diff --git a/.github/workflows/publish-migrations.yml b/.github/workflows/publish-migrations.yml
index 1abc9f2b6..e6801299a 100644
--- a/.github/workflows/publish-migrations.yml
+++ b/.github/workflows/publish-migrations.yml
@@ -32,15 +32,3 @@ jobs:
         run: aws s3 sync migrations/db s3://$AWS_S3_BUCKET/migrations/db --delete
         env:
           AWS_S3_BUCKET: ${{ secrets.PG_INIT_SCRIPT_S3_BUCKET_STAGING }}
-
-      - name: configure aws credentials - prod
-        uses: aws-actions/configure-aws-credentials@v1
-        with:
-          role-to-assume: ${{ secrets.PROD_AWS_ROLE }}
-          aws-region: "ap-southeast-1"
-
-      - name: Deploy to S3 prod
-        shell: bash
-        run: aws s3 sync migrations/db s3://$AWS_S3_BUCKET/migrations/db --delete
-        env:
-          AWS_S3_BUCKET: ${{ secrets.PG_INIT_SCRIPT_S3_BUCKET_PROD }}
diff --git a/ansible/files/gotrue-optimizations.service.j2 b/ansible/files/gotrue-optimizations.service.j2
index d9c2f018e..fe5b26cd7 100644
--- a/ansible/files/gotrue-optimizations.service.j2
+++ b/ansible/files/gotrue-optimizations.service.j2
@@ -5,6 +5,7 @@ Description=GoTrue (Auth) optimizations
 Type=oneshot
 # we don't want failures from this command to cause PG startup to fail
 ExecStart=/bin/bash -c "/opt/supabase-admin-api optimize auth --destination-config-file-path /etc/gotrue/gotrue.generated.env ; exit 0"
+ExecStartPost=/bin/bash -c "cp -a /etc/gotrue/gotrue.generated.env /etc/auth.d/20_generated.env ; exit 0"
 User=postgrest
 
 [Install]
diff --git a/ansible/files/gotrue.service.j2 b/ansible/files/gotrue.service.j2
index c1f7f584f..272e5b871 100644
--- a/ansible/files/gotrue.service.j2
+++ b/ansible/files/gotrue.service.j2
@@ -4,7 +4,7 @@ Description=Gotrue
 [Service]
 Type=simple
 WorkingDirectory=/opt/gotrue
-ExecStart=/opt/gotrue/gotrue
+ExecStart=/opt/gotrue/gotrue --config-dir /etc/auth.d
 User=gotrue
 Restart=always
 RestartSec=3
diff --git a/ansible/tasks/setup-gotrue.yml b/ansible/tasks/setup-gotrue.yml
index 0998468b3..d2c763853 100644
--- a/ansible/tasks/setup-gotrue.yml
+++ b/ansible/tasks/setup-gotrue.yml
@@ -30,6 +30,13 @@
     owner: gotrue
     mode: 0775
 
+- name: gotrue - create /etc/auth.d
+  file:
+    path: /etc/auth.d
+    state: directory
+    owner: gotrue
+    mode: 0755
+
 - name: gotrue - unpack archive in /opt/gotrue
   unarchive:
     remote_src: yes