diff --git a/apps/nextcloud/nginx/default.conf b/apps/nextcloud/nginx/default.conf
index d31ce23..ca44461 100644
--- a/apps/nextcloud/nginx/default.conf
+++ b/apps/nextcloud/nginx/default.conf
@@ -12,6 +12,11 @@ server {
     ssl_certificate      /etc/letsencrypt/live/{{ tpl .Values.fqdn . }}/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/{{ tpl .Values.fqdn . }}/privkey.pem;
 
+    # Increase timeouts -- mainly for initial setup
+    proxy_read_timeout 300;
+    proxy_send_timeout 300;
+    proxy_connect_timeout 300;
+
     # HSTS settings
     # WARNING: Only add the preload option once you read about
     # the consequences in https://hstspreload.org/. This option
diff --git a/apps/nextcloud/templates/deployment.yaml b/apps/nextcloud/templates/deployment.yaml
index 93be8d0..fde2e64 100644
--- a/apps/nextcloud/templates/deployment.yaml
+++ b/apps/nextcloud/templates/deployment.yaml
@@ -91,6 +91,16 @@ spec:
                 secretKeyRef:
                   name: {{ tpl .Values.identifier . }}-postgres-config
                   key: POSTGRES_DB
+            - name: NEXTCLOUD_ADMIN_USER
+              valueFrom:
+                secretKeyRef:
+                  name: {{ tpl .Values.identifier . }}-nextcloud
+                  key: USERNAME
+            - name: NEXTCLOUD_ADMIN_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ tpl .Values.identifier . }}-nextcloud
+                  key: PASSWORD
             - name: POSTGRES_USER
               valueFrom:
                 secretKeyRef:
@@ -225,3 +235,12 @@ metadata:
 stringData:
   POSTGRES_USER: "postgres"
   POSTGRES_DB: "nextcloud"
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ tpl .Values.identifier . }}-nextcloud
+  annotations:
+    secret-generator.v1.mittwald.de/autogenerate: PASSWORD
+stringData:
+  USERNAME: "nextcloud"