diff --git a/helm/open-build-service/charts/backend/templates/configmap.yaml b/helm/open-build-service/charts/backend/templates/configmap.yaml
index 5eb34bb34976137d47f9940072f596e8ddbf526f..c80fc6aa30a2c209c4fd1fef6c869cb088257532 100644
--- a/helm/open-build-service/charts/backend/templates/configmap.yaml
+++ b/helm/open-build-service/charts/backend/templates/configmap.yaml
@@ -2,6 +2,8 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: {{ include "backend.fullname" . }}-config
+  labels:
+    {{- include "backend.labels" . | nindent 4 }}
 data:
   BSConfig.local.pm: {{
       printf "%s\n%s\n1;\n" "$ipaccess->{\".*\"} = \"rw,worker\";" (
diff --git a/helm/open-build-service/charts/frontend/templates/deployment.yaml b/helm/open-build-service/charts/frontend/templates/deployment.yaml
index 77a8e1a0d84035181fdcaaf27146b197aafdc9e5..2f1082a694beac3278ee157a0f595930e0c5ddc8 100644
--- a/helm/open-build-service/charts/frontend/templates/deployment.yaml
+++ b/helm/open-build-service/charts/frontend/templates/deployment.yaml
@@ -38,6 +38,8 @@ spec:
             {{- if .Values.global.frontend }}
             - name: OBS_FRONTEND_WORKERS
               value: {{ default 4 .Values.global.frontend.workers | quote }}
+            - name: OBS_LOG_LEVEL
+              value: {{ default "info" .Values.global.frontend.loglevel | quote }}
             {{- end }}
             - name: OBS_MEMCACHE_HOST
               value: {{ include "frontend.memcached.fullname" . | quote }}
@@ -86,6 +88,16 @@ spec:
               mountPath: /tmp
             - name: frontend-logs
               mountPath: /obs/src/api/log
+            {{- if (or .Values.global.frontend.msmtprc .Values.global.frontend.msmtprcExistingSecret) }}
+            - name: frontend-email-secret
+              mountPath: /run/secrets/msmtprc
+              subPath: msmtprc
+            {{- end }}
+            {{- if (or .Values.global.frontend.ssoauth .Values.global.frontend.ssoauthExistingSecret) }}
+            - name: frontend-sso-secret
+              mountPath: /run/secrets/ssoauth
+              subPath: ssoauth
+            {{- end }}
         - name: {{ .Chart.Name }}-weblog
           image: busybox
           args:
@@ -130,6 +142,16 @@ spec:
           emptyDir: {}
         - name: frontend-logs
           emptyDir: {}
+        {{- if (or .Values.global.frontend.msmtprc .Values.global.frontend.msmtprcExistingSecret) }}
+        - name: frontend-email-secret
+          secret:
+            secretName: {{ .Values.global.frontend.msmtprcExistingSecret | default (printf "%s-email" (include "frontend.fullname" .)) }}
+        {{- end }}
+        {{- if (or .Values.global.frontend.ssoauth .Values.global.frontend.ssoauthExistingSecret) }}
+        - name: frontend-sso-secret
+          secret:
+            secretName: {{ .Values.global.frontend.ssoauthExistingSecret | default (printf "%s-sso" (include "frontend.fullname" .)) }}
+        {{- end }}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
diff --git a/helm/open-build-service/charts/frontend/templates/email-secret.yaml b/helm/open-build-service/charts/frontend/templates/email-secret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..cf81096220d603571e9449fd4b8022d518ee10d3
--- /dev/null
+++ b/helm/open-build-service/charts/frontend/templates/email-secret.yaml
@@ -0,0 +1,11 @@
+{{- if (and .Values.global.frontend.msmtprc (not .Values.global.frontend.msmtprcExistingSecret)) -}}
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: {{ include "frontend.fullname" . }}-email
+  labels:
+    {{- include "frontend.labels" . | nindent 4 }}
+data:
+  msmtprc: {{ default "" .Values.global.frontend.msmtprc | b64enc | quote }}
+{{- end }}
diff --git a/helm/open-build-service/charts/frontend/templates/sso-secret.yaml b/helm/open-build-service/charts/frontend/templates/sso-secret.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..0f6b39cffefc269f056d5c0bd90b23e076b9421f
--- /dev/null
+++ b/helm/open-build-service/charts/frontend/templates/sso-secret.yaml
@@ -0,0 +1,11 @@
+{{- if (and .Values.global.frontend.ssoauth (not .Values.global.frontend.ssoauthExistingSecret)) -}}
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: {{ include "frontend.fullname" . }}-sso
+  labels:
+    {{- include "frontend.labels" . | nindent 4 }}
+data:
+  ssoauth: {{ default "" .Values.global.frontend.ssoauth | toYaml | b64enc | quote }}
+{{- end }}
diff --git a/helm/open-build-service/charts/frontend/values.yaml b/helm/open-build-service/charts/frontend/values.yaml
index 90f9c2be522ed1fed93371373c0f0ca929b4f184..35a9c203a94f23fee00667f870a89b5dbd141358 100644
--- a/helm/open-build-service/charts/frontend/values.yaml
+++ b/helm/open-build-service/charts/frontend/values.yaml
@@ -17,6 +17,7 @@ fullnameOverride: ""
 global:
   frontend: {}
     # workers: 8
+    # loglevel: info
   backend: {}
     # host: backend
 
diff --git a/helm/open-build-service/values.yaml b/helm/open-build-service/values.yaml
index e8c1f8e7f082d4ee1e7a3c8514e4bd9f9ce2a182..593e362c54f2c96ff09941141534de6dd02a4298 100644
--- a/helm/open-build-service/values.yaml
+++ b/helm/open-build-service/values.yaml
@@ -24,6 +24,17 @@ global:
   frontend:
     workers: 4
     # host: frontend
+    # msmtprc: |
+    #   ...
+    # ssoauth:
+    #   fdo-gitlab:
+    #     strategy: gitlab
+    #     description: Freedesktop.org GitLab
+    #     scope: read_user openid profile email
+    #     client_id: hexhexhexhex
+    #     client_secret: hexhexhexhex
+    #     client_options:
+    #       site: https://gitlab.freedesktop.org/api/v4
   backend: {}
     # host: backend
     # extraConfig: |