diff --git a/helm/dbrepo/Chart.yaml b/helm/dbrepo/Chart.yaml
index 51d9407d3c40d9c84b0d95ffcbe222f62eaeab64..587a7b3b09c2a5421fd961fad34ff59cb185be82 100644
--- a/helm/dbrepo/Chart.yaml
+++ b/helm/dbrepo/Chart.yaml
@@ -28,17 +28,12 @@ dependencies:
     alias: datadb
     version: 11.0.1
     repository: https://charts.bitnami.com/bitnami
-    condition: datasb.enabled
+    condition: datadb.enabled
   - name: mariadb-galera
     alias: metadatadb
     version: 11.0.1
     repository: https://charts.bitnami.com/bitnami
     condition: metadatadb.enabled
-  - name: postgresql-ha
-    alias: authdb
-    version: 12.1.7
-    repository: https://charts.bitnami.com/bitnami
-    condition: authdb.enabled
   - name: rabbitmq
     alias: brokerservice
     version: 14.0.0
diff --git a/helm/dbrepo/Makefile b/helm/dbrepo/Makefile
index 51831e8e04c8fea16f8eaa2eabac6759e04fa641..07c03a280630491a4ddf6369341b0bee73c78f08 100644
--- a/helm/dbrepo/Makefile
+++ b/helm/dbrepo/Makefile
@@ -3,4 +3,5 @@ all:
 
 .PHONY: build
 build: ## Generate Helm values schema JSON
-	helm schema -input ./values.yaml
\ No newline at end of file
+	helm schema -input ./values.yaml
+	readme-generator-for-helm --readme README.md --values values.yaml
\ No newline at end of file
diff --git a/helm/dbrepo/README.md b/helm/dbrepo/README.md
index 0367c5329759f46b2171d533141a38484bc3a2f2..09372a950198ab2c6d658e30308303d41889fe16 100644
--- a/helm/dbrepo/README.md
+++ b/helm/dbrepo/README.md
@@ -10,23 +10,24 @@ sample [`values.yaml`](https://gitlab.phaidra.org/fair-data-austria-db-repositor
 for your deployment and update the variables, especially `hostname`.
 
 ```bash
-helm install my-release "oci://s210.dl.hpc.tuwien.ac.at/dbrepo/helm" --values ./values.yaml --version "__CHARTVERSION__"
+helm install my-release "oci://s210.dl.hpc.tuwien.ac.at/dbrepo/helm" --values ./values.yaml --version "1.4.3"
 ```
 
 ## Prerequisites
 
 * Kubernetes 1.24+
-* Kubernetes 3.8.0+
 * Optional PV provisioner support in the underlying infrastructure (for persistence).
-* Optional ingress support in the underlying infrastructure: e.g. [NGINX](https://docs.nginx.com/nginx-ingress-controller/) (for the UI).
-* Optional certificate provisioner support in the underlying infrastructure: e.g. [cert-manager](https://cert-manager.io/) (for production use).
+* Optional ingress support in the underlying infrastructure:
+  e.g. [NGINX](https://docs.nginx.com/nginx-ingress-controller/) (for the UI).
+* Optional certificate provisioner support in the underlying infrastructure:
+  e.g. [cert-manager](https://cert-manager.io/) (for production use).
 
 ## Installing the Chart
 
 To install the chart with the release name `my-release`:
 
 ```bash
-helm install my-release "oci://s210.dl.hpc.tuwien.ac.at/dbrepo/helm" --values ./values.yaml --version "__CHARTVERSION__"
+helm install my-release "oci://s210.dl.hpc.tuwien.ac.at/dbrepo/helm" --values ./values.yaml --version "1.4.3"
 ```
 
 The command deploys DBRepo on the Kubernetes cluster in the default configuration. The Parameters section lists the
@@ -46,216 +47,178 @@ The command removes all the Kubernetes components associated with the chart and
 
 ### Common parameters
 
-| Name            | Description                           | Value           |
-|-----------------|---------------------------------------|-----------------|
-| `namespace`     | Namespace which DBRepo is running in. | `""`            |
-| `hostname`      | The hostname for ingress rules.       | `""`            |
-| `strategyType`  | Deployments update strategy.          | `RollingUpdate` |
-| `clusterDomain` | Internal cluster domain.              | `cluster.local` |
+| Name            | Description                        | Value                 |
+| --------------- | ---------------------------------- | --------------------- |
+| `namespace`     | The namespace to install the chart | `dbrepo`              |
+| `hostname`      | The hostname.                      | `example.com`         |
+| `gateway`       | The gateway endpoint.              | `https://example.com` |
+| `strategyType`  | The image pull                     | `RollingUpdate`       |
+| `clusterDomain` | The cluster domain.                | `cluster.local`       |
 
-### Metadata Database
-
-The Metadata Database uses the [Bitnami MariaDB Galera](https://artifacthub.io/packages/helm/bitnami/mariadb-galera)
-Helm chart. See their documentation for the remaining overridden values.
-
-| Name                       | Description                               | Value         |
-|----------------------------|-------------------------------------------|---------------|
-| `metadataDb.host`          | Hostname.                                 | `metadata-db` |
-| `metadataDb.jdbcExtraArgs` | Extra arguments for the JDBC connections. | `""`          |
-
-### Authentication Service
+### Internal Admin User
 
-The Auth Service uses the [Bitnami Keycloak](https://artifacthub.io/packages/helm/bitnami/keycloak) Helm chart. See
-their documentation for the remaining overridden values.
+| Name             | Description                  | Value   |
+| ---------------- | ---------------------------- | ------- |
+| `admin.username` | The internal admin username. | `admin` |
+| `admin.password` | The internal admin password. | `admin` |
 
-| Name                        | Description                                                     | Value                              |
-|-----------------------------|-----------------------------------------------------------------|------------------------------------|
-| `authService.client.id`     | Client id. This value is publicly known.                        | `dbrepo-client`                    |
-| `authService.client.secret` | Client secret. This value should never be known outside DBRepo. | `MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG` |
-
-### Auth Database
-
-The Auth Database uses the [Bitnami PostgreSQL HA](https://artifacthub.io/packages/helm/bitnami/postgresql-ha) Helm
-chart. See their documentation for the remaining overridden values.
+### Metadata Database
 
-| Name          | Description                          | Value            |
-|---------------|--------------------------------------|------------------|
-| `authDb.host` | Hostname. Needed for other services. | `auth-db-pgpool` |
-| `authDb.port` | Port. Needed for other services.     | `5432`           |
+| Name                             | Description                                                    | Value         |
+| -------------------------------- | -------------------------------------------------------------- | ------------- |
+| `metadatadb.enabled`             | Enable the Metadata Database.                                  | `true`        |
+| `metadatadb.image.debug`         | Set the logging level to `trace`. Otherwise, set to `info`.    | `false`       |
+| `metadatadb.host`                | The hostname for the microservices.                            | `metadata-db` |
+| `metadatadb.rootUser.user`       | The root username.                                             | `root`        |
+| `metadatadb.rootUser.password`   | The root user password.                                        | `dbrepo`      |
+| `metadatadb.jdbcExtraArgs`       | The extra arguments for JDBC connections in the microservices. | `""`          |
+| `metadatadb.db.name`             | The database name.                                             | `fda`         |
+| `metadatadb.persistence.enabled` | Enable persistent storage. Requires PV-provisioner.            | `false`       |
+| `metadatadb.replicaCount`        | The number of replicas, should be uneven (2n+1).               | `3`           |
+
+### Auth Service
+
+| Name                             | Description                                                  | Value                                                                                                                                                                                                                                                                                                                                                                                                      |
+| -------------------------------- | ------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `authservice.enabled`            | Enable the Auth Service.                                     | `true`                                                                                                                                                                                                                                                                                                                                                                                                     |
+| `authservice.image.debug`        | Set the logging level to `trace`. Otherwise, set to `info`.  | `false`                                                                                                                                                                                                                                                                                                                                                                                                    |
+| `authservice.endpoint`           | The hostname for the microservices.                          | `http://auth-service`                                                                                                                                                                                                                                                                                                                                                                                      |
+| `authservice.auth.adminUser`     | The admin username.                                          | `fda`                                                                                                                                                                                                                                                                                                                                                                                                      |
+| `authservice.auth.adminPassword` | The admin user password.                                     | `fda`                                                                                                                                                                                                                                                                                                                                                                                                      |
+| `authservice.jwt.pubkey`         | The JWT public key from the `dbrepo-client`.                 | `MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB` |
+| `authservice.tls.enabled`        | Enable TLS/SSL communication. Required for HTTPS.            | `true`                                                                                                                                                                                                                                                                                                                                                                                                     |
+| `authservice.tls.existingSecret` | The secret containing the `tls.crt`, `tls.key` and `ca.crt`. | `ingress-cert`                                                                                                                                                                                                                                                                                                                                                                                             |
+| `authservice.tls.usePem`         | Use PEM certificates as input instead of PKS12/JKS stores.   | `true`                                                                                                                                                                                                                                                                                                                                                                                                     |
+| `authservice.metrics.enabled`    | Enable the Prometheus metrics export sidecar container.      | `false`                                                                                                                                                                                                                                                                                                                                                                                                    |
+| `authservice.client.id`          | The client id for the microservices.                         | `dbrepo-client`                                                                                                                                                                                                                                                                                                                                                                                            |
+| `authservice.client.secret`      | The client secret for the microservices.                     | `MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG`                                                                                                                                                                                                                                                                                                                                                                         |
 
 ### Data Database
 
-The Data Database uses the [Bitnami MariaDB Galera](https://artifacthub.io/packages/helm/bitnami/mariadb-galera)
-Helm chart. See their documentation for the remaining overridden values. It is important to note that the Data Database
-uses a sidecar to import/export files from the Storage Service.
+| Name                       | Description                                                 | Value    |
+| -------------------------- | ----------------------------------------------------------- | -------- |
+| `datadb.enabled`           | Enable the Data Database.                                   | `true`   |
+| `datadb.image.debug`       | Set the logging level to `trace`. Otherwise, set to `info`. | `false`  |
+| `datadb.rootUser.user`     | The root username.                                          | `root`   |
+| `datadb.rootUser.password` | The root user password.                                     | `dbrepo` |
+| `datadb.replicaCount`      | The number of replicas, should be uneven (2n+1).            | `3`      |
 
 ### Search Database
 
-The Search Database uses
-the [OpenSearch](https://artifacthub.io/packages/helm/opensearch-project-helm-charts/opensearch) Helm
-chart. See their documentation for the remaining overridden values.
-
-| Name                | Description                          | Value       |
-|---------------------|--------------------------------------|-------------|
-| `searchdb.host`     | Hostname. Needed for other services. | `search-db` |
-| `searchdb.port`     | Port. Needed for other services.     | `9200`      |
-| `searchdb.username` | Username. Needed for other services. | `admin`     |
-| `searchdb.password` | Password. Needed for other services. | `admin`     |
-
-### Search Database Dashboard
-
-The Search Database Dashboard uses
-the [OpenSearch](https://artifacthub.io/packages/helm/opensearch-project-helm-charts/opensearch-dashboards) Helm
-chart. See their documentation for the remaining overridden values.
+| Name                           | Description                                         | Value       |
+| ------------------------------ | --------------------------------------------------- | ----------- |
+| `searchdb.enabled`             | Enable the Search Database.                         | `true`      |
+| `searchdb.host`                | The hostname for the microservices.                 | `search-db` |
+| `searchdb.port`                | The port for the microservices.                     | `9200`      |
+| `searchdb.username`            | The admin username.                                 | `admin`     |
+| `searchdb.password`            | The admin user password.                            | `admin`     |
+| `searchdb.replicas`            | The number of replicas.                             | `3`         |
+| `searchdb.persistence.enabled` | Enable persistent storage. Requires PV-provisioner. | `true`      |
 
 ### Upload Service
 
-| Name                             | Description                            | Value             |
-|----------------------------------|----------------------------------------|-------------------|
-| `uploadService.enabled`          | Enables/disabled the deployment.       | `true`            |
-| `uploadService.image.registry`   | Registry to pull the image             | `docker.io`       |
-| `uploadService.image.repository` | Repository to pull the image           | `tusproject/tusd` |
-| `uploadService.image.tag`        | Tag of the image.                      | `v1.12`           |
-| `uploadService.replicaCount`     | Number of replicas for the deployment. | `2`               |
+| Name                         | Description                | Value  |
+| ---------------------------- | -------------------------- | ------ |
+| `uploadservice.enabled`      | Enable the Upload Service. | `true` |
+| `uploadservice.replicaCount` | The number of replicas.    | `2`    |
 
 ### Broker Service
 
-The Broker Service uses the [Bitnami RabbitMQ](https://artifacthub.io/packages/helm/bitnami/rabbitmq)
-Helm chart. See their documentation for the remaining overridden values.
-
-| Name                              | Description                                                             | Value                         |
-|-----------------------------------|-------------------------------------------------------------------------|-------------------------------|
-| `brokerService.url`               | Admin API endpoint. Needed for other services.                          | `http://broker-service:15672` |
-| `brokerService.host`              | Service hostname. Needed for other services.                            | `broker-service`              |
-| `brokerService.port`              | Service port. Needed for other services.                                | `5672`                        |
-| `brokerService.virtualHost`       | Virtual host on RabbitMQ. Needed for other services.                    | `dbrepo`                      |
-| `brokerService.queueName`         | Queue name on RabbitMQ. Needed for other services.                      | `dbrepo`                      |
-| `brokerService.exchangeName`      | Exchange name on RabbitMQ. Needed for other services.                   | `dbrepo`                      |
-| `brokerService.routingKey`        | Route binding for queue to exchange defined. Needed for other services. | `dbrepo.#`                    |
-| `brokerService.connectionTimeout` | Connection timeout. Needed for other services.                          | `60000`                       |
+| Name                                | Description                                                                     | Value                         |
+| ----------------------------------- | ------------------------------------------------------------------------------- | ----------------------------- |
+| `brokerservice.enabled`             | Enable the Broker Service.                                                      | `true`                        |
+| `brokerservice.endpoint`            | The management api endpoint for the microservices.                              | `http://broker-service:15672` |
+| `brokerservice.host`                | The hostname for the microservices.                                             | `broker-service`              |
+| `brokerservice.port`                | The port for the microservices.                                                 | `5672`                        |
+| `brokerservice.virtualHost`         | The default virtual host name.                                                  | `dbrepo`                      |
+| `brokerservice.queueName`           | The default queue name.                                                         | `dbrepo`                      |
+| `brokerservice.exchangeName`        | The default exchange name.                                                      | `dbrepo`                      |
+| `brokerservice.routingKey`          | The default routing key binding from the default queue to the default exchange. | `dbrepo.#`                    |
+| `brokerservice.connectionTimeout`   | The connection timeout in ms.                                                   | `60000`                       |
+| `brokerservice.persistence.enabled` | Enable persistent storage. Requires PV-provisioner.                             | `false`                       |
+| `brokerservice.replicaCount`        | The number of replicas.                                                         | `2`                           |
 
 ### Analyse Service
 
-| Name                              | Description                            | Value                      |
-|-----------------------------------|----------------------------------------|----------------------------|
-| `analyseService.enabled`          | Enables/disabled the deployment.       | `true`                     |
-| `analyseService.image.registry`   | Registry to pull the image             | `s210.dl.hpc.tuwien.ac.at` |
-| `analyseService.image.repository` | Repository to pull the image           | `dbrepo/analyse-service`   |
-| `analyseService.image.tag`        | Tag of the image.                      | `1.4.1`                    |
-| `analyseService.image.pullPolicy` | Image pull policy on deployments       | `Always`                   |
-| `analyseService.image.debug`      | Enables/disabled the debug logging.    | `false`                    |
-| `analyseService.replicaCount`     | Number of replicas for the deployment. | `2`                        |
+| Name                          | Description                                           | Value                           |
+| ----------------------------- | ----------------------------------------------------- | ------------------------------- |
+| `analyseservice.enabled`      | Enable the Broker Service.                            | `true`                          |
+| `analyseservice.s3.endpoint`  | The S3-capable endpoint the microservice connects to. | `http://storageservice-s3:9000` |
+| `analyseservice.replicaCount` | The number of replicas.                               | `2`                             |
 
 ### Metadata Service
 
-| Name                                       | Description                                                                      | Value                      |
-|--------------------------------------------|----------------------------------------------------------------------------------|----------------------------|
-| `metadataService.enabled`                  | Enables/disabled the deployment.                                                 | `true`                     |
-| `metadataService.image.registry`           | Registry to pull the image                                                       | `s210.dl.hpc.tuwien.ac.at` |
-| `metadataService.image.repository`         | Repository to pull the image                                                     | `dbrepo/metadata-service`  |
-| `metadataService.image.tag`                | Tag of the image.                                                                | `1.4.1`                    |
-| `metadataService.image.pullPolicy`         | Image pull policy on deployments                                                 | `Always`                   |
-| `metadataService.image.debug`              | Enables/disabled the debug logging.                                              | `false`                    |
-| `metadataService.adminEmail`               | E-Mail address of the administrator displayed for OAI-PMH.                       | `noreply@example.com`      |
-| `metadataService.authService.url`          | Url to the Auth Service.                                                         | `http://auth-service`      |
-| `metadataService.website`                  | Url to redirect PIDs to.                                                         | `http://example.com`       |
-| `metadataService.repositoryName`           | Repository name for OAI-PMH.                                                     | `Database Repository`      |
-| `metadataService.datacite.enabled`         | Enable/disable DataCite Fabrica DOI minting.                                     | `false`                    |
-| `metadataService.datacite.url`             | DataCite Fabrica API endpoint.                                                   | `https://api.datacite.org` |
-| `metadataService.datacite.prefix`          | DataCite Fabrica DOI prefix.                                                     | `""`                       |
-| `metadataService.datacite.username`        | DataCite Fabrica API username.                                                   | `""`                       |
-| `metadataService.datacite.password`        | DataCite Fabrica API password.                                                   | `""`                       |
-| `metadataService.rates.deleteStaleFiles`   | Interval rate to delete stale files in the Storage Service.                      | `60`                       |
-| `metadataService.rates.mirror`             | Interval rate to mirror to the Search Database.                                  | `60`                       |
-| `metadataService.rates.obtainMetadata`     | Interval rate to obtain metadata from the Data Database.                         | `60`                       |
-| `metadataService.rates.deleteStaleQueries` | Interval rate to delete stale queries from the Query Store in the Data Database. | `60`                       |
-| `metadataService.replicaCount`             | Number of replicas for the deployment.                                           | `2`                        |
+| Name                                       | Description                                                           | Value                           |
+| ------------------------------------------ | --------------------------------------------------------------------- | ------------------------------- |
+| `metadataservice.enabled`                  | Enable the Metadata Service.                                          | `true`                          |
+| `metadataservice.admin.email`              | The OAI-PMH exposed admin e-mail.                                     | `noreply@example.com`           |
+| `metadataservice.deletedRecord`            | The OAI-PMH exposed delete policy.                                    | `permanent`                     |
+| `metadataservice.repositoryName`           | The OAI-PMH exposed repository name.                                  | `Database Repository`           |
+| `metadataservice.granularity`              | The OAI-PMH exposed record granularity.                               | `YYYY-MM-DDThh:mm:ssZ`          |
+| `metadataservice.datacite.enabled`         | Enable the DataCite account for minting DOIs.                         | `false`                         |
+| `metadataservice.datacite.url`             | The DataCite api endpoint url.                                        | `https://api.datacite.org`      |
+| `metadataservice.datacite.prefix`          | The DataCite prefix.                                                  | `""`                            |
+| `metadataservice.datacite.username`        | The DataCite api username.                                            | `""`                            |
+| `metadataservice.datacite.password`        | The DataCite api user password.                                       | `""`                            |
+| `metadataservice.sparql.connectionTimeout` | The connection timeout for sparql queries fetching remote data in ms. | `10000`                         |
+| `metadataservice.s3.endpoint`              | The S3-capable endpoint the microservice connects to.                 | `http://storageservice-s3:9000` |
+| `metadataservice.s3.auth.username`         | The S3-capable endpoint username (or access key id).                  | `seaweedfsadmin`                |
+| `metadataservice.s3.auth.password`         | The S3-capable endpoint user password (or access key secret).         | `seaweedfsadmin`                |
+| `metadataservice.replicaCount`             | The number of replicas.                                               | `1`                             |
 
 ### Data Service
 
-| Name                                | Description                                      | Value                                                                                                                                                                                                                                                                                                                                                                                                      |
-|-------------------------------------|--------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `dataService.enabled`               | Enables/disabled the deployment.                 | `true`                                                                                                                                                                                                                                                                                                                                                                                                     |
-| `dataService.image.registry`        | Registry to pull the image                       | `s210.dl.hpc.tuwien.ac.at`                                                                                                                                                                                                                                                                                                                                                                                 |
-| `dataService.image.repository`      | Repository to pull the image                     | `dbrepo/data-service`                                                                                                                                                                                                                                                                                                                                                                                      |
-| `dataService.image.tag`             | Tag of the image.                                | `1.4.1`                                                                                                                                                                                                                                                                                                                                                                                                    |
-| `dataService.image.pullPolicy`      | Image pull policy on deployments                 | `Always`                                                                                                                                                                                                                                                                                                                                                                                                   |
-| `dataService.image.debug`           | Enables/disabled the debug logging.              | `false`                                                                                                                                                                                                                                                                                                                                                                                                    |
-| `dataService.jwt.pubkey`            | The JWT pubkey to verify JWT signature.          | `MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB` |
-| `dataService.consumerConcurrentMin` | The number of concurrent consumers (minimum).    | `1`                                                                                                                                                                                                                                                                                                                                                                                                        |
-| `dataService.consumerConcurrentMax` | The number of concurrent consumers (maximum).    | `5`                                                                                                                                                                                                                                                                                                                                                                                                        |
-| `dataService.requeueRejected`       | Requeue rejected tuples into the Broker Service. | `false`                                                                                                                                                                                                                                                                                                                                                                                                    |
-| `dataService.replicaCount`          | Number of replicas for the deployment.           | `2`                                                                                                                                                                                                                                                                                                                                                                                                        |
+| Name                                | Description                                                    | Value                                                                                                                       |
+| ----------------------------------- | -------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------- |
+| `dataservice.enabled`               | Enable the Metadata Service.                                   | `true`                                                                                                                      |
+| `dataservice.endpoint`              | The endpoint for the microservices.                            | `http://data-service`                                                                                                       |
+| `dataservice.grant.read`            | The default database permissions for users with read access.   | `SELECT`                                                                                                                    |
+| `dataservice.grant.write`           | The default database permissions for users with write access.  | `SELECT, CREATE, CREATE VIEW, CREATE ROUTINE, CREATE TEMPORARY TABLES, LOCK TABLES, INDEX, TRIGGER, INSERT, UPDATE, DELETE` |
+| `dataservice.s3.endpoint`           | The S3-capable endpoint the microservice connects to.          | `http://storageservice-s3:9000`                                                                                             |
+| `dataservice.s3.auth.username`      | The S3-capable endpoint username (or access key id).           | `seaweedfsadmin`                                                                                                            |
+| `dataservice.s3.auth.password`      | The S3-capable endpoint user password (or access key secret).  | `seaweedfsadmin`                                                                                                            |
+| `dataservice.consumerConcurrentMin` | The minimum broker service consumer number.                    | `1`                                                                                                                         |
+| `dataservice.consumerConcurrentMax` | The maximum broker service consumer number.                    | `5`                                                                                                                         |
+| `dataservice.requeueRejected`       | Enable re-queueing of rejected messages to the broker service. | `false`                                                                                                                     |
+| `dataservice.replicaCount`          | The number of replicas.                                        | `2`                                                                                                                         |
 
 ### Search Service
 
-| Name                             | Description                            | Value                      |
-|----------------------------------|----------------------------------------|----------------------------|
-| `searchService.enabled`          | Enables/disabled the deployment.       | `true`                     |
-| `searchService.image.registry`   | Registry to pull the image             | `s210.dl.hpc.tuwien.ac.at` |
-| `searchService.image.repository` | Repository to pull the image           | `dbrepo/search-service`    |
-| `searchService.image.tag`        | Tag of the image.                      | `1.4.1`                    |
-| `searchService.image.pullPolicy` | Image pull policy on deployments       | `Always`                   |
-| `searchService.image.debug`      | Enables/disabled the debug logging.    | `false`                    |
-| `searchService.replicaCount`     | Number of replicas for the deployment. | `2`                        |
+| Name                         | Description                         | Value                   |
+| ---------------------------- | ----------------------------------- | ----------------------- |
+| `searchservice.enabled`      | Enable the Search Service.          | `true`                  |
+| `searchservice.endpoint`     | The endpoint for the microservices. | `http://search-service` |
+| `searchservice.replicaCount` | The number of replicas.             | `2`                     |
 
 ### Storage Service
 
-The Storage Service uses the [SeaweedFS](https://artifacthub.io/packages/helm/seaweedfs/seaweedfs)
-Helm chart. See their documentation for the remaining overridden values.
-
-| Name                           | Description                                 | Value            |
-|--------------------------------|---------------------------------------------|------------------|
-| `storageservice.auth.username` | Username for S3. Needed for other services. | `seaweedfsadmin` |
-| `storageservice.auth.password` | Password for S3. Needed for other services. | `seaweedfsadmin` |
+| Name                     | Description                 | Value  |
+| ------------------------ | --------------------------- | ------ |
+| `storageservice.enabled` | Enable the Storage Service. | `true` |
 
 ### User Interface
 
-To replace e.g. the default logo with your organization's logo `my_logo.png`, encode it to
-base64 `cat my_logo.png | base64` and create a [ConfigMap](https://kubernetes.io/docs/concepts/configuration/configmap/)
-under a handy name `my-config`.
-
-```yaml
-# my-config.yaml
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: my-config
-binaryData:
-  my_logo.png: |
-    <output from `cat my_logo.png | base64`>
-```
-
-Then mount it into the container:
-
-```yaml
-# values.yaml
-ui:
-  extraVolumes:
-    - name: config-map
-      configMap:
-        name: my-config
-  extraVolumeMounts:
-    - name: config-map
-      mountPath: /app/my_logo.png
-      subPath: my_logo.png
-      readOnly: true
-  ...
-```
-
-| Name                   | Description                                                                                                                                                                                             | Value                      |
-|------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------|
-| `ui.enabled`           | Enables/disabled the deployment.                                                                                                                                                                        | `enabled`                  |
-| `ui.image.registry`    | Registry to pull the image                                                                                                                                                                              | `s210.dl.hpc.tuwien.ac.at` |
-| `ui.image.repository`  | Repository to pull the image                                                                                                                                                                            | `dbrepo/ui`                |
-| `ui.image.tag`         | Tag of the image.                                                                                                                                                                                       | `1.4.1`                    |
-| `ui.image.pullPolicy`  | Image pull policy on deployments                                                                                                                                                                        | `Always`                   |
-| `ui.replicaCount`      | Number of replicas for the deployment.                                                                                                                                                                  | `2`                        |
-| `ui.config`            | JSON file containting the configuration of the UI. See [`dbrepo.config.json`](https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/blob/release-v1.4/dbrepo-ui/dbrepo.config.json) | `2`                        |
-| `ui.extraVolumes`      | List of extra volumes.                                                                                                                                                                                  | `[]`                       |
-| `ui.extraVolumeMounts` | List of extra volume mounts.                                                                                                                                                                            | `[]`                       |
-
-## Ingress
-
-The deployment depends on ingress, by default ingress is configured
-for [NGINX Ingress Controller](https://github.com/kubernetes/ingress-nginx) with annotations.
\ No newline at end of file
+| Name                              | Description                                                                  | Value                   |
+| --------------------------------- | ---------------------------------------------------------------------------- | ----------------------- |
+| `ui.enabled`                      | Enable the User Interface.                                                   | `true`                  |
+| `ui.public.api.client`            | The endpoint for the client api.                                             | `""`                    |
+| `ui.public.api.server`            | The endpoint for the server api.                                             | `""`                    |
+| `ui.public.title`                 | The user interface title.                                                    | `Database Repository`   |
+| `ui.public.logo`                  | The user interface logo.                                                     | `/logo.svg`             |
+| `ui.public.icon`                  | The user interface icon.                                                     | `/favicon.ico`          |
+| `ui.public.touch`                 | The user interface apple touch icon.                                         | `/apple-touch-icon.png` |
+| `ui.public.broker.host`           | The displayed broker hostname.                                               | `example.com`           |
+| `ui.public.broker.port.5671`      | Enable display of the broker 5671 port and mark it as secure (SSL/TLS).      | `true`                  |
+| `ui.public.broker.port.5672`      | Enable display of the broker 5672 port and mark it as insecure (no SSL/TLS). | `false`                 |
+| `ui.public.broker.extra`          | Extra metadata displayed.                                                    | `""`                    |
+| `ui.public.database.extra`        | Extra metadata displayed.                                                    | `128.130.0.0/15`        |
+| `ui.public.pid.default.publisher` | The default dataset publisher for persisted identifiers.                     | `Example University`    |
+| `ui.public.doi.enabled`           | Enable the display that DOIs are minted.                                     | `false`                 |
+| `ui.public.doi.endpoint`          | The DOI proxy.                                                               | `https://doi.org`       |
+| `ui.replicaCount`                 | The number of replicas.                                                      | `2`                     |
+
+### Ingress
+
+| Name              | Description         | Value   |
+| ----------------- | ------------------- | ------- |
+| `ingress.enabled` | Enable the ingress. | `false` |
diff --git a/helm/dbrepo/charts/postgresql-ha-12.1.7.tgz b/helm/dbrepo/charts/postgresql-ha-12.1.7.tgz
deleted file mode 100644
index a534ebb28b1138ee626c4f8fab2a483cf9ae5504..0000000000000000000000000000000000000000
Binary files a/helm/dbrepo/charts/postgresql-ha-12.1.7.tgz and /dev/null differ
diff --git a/helm/dbrepo/templates/analyse-deployment.yaml b/helm/dbrepo/templates/analyse-deployment.yaml
index a1ba492ca1608cd9ed2d9389049cf06ba48510de..0cdb067ef7218710509f5febdb900b611e6d9f45 100644
--- a/helm/dbrepo/templates/analyse-deployment.yaml
+++ b/helm/dbrepo/templates/analyse-deployment.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.analyseService.enabled }}
+{{- if .Values.analyseservice.enabled }}
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -9,7 +9,7 @@ metadata:
     app: analyse-service
     service: analyse-service
 spec:
-  replicas: {{ .Values.analyseService.replicaCount }}
+  replicas: {{ .Values.analyseservice.replicaCount }}
   strategy:
     type: {{ .Values.strategyType }}
   selector:
@@ -29,15 +29,15 @@ spec:
         runAsGroup: 1001
       containers:
         - name: analyse-service
-          image: {{ .Values.analyseService.image.name }}
-          imagePullPolicy: {{ .Values.analyseService.image.pullPolicy | default "IfNotPresent" }}
+          image: {{ .Values.analyseservice.image.name }}
+          imagePullPolicy: {{ .Values.analyseservice.image.pullPolicy | default "IfNotPresent" }}
           securityContext:
             allowPrivilegeEscalation: false
             runAsNonRoot: true
             runAsUser: 1001
             runAsGroup: 1001
             seccompProfile:
-              type: {{ .Values.analyseService.profileType | default "RuntimeDefault" }}
+              type: {{ .Values.analyseservice.profileType | default "RuntimeDefault" }}
             capabilities:
               drop:
                 - ALL
diff --git a/helm/dbrepo/templates/analyse-secret.yaml b/helm/dbrepo/templates/analyse-secret.yaml
index a0639738ee12169d18e270edbe8af04dd5db6213..e995182e17823ad788472aa32e586fdaa21ef074 100644
--- a/helm/dbrepo/templates/analyse-secret.yaml
+++ b/helm/dbrepo/templates/analyse-secret.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.analyseService.enabled }}
+{{- if .Values.analyseservice.enabled }}
 ---
 apiVersion: v1
 kind: Secret
@@ -15,9 +15,9 @@ stringData:
   AUTH_SERVICE_HOST: "{{ .Values.authservice.endpoint }}"
   GATEWAY_SERVICE_ENDPOINT: "{{ .Values.gateway }}"
   JWT_PUBKEY: "{{ .Values.authservice.jwt.pubkey }}"
-  LOG_LEVEL: "{{ ternary "DEBUG" "INFO" .Values.analyseService.image.debug }}"
+  LOG_LEVEL: "{{ ternary "DEBUG" "INFO" .Values.analyseservice.image.debug }}"
   S3_ACCESS_KEY_ID: "{{ .Values.storageservice.s3.auth.username }}"
-  S3_ENDPOINT: "{{ .Values.analyseService.s3.endpoint }}"
+  S3_ENDPOINT: "{{ .Values.analyseservice.s3.endpoint }}"
   S3_EXPORT_BUCKET: "{{ .Values.storageservice.s3.bucket.export }}"
   S3_IMPORT_BUCKET: "{{ .Values.storageservice.s3.bucket.import }}"
   S3_SECRET_ACCESS_KEY: "{{ .Values.storageservice.s3.auth.password }}"
diff --git a/helm/dbrepo/templates/analyse-service.yaml b/helm/dbrepo/templates/analyse-service.yaml
index e8a48b33f5882a9db5ac10f0c6f51e4f11a3196a..98720e3e4656c8fd80f1fff35b27a02846371cd1 100644
--- a/helm/dbrepo/templates/analyse-service.yaml
+++ b/helm/dbrepo/templates/analyse-service.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.analyseService.enabled }}
+{{- if .Values.analyseservice.enabled }}
 ---
 apiVersion: v1
 kind: Service
diff --git a/helm/dbrepo/templates/data-db-secret.yaml b/helm/dbrepo/templates/data-db-secret.yaml
index 43c85b86655b78bec8142e7db45219c0fa6219ae..7b42140e581c604847929e3f9e32ad116fd27b51 100644
--- a/helm/dbrepo/templates/data-db-secret.yaml
+++ b/helm/dbrepo/templates/data-db-secret.yaml
@@ -8,5 +8,5 @@ metadata:
 stringData:
   S3_ACCESS_KEY_ID: "{{ .Values.storageservice.s3.auth.username }}"
   S3_SECRET_ACCESS_KEY: "{{ .Values.storageservice.s3.auth.password }}"
-  S3_STORAGE_ENDPOINT: "{{ .Values.analyseService.s3.endpoint }}"
+  S3_STORAGE_ENDPOINT: "{{ .Values.analyseservice.s3.endpoint }}"
 {{- end }}
diff --git a/helm/dbrepo/values.schema.json b/helm/dbrepo/values.schema.json
index 964c6085587c4bf51a8525399e5007ae94930ebe..4d1825c403fac0b727c384831c1bfa50a54d191d 100644
--- a/helm/dbrepo/values.schema.json
+++ b/helm/dbrepo/values.schema.json
@@ -12,7 +12,7 @@
             },
             "type": "object"
         },
-        "analyseService": {
+        "analyseservice": {
             "properties": {
                 "enabled": {
                     "type": "boolean"
diff --git a/helm/dbrepo/values.yaml b/helm/dbrepo/values.yaml
index aea20d2a67e9b4c8809026cad14874dbe897f7d4..6817e949ff87e13e78340559514a3df35e64781e 100644
--- a/helm/dbrepo/values.yaml
+++ b/helm/dbrepo/values.yaml
@@ -1,15 +1,51 @@
+# Copyright the DBRepo developers
+# SPDX-License-Identifier: APACHE-2.0
+
+## @section Common parameters
+##
+
+## @param namespace The namespace to install the chart
+##
 namespace: dbrepo
+## @param hostname The hostname.
+##
 hostname: example.com
+## @param gateway The gateway endpoint.
+##
 gateway: https://example.com
-
+## @param strategyType The image pull
+##
 strategyType: RollingUpdate
-
+## @param clusterDomain The cluster domain.
+##
 clusterDomain: cluster.local
 
+## @section Internal Admin User
+
+## @param admin.username The internal admin username.
+## @param admin.password The internal admin password.
+##
 admin:
   username: admin
   password: admin
 
+## @section Metadata Database
+
+## @param metadatadb.enabled Enable the Metadata Database.
+## @skip metadatadb.fullnameOverride
+## @param metadatadb.image.debug Set the logging level to `trace`. Otherwise, set to `info`.
+## @param metadatadb.host The hostname for the microservices.
+## @param metadatadb.rootUser.user The root username.
+## @param metadatadb.rootUser.password The root user password.
+## @param metadatadb.jdbcExtraArgs The extra arguments for JDBC connections in the microservices.
+## @param metadatadb.db.name The database name.
+## @skip metadatadb.metrics.enabled The Prometheus settings.
+## @skip metadatadb.galera The Galera settings.
+## @skip metadatadb.initdbScriptsConfigMap The initial database scripts.
+## @skip metadatadb.service The initial database scripts.
+## @param metadatadb.persistence.enabled Enable persistent storage. Requires PV-provisioner.
+## @param metadatadb.replicaCount The number of replicas, should be uneven (2n+1).
+##
 metadatadb:
   enabled: true
   fullnameOverride: metadata-db
@@ -35,9 +71,31 @@ metadatadb:
     loadBalancerIP: ""
     loadBalancerSourceRanges: [ ]
   persistence:
-    enabled: true
-  replicaCount: 1 # uneven 3,5,7
+    enabled: false
+  replicaCount: 3
+
+## @section Auth Service
 
+## @param authservice.enabled Enable the Auth Service.
+## @skip authservice.fullnameOverride
+## @param authservice.image.debug Set the logging level to `trace`. Otherwise, set to `info`.
+## @param authservice.endpoint The hostname for the microservices.
+## @param authservice.auth.adminUser The admin username.
+## @param authservice.auth.adminPassword The admin user password.
+## @skip authservice.postgresql
+## @skip authservice.extraStartupArgs
+## @param authservice.jwt.pubkey The JWT public key from the `dbrepo-client`.
+## @param authservice.tls.enabled Enable TLS/SSL communication. Required for HTTPS.
+## @param authservice.tls.existingSecret The secret containing the `tls.crt`, `tls.key` and `ca.crt`.
+## @param authservice.tls.usePem Use PEM certificates as input instead of PKS12/JKS stores.
+## @param authservice.metrics.enabled Enable the Prometheus metrics export sidecar container.
+## @param authservice.client.id The client id for the microservices.
+## @param authservice.client.secret The client secret for the microservices.
+## @skip authservice.extraEnvVarsCM
+## @skip authservice.extraVolumes
+## @skip authservice.extraVolumeMounts
+## @skip authservice.replicaCount The number of replicas.
+##
 authservice:
   enabled: true
   fullnameOverride: auth-service
@@ -48,7 +106,9 @@ authservice:
     adminUser: fda
     adminPassword: fda
   postgresql:
-    enabled: false # not needed
+    enabled: true
+    auth:
+      postgresPassword: postgres
   extraStartupArgs: "--import-realm"
   jwt:
     pubkey: "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB"
@@ -57,14 +117,7 @@ authservice:
     existingSecret: ingress-cert
     usePem: true
   metrics:
-    enabled: true
-  externalDatabase:
-    existingSecret: auth-service-secret
-    existingSecretDatabaseKey: db-name
-    existingSecretHostKey: db-host
-    existingSecretPortKey: db-port
-    existingSecretUserKey: db-username
-    existingSecretPasswordKey: db-password
+    enabled: false
   client:
     id: dbrepo-client
     secret: MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG
@@ -78,32 +131,22 @@ authservice:
       mountPath: /opt/bitnami/keycloak/data/import
   replicaCount: 1
 
-authdb:
-  enabled: true
-  fullnameOverride: auth-db
-  host: auth-db-pgpool
-  port: 5432
-  postgresql:
-    postgresPassword: postgres
-    username: metrics # implicit requirement for metrics container
-    password: metrics # implicit requirement for metrics container
-    repmgrPassword: repmgr # implicit requirement for rolling updates
-    database: keycloak
-    replicaCount: 1
-  pgpool:
-    adminUsername: admin
-    adminPassword: admin
-  metrics:
-    enabled: true
-  service:
-    type: ClusterIP
-    annotations: { }
-    loadBalancerIP: ""
-    loadBalancerSourceRanges: [ ]
-  persistence:
-    enabled: true
-    size: 10Gi
+## @section Data Database
 
+## @param datadb.enabled Enable the Data Database.
+## @skip datadb.fullnameOverride
+## @param datadb.image.debug Set the logging level to `trace`. Otherwise, set to `info`.
+## @skip datadb.extraFlags
+## @param datadb.rootUser.user The root username.
+## @param datadb.rootUser.password The root user password.
+## @skip datadb.metrics.enabled The Prometheus settings.
+## @skip datadb.galera The Galera settings.
+## @skip datadb.service
+## @skip datadb.sidecars
+## @skip datadb.extraVolumeMounts
+## @skip datadb.extraVolumes
+## @param datadb.replicaCount The number of replicas, should be uneven (2n+1).
+##
 datadb:
   enabled: true
   fullnameOverride: data-db
@@ -169,11 +212,29 @@ datadb:
       mountPath: /tmp
   extraVolumes:
     - name: s3
-      emptyDir: {}
-  s3:
-    enabled: true
-  replicaCount: 1 # uneven
+      emptyDir: { }
+  replicaCount: 3
+
+## @section Search Database
 
+## @param searchdb.enabled Enable the Search Database.
+## @skip searchdb.fullnameOverride
+## @param searchdb.host The hostname for the microservices.
+## @param searchdb.port The port for the microservices.
+## @skip searchdb.protocol
+## @param searchdb.username The admin username.
+## @param searchdb.password The admin user password.
+## @skip searchdb.clusterName
+## @skip searchdb.masterService
+## @param searchdb.replicas The number of replicas.
+## @skip searchdb.sysctlInit
+## @param searchdb.persistence.enabled Enable persistent storage. Requires PV-provisioner.
+## @skip searchdb.service
+## @skip searchdb.extraEnvs
+## @skip searchdb.extraVolumeMounts
+## @skip searchdb.extraVolumes
+## @skip searchdb.config
+##
 searchdb:
   enabled: true
   fullnameOverride: search-db
@@ -184,14 +245,11 @@ searchdb:
   password: admin
   clusterName: search-db
   masterService: search-db
-  replicas: 1
-  image:
-    debug: false
+  replicas: 3
   sysctlInit:
     enabled: true
   persistence:
     enabled: true
-    size: 10Gi
   service:
     type: ClusterIP
     annotations: { }
@@ -252,6 +310,15 @@ searchdb:
                 ".opendistro-asynchronous-search-response*",
               ]
 
+## @section Upload Service
+
+## @param uploadservice.enabled Enable the Upload Service.
+## @skip uploadservice.fullnameOverride
+## @skip uploadservice.image
+## @skip uploadservice.containerArgs
+## @skip uploadservice.envFrom
+## @param uploadservice.replicaCount The number of replicas.
+##
 uploadservice:
   enabled: true
   fullnameOverride: upload-service
@@ -265,8 +332,30 @@ uploadservice:
   envFrom:
     - secretRef:
         name: upload-service-secret
-  replicaCount: 1
+  replicaCount: 2
+
+## @section Broker Service
 
+## @param brokerservice.enabled Enable the Broker Service.
+## @skip brokerservice.fullnameOverride
+## @skip brokerservice.image
+## @param brokerservice.endpoint The management api endpoint for the microservices.
+## @param brokerservice.host The hostname for the microservices.
+## @param brokerservice.port The port for the microservices.
+## @param brokerservice.virtualHost The default virtual host name.
+## @param brokerservice.queueName The default queue name.
+## @param brokerservice.exchangeName The default exchange name.
+## @param brokerservice.routingKey The default routing key binding from the default queue to the default exchange.
+## @param brokerservice.connectionTimeout The connection timeout in ms.
+## @skip brokerservice.auth
+## @skip brokerservice.extraConfiguration
+## @skip brokerservice.loadDefinition
+## @skip brokerservice.extraVolumes
+## @skip brokerservice.extraPlugins
+## @param brokerservice.persistence.enabled Enable persistent storage. Requires PV-provisioner.
+## @skip brokerservice.service
+## @param brokerservice.replicaCount The number of replicas.
+##
 brokerservice:
   enabled: true
   fullnameOverride: broker-service
@@ -321,14 +410,20 @@ brokerservice:
   extraPlugins: rabbitmq_prometheus rabbitmq_auth_backend_oauth2 rabbitmq_auth_mechanism_ssl
   persistence:
     enabled: false
-    size: 5Gi
   service:
     type: ClusterIP
     managerPortEnabled: true
     # loadBalancerIP:
-  replicaCount: 1
+  replicaCount: 2
 
-analyseService:
+## @section Analyse Service
+
+## @param analyseservice.enabled Enable the Broker Service.
+## @skip analyseservice.image
+## @param analyseservice.s3.endpoint The S3-capable endpoint the microservice connects to.
+## @param analyseservice.replicaCount The number of replicas.
+##
+analyseservice:
   enabled: true
   image:
     name: s210.dl.hpc.tuwien.ac.at/dbrepo/analyse-service:1.4.3
@@ -336,8 +431,28 @@ analyseService:
     debug: false
   s3:
     endpoint: http://storageservice-s3:9000
-  replicaCount: 1
+  replicaCount: 2
+
+## @section Metadata Service
 
+## @param metadataservice.enabled Enable the Metadata Service.
+## @skip metadataservice.image
+## @param metadataservice.admin.email The OAI-PMH exposed admin e-mail.
+## @param metadataservice.deletedRecord The OAI-PMH exposed delete policy.
+## @param metadataservice.repositoryName The OAI-PMH exposed repository name.
+## @param metadataservice.granularity The OAI-PMH exposed record granularity.
+## @param metadataservice.datacite.enabled Enable the DataCite account for minting DOIs.
+## @param metadataservice.datacite.url The DataCite api endpoint url.
+## @param metadataservice.datacite.prefix The DataCite prefix.
+## @param metadataservice.datacite.username The DataCite api username.
+## @param metadataservice.datacite.password The DataCite api user password.
+## @param metadataservice.sparql.connectionTimeout The connection timeout for sparql queries fetching remote data in ms.
+## @param metadataservice.s3.endpoint The S3-capable endpoint the microservice connects to.
+## @skip metadataservice.s3.bucket
+## @param metadataservice.s3.auth.username The S3-capable endpoint username (or access key id).
+## @param metadataservice.s3.auth.password The S3-capable endpoint user password (or access key secret).
+## @param metadataservice.replicaCount The number of replicas.
+##
 metadataservice:
   enabled: true
   image:
@@ -365,8 +480,24 @@ metadataservice:
     auth:
       username: seaweedfsadmin
       password: seaweedfsadmin
-  replicaCount: 1
+  replicaCount: 2
+
+## @section Data Service
 
+## @param dataservice.enabled Enable the Metadata Service.
+## @param dataservice.endpoint The endpoint for the microservices.
+## @skip dataservice.image
+## @param dataservice.grant.read The default database permissions for users with read access.
+## @param dataservice.grant.write The default database permissions for users with write access.
+## @param dataservice.s3.endpoint The S3-capable endpoint the microservice connects to.
+## @skip dataservice.s3.bucket
+## @param dataservice.s3.auth.username The S3-capable endpoint username (or access key id).
+## @param dataservice.s3.auth.password The S3-capable endpoint user password (or access key secret).
+## @param dataservice.consumerConcurrentMin The minimum broker service consumer number.
+## @param dataservice.consumerConcurrentMax The maximum broker service consumer number.
+## @param dataservice.requeueRejected Enable re-queueing of rejected messages to the broker service.
+## @param dataservice.replicaCount The number of replicas.
+##
 dataservice:
   enabled: true
   endpoint: http://data-service
@@ -388,8 +519,16 @@ dataservice:
   consumerConcurrentMin: 1
   consumerConcurrentMax: 5
   requeueRejected: false
-  replicaCount: 1
+  replicaCount: 2
 
+## @section Search Service
+
+## @param searchservice.enabled Enable the Search Service.
+## @param searchservice.endpoint The endpoint for the microservices.
+## @skip searchservice.image
+## @skip searchservice.init
+## @param searchservice.replicaCount The number of replicas.
+##
 searchservice:
   enabled: true
   endpoint: http://search-service
@@ -401,8 +540,17 @@ searchservice:
     image:
       name: s210.dl.hpc.tuwien.ac.at/dbrepo/search-service-init:1.4.3
       pullPolicy: Always
-  replicaCount: 1
+  replicaCount: 2
+
+## @section Storage Service
 
+## @param storageservice.enabled Enable the Storage Service.
+## @skip storageservice.master
+## @skip storageservice.filer
+## @skip storageservice.volume
+## @skip storageservice.s3
+## @skip storageservice.init
+##
 storageservice:
   enabled: true
   master:
@@ -440,6 +588,29 @@ storageservice:
     image: s210.dl.hpc.tuwien.ac.at/dbrepo/storage-service-init:1.4.3
     pullPolicy: Always
 
+## @section User Interface
+
+## @param ui.enabled Enable the User Interface.
+## @skip ui.image
+## @param ui.public.api.client The endpoint for the client api.
+## @param ui.public.api.server The endpoint for the server api.
+## @param ui.public.title The user interface title.
+## @param ui.public.logo The user interface logo.
+## @param ui.public.icon The user interface icon.
+## @param ui.public.touch The user interface apple touch icon.
+## @param ui.public.broker.host The displayed broker hostname.
+## @param ui.public.broker.port.5671 Enable display of the broker 5671 port and mark it as secure (SSL/TLS).
+## @param ui.public.broker.port.5672 Enable display of the broker 5672 port and mark it as insecure (no SSL/TLS).
+## @param ui.public.broker.extra Extra metadata displayed.
+## @param ui.public.database.extra Extra metadata displayed.
+## @skip ui.public.links
+## @param ui.public.pid.default.publisher The default dataset publisher for persisted identifiers.
+## @param ui.public.doi.enabled Enable the display that DOIs are minted.
+## @param ui.public.doi.endpoint The DOI proxy.
+## @param ui.replicaCount The number of replicas.
+## @skip ui.extraVolumes
+## @skip ui.extraVolumeMounts
+##
 ui:
   enabled: true
   image:
@@ -459,7 +630,7 @@ ui:
       port:
         5671: true
         5672: false
-      extra: "128.130.0.0/15"
+      extra: ""
     database:
       extra: "128.130.0.0/15"
     links:
@@ -475,7 +646,7 @@ ui:
     doi:
       enabled: false
       endpoint: https://doi.org
-  replicaCount: 1
+  replicaCount: 2
   extraVolumes: [ ]
   #  - name: images-map
   #    configMap:
@@ -485,36 +656,43 @@ ui:
   #    mountPath: /static/logo.svg
   #    subPath: logo.svg
 
+## @section Ingress
+
+## @param ingress.enabled Enable the ingress.
+## @skip ingress.className
+## @skip ingress.tls
+## @skip ingress.annotations
+##
 ingress:
-  enabled: true
+  enabled: false
   className: nginx
   tls:
     enabled: true
     secretName: ingress-cert
   annotations:
-    basic: {}
-#      nginx.org/path-regex: "case_sensitive"
-#      nginx.ingress.kubernetes.io/use-regex: "true"
-#      cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
+    basic: { }
+    #      nginx.org/path-regex: "case_sensitive"
+    #      nginx.ingress.kubernetes.io/use-regex: "true"
+    #      cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
     rewriteApi:
-#      nginx.org/path-regex: "case_sensitive"
-#      cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
+      #      nginx.org/path-regex: "case_sensitive"
+      #      cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
       nginx.ingress.kubernetes.io/use-regex: "true"
       nginx.ingress.kubernetes.io/rewrite-target: /api/$1
     rewriteRoot:
-#      nginx.org/path-regex: "case_sensitive"
-#      cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
+      #      nginx.org/path-regex: "case_sensitive"
+      #      cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
       nginx.ingress.kubernetes.io/use-regex: "true"
       nginx.ingress.kubernetes.io/rewrite-target: /$1
     rewriteRootSecure:
-#      nginx.org/path-regex: "case_sensitive"
-#      cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
+      #      nginx.org/path-regex: "case_sensitive"
+      #      cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
       nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
       nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
       nginx.ingress.kubernetes.io/use-regex: "true"
       nginx.ingress.kubernetes.io/rewrite-target: /$1
     rewritePid:
-#      nginx.org/path-regex: "case_sensitive"
-#      cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
+      #      nginx.org/path-regex: "case_sensitive"
+      #      cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer
       nginx.ingress.kubernetes.io/use-regex: "true"
       nginx.ingress.kubernetes.io/rewrite-target: /api/identifier/$1