diff --git a/ansible/pre-deploy.yml b/ansible/pre-deploy.yml
index b5e6748..871ce28 100644
--- a/ansible/pre-deploy.yml
+++ b/ansible/pre-deploy.yml
@@ -33,12 +33,30 @@
         name: alerta
         service: postgres
 
-    - name: Configure the dokku app environment
-      dokku_config:
+    - name: Create application directories
+      become: true
+      file:
+        path: /var/lib/alerta
+        state: directory
+        owner: dokku
+        group: dokku
+
+    - name: Copy over templated configuration files
+      become: true
+      template:
+        src: "{{ item.src }}"
+        dest: "{{ item.dest }}"
+        owner: dokku
+        group: dokku
+      with_items:
+        - src: alertad.conf
+          dest: /var/lib/alerta/alertad.conf
+        - src: config.json
+          dest: /var/lib/alerta/config.json
+
+    - name: Specify docker volume mounts
+      dokku_storage:
         app: alerta
-        restart: false
-        config:
-          ADMIN_KEY: "{{ alerta_admin_key }}"
-          ADMIN_PASSWORD: "{{ alerta_admin_passwd }}"
-          DATABASE_NAME: "{{ db_name }}"
-          DATABASE_URL: "postgresql://{{ db_user }}:{{ db_passwd }}@{{ db_loc }}/{{ db_name }}"
+        mounts:
+          - /var/lib/alerta/alertad.conf:/app/alertad.conf
+          - /var/lib/alerta/config.json:/web/config.json
diff --git a/ansible/templates/alerta.conf b/ansible/templates/alerta.conf
deleted file mode 100644
index 0fff396..0000000
--- a/ansible/templates/alerta.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-[DEFAULT]
-sslverify = no
-output = psql
-endpoint = http://localhost:8080/api
-timezone = Europe/London
diff --git a/ansible/templates/alertad.conf b/ansible/templates/alertad.conf
index eded526..3e8db37 100644
--- a/ansible/templates/alertad.conf
+++ b/ansible/templates/alertad.conf
@@ -1,6 +1,15 @@
-DEBUG = True
-SECRET = "^Bpa%i8_nCAc8fI4l9)nhn2EG2!@GJga"
+SITE_LOGO_URL = 'https://www.coops.tech/images/coops/autonomic'
+
+DEBUG = False
+
+SECRET = "{{ alerta_secrey_key }}"
+
 AUTH_REQUIRED = True
+AUTH_PROVIDER = 'keycloak'
+
+KEYCLOAK_URL = "{{ keycloak_url }}"
+KEYCLOAK_REALM = "{{ keycloak_realm }}"
+ALLOWED_KEYCLOAK_ROLES = "{{ keycloak_roles }}"
 
 SEVERITY_MAP = {
     'fatal': 0,
@@ -17,8 +26,23 @@ SEVERITY_MAP = {
     'trace': 8,
     'unknown': 9
 }
+
 DEFAULT_NORMAL_SEVERITY = 'normal'  # 'normal', 'ok', 'cleared'
 DEFAULT_PREVIOUS_SEVERITY = 'indeterminate'
 
 PLUGINS = ['reject', 'blackout', 'geoip', 'normalise']
 GEOIP_URL = 'http://ip-api.com/json'
+
+DATABASE_URL = "postgresql://{{ db_user }}:{{ db_passwd }}@{{ db_loc }}/{{ db_name }}"
+DATABASE_NAME = "{{ db_name }}"
+
+EMAIL_VERIFICATION = False
+
+# Note(decentral1se): enable once we have mail addresses
+# https://docs.alerta.io/en/latest/configuration.html#email-settings
+# MAIL_FROM = 'TODO'
+# SMTP_HOST = 'TODO'
+# SMTP_PASSWORD = 'TODO'
+# SMTP_PORT = 'TODO'
+# SMTP_STARTTLS = 'TODO'
+# SMTP_USERNAME = 'TODO'
diff --git a/ansible/vars/all.yml b/ansible/vars/all.yml
index 55840b2..c5957c5 100644
--- a/ansible/vars/all.yml
+++ b/ansible/vars/all.yml
@@ -4,3 +4,6 @@ db_name: "alerta"
 db_user: "postgres"
 domain: "alerta.autonomic.zone"
 http_port: "8080"
+keycloak_realm: "Autonomic"
+keycloak_roles: "Worker-Owner"
+keycloak_url: "https://id.autonomic.zone"