diff --git a/roles/openshift-apps/koschei/templates/admin-config.yml b/roles/openshift-apps/koschei/templates/admin-config.yml
new file mode 100644
index 0000000000..e70bb6ebf0
--- /dev/null
+++ b/roles/openshift-apps/koschei/templates/admin-config.yml
@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: admin-config
+stringData:
+  config-admin.cfg: |
+    {{ lookup('template', roles_path + '/openshift-apps/koschei/templates/config-admin.cfg.j2') | indent }}
+  config-backend.cfg: |
+    {{ lookup('template', roles_path + '/openshift-apps/koschei/templates/config-backend.cfg.j2') | indent }}
+  fedora-messaging.toml: |
+    {{ lookup('template', roles_path + '/openshift-apps/koschei/templates/fedora-messaging.toml.j2') | indent }}
+  krb5.conf: |
+    {{ lookup('template', roles_path + '/base/templates/krb5.conf.j2') | indent }}
+data:
+  rabbitmq-ca.crt: |
+    {{ lookup('file', private + '/files/rabbitmq/' + env + '/pki/ca.crt', rstrip=False) | b64encode | indent }}
+  rabbitmq-client.crt: |
+    {{ lookup('file', private + '/files/rabbitmq/' + env + '/pki/issued/' + app + env_suffix + '.crt', rstrip=False) | b64encode | indent }}
+  rabbitmq-client.key: |
+    {{ lookup('file', private + '/files/rabbitmq/' + env + '/pki/private/' + app + env_suffix + '.key', rstrip=False) | b64encode | indent }}
diff --git a/roles/openshift-apps/koschei/templates/admin-deployment.yml b/roles/openshift-apps/koschei/templates/admin-deployment.yml
index 31b1a9ae0b..359b4b63af 100644
--- a/roles/openshift-apps/koschei/templates/admin-deployment.yml
+++ b/roles/openshift-apps/koschei/templates/admin-deployment.yml
@@ -40,7 +40,7 @@ spec:
       volumes:
       - name: config
         secret:
-          secretName: backend-config
+          secretName: admin-config
       - name: keytab
         secret:
           secretName: keytab
diff --git a/roles/openshift-apps/koschei/templates/config-admin.cfg.j2 b/roles/openshift-apps/koschei/templates/config-admin.cfg.j2
new file mode 100644
index 0000000000..5e2ca0193e
--- /dev/null
+++ b/roles/openshift-apps/koschei/templates/config-admin.cfg.j2
@@ -0,0 +1,16 @@
+# This is a config file for Koschei that can override values in default
+# configuration in /usr/share/koschei/config.cfg. It is a python file expecting
+# assignment to config dictionary which will be recursively merged with the
+# default one.
+
+config = {
+    "database_config": {
+        "username": "koscheiadmin",
+        "password": "{{ koscheiadmin_db_password }}",
+    },
+}
+
+# Local Variables:
+# mode: Python
+# End:
+# vi: ft=python