diff --git a/docs/docs/install/helm.md b/docs/docs/install/helm.md
index 95241afd1..94dafc5dc 100644
--- a/docs/docs/install/helm.md
+++ b/docs/docs/install/helm.md
@@ -12,12 +12,12 @@ This quick-start will show you how to deploy Pomerium with [Helm](https://helm.s
 
 ## Prerequisites
 
-- A [Google Cloud Account](https://console.cloud.google.com/)
-- A configured [identity provider]
-- Install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/)
-- Install the [Google Cloud SDK](https://cloud.google.com/kubernetes-engine/docs/quickstart)
-- Install [helm](https://helm.sh/docs/using_helm/)
-- [TLS certificates]
+- A [Google Cloud Account](https://console.cloud.google.com/).
+- A configured [identity provider].
+- Install [kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/).
+- Install the [Google Cloud SDK](https://cloud.google.com/kubernetes-engine/docs/quickstart).
+- Install [helm](https://helm.sh/docs/using_helm/).
+- [TLS certificates].
 
 Though there are [many ways](https://unofficial-kubernetes.readthedocs.io/en/latest/setup/pick-right-solution/) to work with Kubernetes, for the purpose of this guide, we will be using Google's [Kubernetes Engine](https://cloud.google.com/kubernetes-engine/). That said, most of the following steps should be very similar using any other provider.
 
@@ -36,9 +36,12 @@ Download and modify the following helm_gke.sh script and values file to match yo
 Run [./scripts/helm_gke.sh] which will:
 
 1. Provision a new cluster.
-2. Create authenticate, authorize, and proxy [deployments](https://cloud.google.com/kubernetes-engine/docs/concepts/deployment).
-3. Provision and apply authenticate, authorize, and proxy [services](https://cloud.google.com/kubernetes-engine/docs/concepts/service).
-4. Configure an ingress, Google's default load balancer.
+
+1. Create authenticate, authorize, and proxy [deployments](https://cloud.google.com/kubernetes-engine/docs/concepts/deployment).
+
+1. Provision and apply authenticate, authorize, and proxy [services](https://cloud.google.com/kubernetes-engine/docs/concepts/service).
+
+1. Configure an ingress, using Google's default load balancer.
 
 ```bash
 ./scripts/helm_gke.sh
diff --git a/examples/helm/helm_gke.sh b/examples/helm/helm_gke.sh
index fc30a26be..1bbedc5cc 100755
--- a/examples/helm/helm_gke.sh
+++ b/examples/helm/helm_gke.sh
@@ -28,13 +28,8 @@ echo "=> install pomerium with helm"
 helm install \
 	pomerium \
 	pomerium/pomerium \
-	--set proxy.service.type="NodePort" \
-	--set authenticate.service.type="NodePort" \
-	--set config.sharedSecret=$(head -c32 /dev/urandom | base64) \
-	--set config.cookieSecret=$(head -c32 /dev/urandom | base64) \
-	--set ingress.secret.name="pomerium-tls" \
-	--set ingress.secret.cert=$(base64 -i "$HOME/.acme.sh/*.corp.beyondperimeter.com_ecc/fullchain.cer") \
-	--set ingress.secret.key=$(base64 -i "$HOME/.acme.sh/*.corp.beyondperimeter.com_ecc/*.corp.beyondperimeter.com.key") \
+	--set ingress.secret.cert="$(base64 -i $HOME/.acme.sh/*.corp.beyondperimeter.com_ecc/fullchain.cer)" \
+	--set ingress.secret.key="$(base64 -i $HOME/.acme.sh/*.corp.beyondperimeter.com_ecc/*.corp.beyondperimeter.com.key)" \
 	--values docs/configuration/examples/kubernetes/values.yaml
 
 # When done, clean up by deleting the cluster!
diff --git a/examples/kubernetes/values.yaml b/examples/kubernetes/values.yaml
index 9eb7603ca..217ea8489 100644
--- a/examples/kubernetes/values.yaml
+++ b/examples/kubernetes/values.yaml
@@ -18,6 +18,7 @@ proxy:
       cloud.google.com/app-protocols: '{"https":"HTTPS"}'
 
 config:
+  rootDomain: localhost.pomerium.io
   policy:
     - from: https://hello.localhost.pomerium.io
       to: http://nginx.default.svc.cluster.local:80