diff
   args:
     creates: /root/.helm/plugins/helm-diff
 
 - name: Install helm git plugin
+  tags:
+    - helm
   # Use GH version until https://github.com/aslafy-z/helm-git/pull/11 is merged
-  command: /snap/bin/helm plugin install https://github.com/greenhost/helm-git --version bash-support
+  command: /usr/local/bin/helm plugin install https://github.com/greenhost/helm-git --version bash-support
   args:
     creates: /root/.helm/plugins/helm-git
 
diff --git a/ansible/roles/setup/tasks/tiller.yml b/ansible/roles/setup/tasks/tiller.yml
index 37fa1cf5a231012d87ad71c8d8d41a3821033369..e0570fdef0b993d604b78a801da342bb65237205 100644
--- a/ansible/roles/setup/tasks/tiller.yml
+++ b/ansible/roles/setup/tasks/tiller.yml
@@ -32,7 +32,7 @@
   tags:
     - helm
     - tiller
-  command: /snap/bin/helm ls
+  command: /usr/local/bin/helm ls
   failed_when: false
   register: helm_ls
   changed_when: false
@@ -41,7 +41,7 @@
   tags:
     - tiller
     - helm
-  command: /snap/bin/helm init --upgrade --service-account=tiller
+  command: /usr/local/bin/helm init --upgrade --service-account=tiller
   when: helm_ls.stderr.find('Error') != -1
 
 - name: Wait for tiller to become available
diff --git a/helmfiles/helmfile.d/20-nextcloud.yaml b/helmfiles/helmfile.d/20-nextcloud.yaml
index 0b7438bc9f03edebddcd7f6cbee2d32fae09bf2d..f1392b4be4bca8410596ba78f69a5ae5fcad0b03 100644
--- a/helmfiles/helmfile.d/20-nextcloud.yaml
+++ b/helmfiles/helmfile.d/20-nextcloud.yaml
@@ -8,8 +8,6 @@ repositories:
   - name: onlyoffice-documentserver
     url: git+https://open.greenhost.net/openappstack/nextcloud@onlyoffice-documentserver?ref=master
 
-
-
 releases:
   - name: "oas-{{ .Environment.Values.releaseName }}-files"
     namespace: "oas-apps"