diff --git a/deployments/tailscale-operator/deployment.yaml b/deployments/tailscale-operator/deployment.yaml
index e89b4a9..8ef1592 100644
--- a/deployments/tailscale-operator/deployment.yaml
+++ b/deployments/tailscale-operator/deployment.yaml
@@ -15,28 +15,41 @@ spec:
       labels:
         app: tailscale-operator
     spec:
-      serviceAccountName: tailscale-operator
       containers:
         - name: operator
-          image: ghcr.io/tailscale/k8s-operator:v1.78.3
+          image: ghcr.io/tailscale/operator:latest
+          ports:
+            - containerPort: 8080
+              name: http-metrics
+              protocol: TCP
           env:
-            - name: POD_NAME
-              valueFrom:
-                fieldRef:
-                  fieldPath: metadata.name
-            - name: POD_NAMESPACE
+            - name: TS_KUBE_NAMESPACE
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.namespace
-            - name: TS_CLIENT_ID_FILE
-              value: "/etc/tailscale/oauth/client_id"
-            - name: TS_CLIENT_SECRET_FILE
-              value: "/etc/tailscale/oauth/client_secret"
+          envFrom:
+            - secretRef:
+                name: tailscale-operator-secret
           volumeMounts:
-            - name: oauth-secret
+            - name: oauth-config
               mountPath: /etc/tailscale/oauth
               readOnly: true
       volumes:
-        - name: oauth-secret
+        - name: oauth-config
           secret:
             secretName: tailscale-operator-secret
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: tailscale-operator
+  namespace: tailscale
+  labels:
+    app: tailscale-operator
+spec:
+  ports:
+    - port: 8080
+      name: http-metrics
+      targetPort: http-metrics
+  selector:
+    app: tailscale-operator