diff --git a/adopt-secrets.sh b/adopt-secrets.sh
new file mode 100755
index 0000000000000000000000000000000000000000..71a911c9c705d13c5b548d1798431245ff8b83fb
--- /dev/null
+++ b/adopt-secrets.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+# Copied from Stackspin with slight adjustment to include all new secrets
+set -o errexit
+secrets=$(kubectl get -A 'stringsecrets.v1alpha1.secretgenerator.mittwald.de' | tail +2 | awk '{print $2}' | paste -s -d ' ')
+for secret in $secrets
+do
+  echo "Processing secret $secret"
+  if currentRefs=$(kubectl get secret -n flux-system $secret -o jsonpath={.metadata.ownerReferences})
+  then
+    if [ -n "$currentRefs" ]
+    then
+      echo "There are refs set already, skip."
+      continue
+    fi
+
+    uid=$(kubectl get stringsecret -n flux-system $secret -o jsonpath={.metadata.uid})
+    echo "Patching to add owner reference to StringSecret with uid $uid"
+    kubectl patch secret -n flux-system $secret --patch="{\"metadata\":{\"ownerReferences\":[{\"apiVersion\":\"secretgenerator.mittwald.de/v1alpha1\",\"blockOwnerDeletion\":true,\"controller\":true,\"kind\":\"StringSecret\",\"name\":\"$secret\",\"uid\":\"$uid\"}]}}"
+  else
+    echo "Secret does not exist; perhaps this is a new install or the app is not installed. Skipping."
+  fi
+done
+
+secrets="stackspin-alertmanager-basic-auth stackspin-prometheus-basic-auth"
+for secret in $secrets
+do
+  echo "Processing secret $secret"
+  if currentRefs=$(kubectl get secret -n stackspin $secret -o jsonpath={.metadata.ownerReferences})
+  then
+    if [ -n "$currentRefs" ]
+    then
+      echo "There are refs set already, skip."
+      continue
+    fi
+
+    uid=$(kubectl get basicauth -n stackspin $secret -o jsonpath={.metadata.uid})
+    echo "Patching to add owner reference to BasicAuth with uid $uid"
+    kubectl patch secret -n stackspin $secret --patch="{\"metadata\":{\"ownerReferences\":[{\"apiVersion\":\"secretgenerator.mittwald.de/v1alpha1\",\"blockOwnerDeletion\":true,\"controller\":true,\"kind\":\"BasicAuth\",\"name\":\"$secret\",\"uid\":\"$uid\"}]}}"
+  else
+    echo "Secret does not exist; perhaps this is a new install or the app is not installed. Skipping."
+  fi
+done
+
+echo "Done patching secrets."
+echo "Restarting secrets controller."
+if ! kubectl rollout restart deploy -n secrets-controller secrets-controller-kubernetes-secret-generator
+then
+  echo "Restarting failed. Possibly this is a new install and the secrets controller is not installed yet. Ignoring."
+fi
+echo "adopt-secrets completed"
diff --git a/infrastructure/sources/8gears-n8n-helmrepository.yaml b/infrastructure/sources/8gears.yaml
similarity index 85%
rename from infrastructure/sources/8gears-n8n-helmrepository.yaml
rename to infrastructure/sources/8gears.yaml
index 312cfc2cf8cd756ee84435d3a6a7c383a4c0603b..b043829cd6f11175832688df443b0c9f0adc22cd 100644
--- a/infrastructure/sources/8gears-n8n-helmrepository.yaml
+++ b/infrastructure/sources/8gears.yaml
@@ -1,7 +1,8 @@
+# 8gears for n8n
 apiVersion: source.toolkit.fluxcd.io/v1beta2
 kind: HelmRepository
 metadata:
-  name: 8gears-n8n
+  name: 8gears
   namespace: flux-system
 spec:
   interval: 60m
diff --git a/infrastructure/sources/calcom.yaml b/infrastructure/sources/calcom.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..cb0a3e63d019a7153a4fde0178bf84157ed4efa2
--- /dev/null
+++ b/infrastructure/sources/calcom.yaml
@@ -0,0 +1,8 @@
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: HelmRepository
+metadata:
+  name: calcom
+  namespace: flux-system
+spec:
+  interval: 60m
+  url: https://pyrrha.github.io/calcom-helm
diff --git a/infrastructure/sources/forgejo-helmrepository.yaml b/infrastructure/sources/forgejo.yaml
similarity index 100%
rename from infrastructure/sources/forgejo-helmrepository.yaml
rename to infrastructure/sources/forgejo.yaml
diff --git a/infrastructure/sources/gitea-helmrepository.yaml b/infrastructure/sources/gitea.yaml
similarity index 100%
rename from infrastructure/sources/gitea-helmrepository.yaml
rename to infrastructure/sources/gitea.yaml
diff --git a/infrastructure/sources/invoiceninja-helmrepository.yaml b/infrastructure/sources/invoiceninja.yaml
similarity index 100%
rename from infrastructure/sources/invoiceninja-helmrepository.yaml
rename to infrastructure/sources/invoiceninja.yaml
diff --git a/infrastructure/sources/robjuz-helmrepository.yaml b/infrastructure/sources/robjuz.yaml
similarity index 100%
rename from infrastructure/sources/robjuz-helmrepository.yaml
rename to infrastructure/sources/robjuz.yaml
diff --git a/infrastructure/sources/truecharts-helmrepository.yaml b/infrastructure/sources/truecharts.yaml
similarity index 100%
rename from infrastructure/sources/truecharts-helmrepository.yaml
rename to infrastructure/sources/truecharts.yaml
diff --git a/infrastructure/sources/vikunja-helmrepository.yaml b/infrastructure/sources/vikunja.yaml
similarity index 100%
rename from infrastructure/sources/vikunja-helmrepository.yaml
rename to infrastructure/sources/vikunja.yaml