diff --git a/README.md b/README.md
index 2f7d17a..63ed1e1 100644
--- a/README.md
+++ b/README.md
@@ -29,7 +29,7 @@ Fully automated luxury Nextcloud via docker-swarm.
 `abra app config <app-name>` 
 Configure the following envs:
 ```
-COMPOSE_FILE="$COMPOSE_FILE:compose.apps.yml"
+COMPOSE_FILE="$COMPOSE_FILE:compose.apps.yaml"
 ONLYOFFICE_URL=https://onlyoffice.example.com
 SECRET_ONLYOFFICE_JWT_VERSION=v1
 ```
@@ -42,7 +42,7 @@ SECRET_ONLYOFFICE_JWT_VERSION=v1
 `abra app config <app-name>` 
 Configure the following envs:
 ```
-COMPOSE_FILE="$COMPOSE_FILE:compose.apps.yml"
+COMPOSE_FILE="$COMPOSE_FILE:compose.apps.yaml"
 BBB_URL=https://talk.example.org/bigbluebutton/ # trailing slash!
 SECRET_BBB_SECRET_VERSION=v1
 ```
@@ -56,7 +56,7 @@ SECRET_BBB_SECRET_VERSION=v1
 `abra app config <app-name>` 
 Configure the following envs:
 ```
-COMPOSE_FILE="$COMPOSE_FILE:compose.authentik.yml"
+COMPOSE_FILE="$COMPOSE_FILE:compose.authentik.yaml"
 AUTHENTIK_USER_PREFIX=authentik
 AUTHENTIK_DOMAIN=authentik.example.com
 AUTHENTIK_SECRET_NAME=authentik_example_com_nextcloud_secret_v1  # the same as in authentik
@@ -100,16 +100,16 @@ OCC_CMDS="app:disable dashboard"
 Solution:
 
 - Look at log files to determine the old Nextcloud version
-- Change your local `~/.abra/recipes/nextcloud/compose.yml` to the highest minor
+- Change your local `~/.abra/recipes/nextcloud/compose.yaml` to the highest minor
     version in the old version -- e.g. choose `22.2.5` for `22`, if you're
     upgrading to `23`.
 - Then, do one of (both bad):
   1. `abra app deploy --chaos ...`, then `app run` to go in and manually lower the version number in PHP (shell in, `apt install vim-core && vi version.php`), then try `php ./occ upgrade`
   2. `abra app undeploy ...`, `abra volume rm`, CAREFULLY only choose the volume
      ENDING `_nextcloud`, then `abra app deploy --chaos ...`, then edit the
-     `compose.yml` to add `entrypoint: ['tail', '-f', '/dev/null']` to `app`,
+     `compose.yaml` to add `entrypoint: ['tail', '-f', '/dev/null']` to `app`,
      then `app deploy --chaos` again, then `app run --user=www-data ... app bash` to get in and run `./occ maintenance:repair`, and `./occ upgrade`. 
-- Change `compose.yml` to the new version number; `git checkout compose.yml`
+- Change `compose.yaml` to the new version number; `git checkout compose.yaml`
 - `abra app deploy --force`
 - This wasn't even multiplle major versions was it 😾
 
diff --git a/abra.sh b/abra.sh
deleted file mode 100644
index 3738133..0000000
--- a/abra.sh
+++ /dev/null
@@ -1,107 +0,0 @@
-#!/bin/bash
-
-export FPM_TUNE_VERSION=v5
-export NGINX_CONF_VERSION=v4
-export MY_CNF_VERSION=v4
-export ENTRYPOINT_VERSION=v3
-
-run_occ() {
-    su -p www-data -s /bin/sh -c "/var/www/html/occ $@"
-}
-
-post_install_occ() {
-    IFS='|' read -ra CMD <<<"$OCC_CMDS"
-    for cmd in "${CMD[@]}"; do
-        run_occ "$cmd"
-    done
-}
-
-install_apps() {
-    install_apps="$@"
-    if [ -z "$install_apps" ]; then
-        install_apps=$APPS
-    fi
-    for app in $install_apps; do
-        run_occ "app:install $app"
-    done
-}
-
-set_app_config() {
-    APP=$1
-    KEY=$2
-    VALUE=$3
-    run_occ "config:app:set $APP $KEY --value '$VALUE'"
-}
-
-set_system_config() {
-    KEY=$1
-    VALUE=$2
-    run_occ "config:system:set $KEY --value '$VALUE'"
-}
-
-set_trusted_proxies() {
-    trusted_proxies="$@"
-    if [ -z "$1" ]; then
-        trusted_proxies="$TRUSTED_PROXIES"
-    fi
-    set_system_config trusted_proxies "$trusted_proxies"
-}
-
-set_logfile_stdout() {
-    set_system_config logfile '/dev/stdout'
-}
-
-install_bbb() {
-    install_apps bbb
-    set_app_config bbb app.navigation true
-    set_app_config bbb api.url "$BBB_URL"
-    set_app_config bbb api.secret "$(cat /run/secrets/bbb_secret)"
-}
-
-install_onlyoffice() {
-    install_apps onlyoffice
-    set_app_config onlyoffice DocumentServerUrl "$ONLYOFFICE_URL"
-    set_app_config onlyoffice jwt_secret "$(cat /run/secrets/onlyoffice_jwt)"
-    set_app_config onlyoffice customizationForcesave true
-}
-
-set_default_quota() {
-    set_app_config files default_quota "$DEFAULT_QUOTA"
-}
-
-set_authentik() {
-    install_apps sociallogin
-    AUTHENTIK_SECRET=$(cat /run/secrets/authentik_secret)
-    AUTHENTIK_ID=$(cat /run/secrets/authentik_id)
-    set_app_config sociallogin custom_providers "
-{
-    \"custom_oidc\":[
-    {
-        \"name\":\"$AUTHENTIK_USER_PREFIX\",
-        \"title\":\"authentik\",
-        \"authorizeUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/authorize/\",
-        \"tokenUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/token/\",
-        \"displayNameClaim\":\"preferred_username\",
-        \"userInfoUrl\": \"https://$AUTHENTIK_DOMAIN/application/o/userinfo/\",
-        \"logoutUrl\": \"https://$AUTHENTIK_DOMAIN/if/session-end/nextcloud/\",
-        \"clientId\":\"$AUTHENTIK_ID\",
-        \"clientSecret\":\"$AUTHENTIK_SECRET\",
-        \"scope\":\"openid profile email nextcloud\",
-        \"groupsClaim\":\"nextcloud_groups\",
-        \"style\":\"openid\",
-        \"defaultGroup\":\"\",
-        \"groupMapping\": {
-          \"admin\": \"admin\",
-          \"authentik Admins\": \"admin\"
-        }
-    }
-]
-}"
-
-    set_app_config sociallogin update_profile_on_login 1
-    set_app_config sociallogin auto_create_groups 1
-    set_app_config sociallogin hide_default_login 1
-    run_occ 'config:system:set social_login_auto_redirect --value true'
-    run_occ 'config:system:set allow_user_to_change_display_name --value=false'
-    run_occ 'config:system:set lost_password_link --value=disabled'
-}
diff --git a/compose.apps.yaml b/compose.apps.yaml
deleted file mode 100644
index b892636..0000000
--- a/compose.apps.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-version: "3.8"
-services:
-  app:
-    secrets:
-      - onlyoffice_jwt
-      - bbb_secret
-    environment:
-      - APPS
-      - ONLYOFFICE_URL
-      - BBB_URL
-
-secrets:
-  onlyoffice_jwt:
-    external: true
-    name: ${STACK_NAME}_onlyoffice_jwt_${SECRET_ONLYOFFICE_JWT_VERSION}
-  bbb_secret:
-    external: true
-    name: ${STACK_NAME}_bbb_secret_${SECRET_BBB_SECRET_VERSION}
diff --git a/compose.authentik.yaml b/compose.authentik.yaml
deleted file mode 100644
index 4046c63..0000000
--- a/compose.authentik.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-version: "3.8"
-services:
-  app:
-    secrets:
-      - authentik_secret
-      - authentik_id
-
-secrets:
-  authentik_secret:
-    external: true
-    name: ${STACK_NAME}_authentik_secret_${SECRET_AUTHENTIK_SECRET_VERSION}
-  authentik_id:
-    external: true
-    name: ${STACK_NAME}_authentik_id_${SECRET_AUTHENTIK_ID_VERSION}
diff --git a/compose.mariadb.yaml b/compose.mariadb.yaml
index 361e390..e3e4297 100644
--- a/compose.mariadb.yaml
+++ b/compose.mariadb.yaml
@@ -1,5 +1,3 @@
-version: "3.8"
-
 services:
   app:
     environment:
diff --git a/compose.postgres.yaml b/compose.postgres.yaml
deleted file mode 100644
index 398e5d3..0000000
--- a/compose.postgres.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-version: '3.8'
-
-services:
-  app:
-    environment:
-      - POSTGRES_HOST=db
-      - POSTGRES_DB=nextcloud
-      - POSTGRES_USER=nextcloud
-      - POSTGRES_PASSWORD_FILE=/run/secrets/db_password
-      - NEXTCLOUD_UPDATE=1
-
-  db:
-    image: "postgres:12"
-    volumes:
-      - "postgres:/var/lib/postgresql/data"
-    networks:
-      - internal
-    environment:
-      POSTGRES_USER: nextcloud
-      POSTGRES_PASSWORD_FILE: /run/secrets/db_password
-      POSTGRES_DB: nextcloud
-    secrets:
-      - db_password
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready", "-U", "nextcloud"]
-      interval: 10s
-      timeout: 5s
-      retries: 5
-    deploy:
-      labels:
-            backupbot.backup: "true"
-            backupbot.backup.pre-hook: "PGPASSWORD=$$(cat $${POSTGRES_PASSWORD_FILE}) pg_dump -U $${POSTGRES_USER} $${POSTGRES_DB} > /var/lib/postgresql/data/backup.sql"
-            backupbot.backup.post-hook: "rm -rf /var/lib/postgresql/data/backup.sql"
-            backupbot.backup.path: "/var/lib/postgresql/data/"
-
-volumes:
-  postgres:
diff --git a/compose.smtp.yaml b/compose.smtp.yaml
index cd7436b..dfdc758 100644
--- a/compose.smtp.yaml
+++ b/compose.smtp.yaml
@@ -1,4 +1,3 @@
-version: "3.8"
 services:
   app:
     secrets:
diff --git a/compose.yaml b/compose.yaml
index f23e1e9..d03f5f3 100644
--- a/compose.yaml
+++ b/compose.yaml
@@ -1,4 +1,3 @@
-version: "3.8"
 services:
   web:
     image: nginx:1.25.1
@@ -56,7 +55,6 @@ services:
       - admin_password
     environment:
       - APPS
-      - OCC_CMDS
       - X_FRAME_OPTIONS_ALLOW_FROM
       - X_FRAME_OPTIONS_ENABLED
       - DOMAIN
diff --git a/renovate.json b/renovate.json
deleted file mode 100644
index 341a7ea..0000000
--- a/renovate.json
+++ /dev/null
@@ -1,9 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "ignoreDeps": [
-    "mariadb:10.6"
-  ],
-  "extends": [
-    "config:base"
-  ]
-}