diff --git a/.gitignore b/.gitignore
index d0e17d54b564d127b96dd758f56319455ee05591..013d4450a5639348a5299910da0194b98a4d6e81 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,3 +18,4 @@ node_modules/
 
 .idea
 terraform*.log
+/.gitlab-ci-local
diff --git a/terraform/common/init.tf b/terraform/common/init.tf
index 4f8a0f9e80d70a6fcf3f619286c3f4cc92f5c7b5..963f47571d295385e1db458f5eae2deac697472e 100644
--- a/terraform/common/init.tf
+++ b/terraform/common/init.tf
@@ -1,4 +1,16 @@
 terraform {
+  # allow the lowest common version across all projects, so that the current CI docker image version suits all projects
+  required_version = ">= 1.9"
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "6.21.0"
+    }
+    google-beta = {
+      source  = "hashicorp/google-beta"
+      version = "6.21.0"
+    }
+  }
   backend "gcs" {
     bucket = "holi-shared-terraform-state"
     prefix = "moderation-common"
diff --git a/terraform/environments/init.tf b/terraform/environments/init.tf
index d70d5b148b26d83e41a529d22079cbc722aeeb05..0d5e538d8bd29a351ee4c22f023b3ef2dc3120b7 100644
--- a/terraform/environments/init.tf
+++ b/terraform/environments/init.tf
@@ -1,4 +1,16 @@
 terraform {
+  # allow the lowest common version across all projects, so that the current CI docker image version suits all projects
+  required_version = ">= 1.9"
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "6.21.0"
+    }
+    google-beta = {
+      source  = "hashicorp/google-beta"
+      version = "6.21.0"
+    }
+  }
   backend "gcs" {
     bucket = "holi-shared-terraform-state"
     prefix = "moderation-environments"
diff --git a/terraform/environments/scripts/wait-for-ssl.sh b/terraform/environments/scripts/wait-for-ssl.sh
index d4f75a96c13dc2380107421e01be99885785b594..2a53fa605f62bcdb379948e214c8718565f6cc51 100755
--- a/terraform/environments/scripts/wait-for-ssl.sh
+++ b/terraform/environments/scripts/wait-for-ssl.sh
@@ -7,7 +7,7 @@ url="$1"
 
 # google has a cdn answering on requests. This cdn takes a while to be fully updated.
 # Therefore, we don't return on first success, but on a number of consecutive successes.
-number_of_consecutive_successful_tries_needed=${2:-10}
+number_of_consecutive_successful_tries_needed=25
 number_of_consecutive_successful_tries_achieved=0
 
 [ -z "$url" ] && echo "missing url as first param" && exit 1
@@ -17,10 +17,21 @@ echo -n "Checking if SSL certificate for $url is installed: "
 # storage for the return value of the curl command
 retval=0
 
+# early break on success (no need to wait on existing deployments)
+set +e
+curl -sSLIm 10 "$url" > /dev/null 2>& 1 
+retval=$?
+set -e
+if [ $retval -eq 0 ]; then
+  echo "success on first try, not checking further"
+  exit 0
+fi
+
+
 # shellcheck disable=SC2034
-for i in {1..${3:-2500}}; do
+for i in {1..2500}; do
   set +e
-  out=$(curl -sSLI "$url" 2>&1)
+  out=$(curl -sSLIm 10 "$url" 2>& 1)
   retval=$?
   set -e
   # shellcheck disable=SC2181
@@ -31,6 +42,7 @@ for i in {1..${3:-2500}}; do
       echo "test successful after $i total tries"
       exit 0
     fi
+    sleep 1
   else
     echo -n "."
     number_of_consecutive_successful_tries_achieved=0