diff --git a/.gitignore b/.gitignore
index 216169654136b8fb9742433f7d86e60d911c6a6d..53d49ecb61a81cc7ba488c86a76e5557b70fbf87 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,3 +10,4 @@ apns-test/apns_keyfile_staging.p8
 .idea/
 data-push-gateway/fcm_keyfile.json
 terraform*.log
+/.gitlab-ci-local
diff --git a/terraform/common/init.tf b/terraform/common/init.tf
index 0da18423a50309e2dbf743d9c9c615ce7b788db6..38ef379ba7e999b2d7556bf1213bcf77e24657b7 100644
--- a/terraform/common/init.tf
+++ b/terraform/common/init.tf
@@ -1,4 +1,16 @@
 terraform {
+  # allow the lowest common version across all projects, so that the current CI docker image version suits all projects
+  required_version = ">= 1.9"
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "6.22.0"
+    }
+    google-beta = {
+      source  = "hashicorp/google-beta"
+      version = "6.22.0"
+    }
+  }
   backend "gcs" {
     bucket = "holi-shared-terraform-state"
     prefix = "chat-server-common"
diff --git a/terraform/environments/init.tf b/terraform/environments/init.tf
index 9937cd727c210e81282f232b0a2d27da100742f5..845e8ded16162efcaadb4c215e8f76aa5e83dc91 100644
--- a/terraform/environments/init.tf
+++ b/terraform/environments/init.tf
@@ -1,4 +1,16 @@
 terraform {
+  # allow the lowest common version across all projects, so that the current CI docker image version suits all projects
+  required_version = ">= 1.9"
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "6.22.0"
+    }
+    google-beta = {
+      source  = "hashicorp/google-beta"
+      version = "6.22.0"
+    }
+  }
   backend "gcs" {
     bucket = "holi-shared-terraform-state"
     prefix = "chat-server-environments"
diff --git a/terraform/environments/scripts/wait-for-ssl.sh b/terraform/environments/scripts/wait-for-ssl.sh
index e130aadf5d8efde49192249d4b826ffd64a61ef6..2a53fa605f62bcdb379948e214c8718565f6cc51 100755
--- a/terraform/environments/scripts/wait-for-ssl.sh
+++ b/terraform/environments/scripts/wait-for-ssl.sh
@@ -7,7 +7,7 @@ url="$1"
 
 # google has a cdn answering on requests. This cdn takes a while to be fully updated.
 # Therefore, we don't return on first success, but on a number of consecutive successes.
-number_of_consecutive_successful_tries_needed=10
+number_of_consecutive_successful_tries_needed=25
 number_of_consecutive_successful_tries_achieved=0
 
 [ -z "$url" ] && echo "missing url as first param" && exit 1
@@ -17,10 +17,21 @@ echo -n "Checking if SSL certificate for $url is installed: "
 # storage for the return value of the curl command
 retval=0
 
+# early break on success (no need to wait on existing deployments)
+set +e
+curl -sSLIm 10 "$url" > /dev/null 2>& 1 
+retval=$?
+set -e
+if [ $retval -eq 0 ]; then
+  echo "success on first try, not checking further"
+  exit 0
+fi
+
+
 # shellcheck disable=SC2034
 for i in {1..2500}; do
   set +e
-  out=$(curl -sSLI "$url" 2>&1)
+  out=$(curl -sSLIm 10 "$url" 2>& 1)
   retval=$?
   set -e
   # shellcheck disable=SC2181
@@ -31,6 +42,7 @@ for i in {1..2500}; do
       echo "test successful after $i total tries"
       exit 0
     fi
+    sleep 1
   else
     echo -n "."
     number_of_consecutive_successful_tries_achieved=0