diff --git a/clusters/cl01tl/manifests/yubal/Deployment-yubal.yaml b/clusters/cl01tl/manifests/yubal/Deployment-yubal.yaml
index a032271f0..8dfb222fa 100644
--- a/clusters/cl01tl/manifests/yubal/Deployment-yubal.yaml
+++ b/clusters/cl01tl/manifests/yubal/Deployment-yubal.yaml
@@ -29,6 +29,11 @@ spec:
       enableServiceLinks: false
       serviceAccountName: default
       automountServiceAccountToken: true
+      securityContext:
+        fsGroup: 1000
+        fsGroupChangePolicy: OnRootMismatch
+        runAsGroup: 1000
+        runAsUser: 1000
       hostIPC: false
       hostNetwork: false
       hostPID: false
@@ -57,7 +62,7 @@ spec:
             - name: FIREWALL_OUTBOUND_SUBNETS
               value: 10.0.0.0/8
             - name: FIREWALL_INPUT_PORTS
-              value: "8080"
+              value: "8000"
             - name: DNS_UPSTREAM_RESOLVER_TYPE
               value: dot
           image: ghcr.io/qdm12/gluetun:v3.41.0@sha256:6b54856716d0de56e5bb00a77029b0adea57284cf5a466f23aad5979257d3045
@@ -101,8 +106,8 @@ spec:
             - name: YUBAL_PORT
               value: "8080"
             - name: YUBAL_LOG_LEVEL
-              value: DEBUG
-          image: ghcr.io/guillevc/yubal:0.4.0
+              value: INFO
+          image: ghcr.io/guillevc/yubal:4.0.0
           imagePullPolicy: IfNotPresent
           name: main
           resources: