diff --git a/cluster/apps/longhorn-system/longhorn/helm-release.yaml b/cluster/apps/longhorn-system/longhorn/helm-release.yaml
index 7d77846..a89962b 100644
--- a/cluster/apps/longhorn-system/longhorn/helm-release.yaml
+++ b/cluster/apps/longhorn-system/longhorn/helm-release.yaml
@@ -27,6 +27,9 @@ spec:
   uninstall:
     keepHistory: false
   values:
+    defaultSettings:
+      backupTarget: "s3://venoox-k8s-longhorn@eu-central-1/"
+      backupTargetCredentialSecret: "s3-credentials"
     ingress:
       enabled: true
       ingressClassName: nginx
diff --git a/cluster/apps/longhorn-system/longhorn/kustomization.yaml b/cluster/apps/longhorn-system/longhorn/kustomization.yaml
index 2fa2de2..545e541 100644
--- a/cluster/apps/longhorn-system/longhorn/kustomization.yaml
+++ b/cluster/apps/longhorn-system/longhorn/kustomization.yaml
@@ -2,4 +2,5 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
+  - secret.sops.yaml
   - helm-release.yaml
diff --git a/cluster/apps/longhorn-system/longhorn/secret.sops.yaml b/cluster/apps/longhorn-system/longhorn/secret.sops.yaml
new file mode 100644
index 0000000..6056a14
--- /dev/null
+++ b/cluster/apps/longhorn-system/longhorn/secret.sops.yaml
@@ -0,0 +1,28 @@
+apiVersion: v1
+kind: Secret
+metadata:
+    name: s3-credentials
+    namespace: longhorn-system
+stringData:
+    AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:bj0ElLAWkSw4g+F+yb6wXW/VsIo=,iv:Jhsm0O+TqB97hETiiU2iIONjfhi/6spotVNaimLsLPk=,tag:NNdv21xoK8kYgEg2VKSlbg==,type:str]
+    AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:nYhbzJ5SQcEdu9ant91xAiq2XF97RwKr/UIE6RYg7zzUZyF4jA89gQ==,iv:JQ8O/Qn5OgWlqzr3+HvYfbeMwqx1cu4z7Q+p9ZMbOqc=,tag:hWHhesEPB0EOhZ0ZMpLIrg==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1ynzhn59vjy0tp87dnzjlxypukffskcga5dtgu3raz3r5jspja5fq99a8a8
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKZVRQUVNxNmV2djByRS9D
+            cFNpa0F5ODJmaDlmVndYRk9zZlJDbjJDUG1BCjVGTjlzNkpTY0R1OWxGb3dZQ3lo
+            MktiQlFERS8rZ25uVmpUL1NwaVdEejAKLS0tIHl4Rm91bUo4VU11ZzBqZGxxdEpp
+            bjF0RjVNY1d4c0sxUEdUT1NkbUphUlkKaFQiymwn3iOvkidC2ssJ62/e8kWK4gtt
+            Qfqg5YuUsjBY7Zu7lhspRgO+OdQiN/x9xjQHs21et5LqlQbRbesQZQ==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2023-02-26T13:00:57Z"
+    mac: ENC[AES256_GCM,data:PFjKxZYKQz06U8+D4T+nLBABQO02FBzb1NL2c9llHzLPTHXYY5K8/WNHnbJpr9oXG4V9ulz5gOwvjOqE+SWR+L1g+1wIyGj1k/gZbDFkfM7f+8uQzBjXHp7+eWZ72XRFZ6WeOPLbvFLYTou53V2MjtNEnRcM3HcF91RRtEIGVwA=,iv:+XzLRTUHXc7VM6gJ6czvv/Qev7KcRpl1pzh5XdeOVFY=,tag:Z52/ahIYDPThL1cJTO23Mg==,type:str]
+    pgp: []
+    encrypted_regex: ^(data|stringData)$
+    version: 3.7.3