diff --git a/clusters/cl01tl/helm/dawarich/templates/external-secret.yaml b/clusters/cl01tl/helm/dawarich/templates/external-secret.yaml
index 821516e39..9a482ca65 100644
--- a/clusters/cl01tl/helm/dawarich/templates/external-secret.yaml
+++ b/clusters/cl01tl/helm/dawarich/templates/external-secret.yaml
@@ -15,6 +15,18 @@ spec:
       remoteRef:
         key: /cl01tl/dawarich/key
         property: key
+    - secretKey: otp-primary-key
+      remoteRef:
+        key: /cl01tl/dawarich/key
+        property: otp-primary-key
+    - secretKey: otp-deterministic-key
+      remoteRef:
+        key: /cl01tl/dawarich/key
+        property: otp-deterministic-key
+    - secretKey: otp-derivation-salt
+      remoteRef:
+        key: /cl01tl/dawarich/key
+        property: otp-derivation-salt
 
 ---
 apiVersion: external-secrets.io/v1
diff --git a/clusters/cl01tl/helm/dawarich/values.yaml b/clusters/cl01tl/helm/dawarich/values.yaml
index 48a472382..79aea2c87 100644
--- a/clusters/cl01tl/helm/dawarich/values.yaml
+++ b/clusters/cl01tl/helm/dawarich/values.yaml
@@ -83,6 +83,21 @@ dawarich:
                 secretKeyRef:
                   name: dawarich-key
                   key: key
+            - name: OTP_ENCRYPTION_PRIMARY_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: dawarich-key
+                  key: otp-primary-key
+            - name: OTP_ENCRYPTION_DETERMINISTIC_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: dawarich-key
+                  key: otp-deterministic-key
+            - name: OTP_ENCRYPTION_KEY_DERIVATION_SALT
+              valueFrom:
+                secretKeyRef:
+                  name: dawarich-key
+                  key: otp-derivation-salt
             - name: RAILS_LOG_TO_STDOUT
               value: true
             - name: SELF_HOSTED