diff --git a/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/configurations/names.yaml b/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/configurations/names.yaml
new file mode 100644
index 0000000..f1d6512
--- /dev/null
+++ b/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/configurations/names.yaml
@@ -0,0 +1,8 @@
+# Configure names transformer
+nameReference:
+  - kind: Secret
+    fieldSpecs:
+      # Replace secret names in HelmReleases
+      - group: helm.toolkit.fluxcd.io
+        kind: HelmRelease
+        path: spec/valuesFrom/name
diff --git a/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/kustomization.yaml b/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/kustomization.yaml
index ba88891..08ed146 100644
--- a/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/kustomization.yaml
+++ b/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/kustomization.yaml
@@ -1,7 +1,17 @@
 # Create lotus-helm Kustomization
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
+# Include the following configuration files
+configurations:
+  - configurations/names.yaml
 # Include the following resources
 resources:
   - resources/release.yaml
   - resources/repository.yaml
+# Generate secrets
+secretGenerator:
+  - files:
+      # It's important to include extension in the key
+      # SOPS will use it to determine the format of the content
+      - values.yaml=secrets/values.yaml
+    name: lotus-helm-secrets-values
diff --git a/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/resources/release.yaml b/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/resources/release.yaml
index a94fe1f..6f95be5 100644
--- a/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/resources/release.yaml
+++ b/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/resources/release.yaml
@@ -16,3 +16,19 @@ spec:
         name: radio-aktywne
   # This key always needs to be here for patching to work
   postRenderers: []
+  values:
+    lotus:
+      cookies:
+        domain: spietras.dev
+      urls:
+        public: https://lotus.k8s.spietras.dev
+      scorpion:
+        public:
+          scheme: https
+          host: scorpion.k8s.spietras.dev
+          port: null
+      debug: false
+  valuesFrom:
+    - kind: Secret
+      name: lotus-helm-secrets-values
+      valuesKey: values.yaml
diff --git a/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/secrets/values.yaml b/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/secrets/values.yaml
new file mode 100644
index 0000000..40ab729
--- /dev/null
+++ b/src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize/secrets/values.yaml
@@ -0,0 +1,37 @@
+lotus:
+  secrets:
+    auth:
+      - ENC[AES256_GCM,data:sAAfVf/R,iv:S+qbh8iW8rpUbBffjR+Z4q6zonWC5D5sc0TyUIRP+38=,tag:tVpMdY/CE4+CMah6c511kA==,type:str]
+  scorpion:
+    public:
+      client: ENC[AES256_GCM,data:d9TjCC0=,iv:sfwK+yFolKJHWVLmdrDzPtbB0y9zt3OC3XAQBwr2ZuQ=,tag:ZdLms1UKraDPie+k1CiPdQ==,type:str]
+      secret: ENC[AES256_GCM,data:O1wUqPsZ,iv:g1+5ysM/izJ2rOMN7WwESQxB+OadmXln4BrqtM6MTCw=,tag:qdZeQvkcMo7sadTmS43+1w==,type:str]
+sops:
+  kms: []
+  gcp_kms: []
+  azure_kv: []
+  hc_vault: []
+  age:
+    - recipient: age14uepygtepskwehywergh9fe9j2a3ytqd80y9r2ekfmett6rq3peqjtgxns
+      enc: |
+        -----BEGIN AGE ENCRYPTED FILE-----
+        YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGY1ZoYlZvWG04Zk9ZdXh2
+        T0VWUk1oY0R0eEtpQnJRcWIzUXozQUlGOVRNCitxY0h5b3l6QnN2ejNZQ3Z1aXJX
+        aWhuNjZtYVNlTi9vV2pJOXJ3dkpZQjQKLS0tIGtJdFNOaDVtWXQ5aTd5L1diTzhw
+        c2RmaXczVnY0azVqWEtZTHQ5YUZFYkEK57cPtu0CelzVM9LFR/i3qUbAPt6HRAUZ
+        jAlPDHIQqQWeJE7x8E3CwCT3Z7LyA3fgSlt8eZ/n1OE6hNc1uWRz4Q==
+        -----END AGE ENCRYPTED FILE-----
+    - recipient: age1y5lqafxarcnlrduh8k3tycnaq63v2alagmtkf0k9gd59pg263axqtt928v
+      enc: |
+        -----BEGIN AGE ENCRYPTED FILE-----
+        YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOalFvczJlL2xpUlVEblRD
+        TGlid0dzRWhxYTBUZENVQzNESGtyTmkvcVFJCmxtWDQyb2VJNUNPaEVJVzVja0RK
+        aEVOZ2ZsMmZTckduVGRzcHFWSUFJdjAKLS0tIFRHZ3M0dUlob0p6R0JPQlpSWG0x
+        cm1sN3U1VnZNNTU1NFQ2UlRmSUJiVUkKcDxNEToerq/aAa+m8Bmyg9R+UsuMXwx/
+        1guqoWy3m4ucGQBi7eCswg5m+rGee+FgzlQsan9EQwL8Zhh8sTwlaQ==
+        -----END AGE ENCRYPTED FILE-----
+  lastmodified: "2025-01-05T21:12:11Z"
+  mac: ENC[AES256_GCM,data:jE2+qBterbBOJx9+Uy175qNUobXWm4hnCwjAlDyb0WjT5NWEiyheJYAJC9Gk1GVj/7d4IGq9o24/fFTPz2ri19DGN3fbldZu2gbbKucbRorBVnMUntBz5rYBs6AoTbEqibArEHuL4RMsvc4NHnMTpub2SKoqnInmpi39fQDey/o=,iv:2kiqyHTRmNmIHGjTmS3EM+WQvWHJWeV/bJbnfOhEcj4=,tag:P+nOSvo6Fdotg8/c8IgeRA==,type:str]
+  pgp: []
+  unencrypted_suffix: _unencrypted
+  version: 3.8.1
diff --git a/tests/clusters/ci/main/apps/lotus/kustomize/lotus-helm/kustomize/kustomization.yaml b/tests/clusters/ci/main/apps/lotus/kustomize/lotus-helm/kustomize/kustomization.yaml
index c61418c..ba88891 100644
--- a/tests/clusters/ci/main/apps/lotus/kustomize/lotus-helm/kustomize/kustomization.yaml
+++ b/tests/clusters/ci/main/apps/lotus/kustomize/lotus-helm/kustomize/kustomization.yaml
@@ -1,5 +1,7 @@
-# Overlay lotus-helm Kustomization
+# Create lotus-helm Kustomization
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
+# Include the following resources
 resources:
-  - ../../../../../../../../../src/clusters/main/apps/lotus/kustomize/lotus-helm/kustomize
+  - resources/release.yaml
+  - resources/repository.yaml
diff --git a/tests/clusters/ci/main/apps/lotus/kustomize/lotus-helm/kustomize/resources/release.yaml b/tests/clusters/ci/main/apps/lotus/kustomize/lotus-helm/kustomize/resources/release.yaml
new file mode 100644
index 0000000..a94fe1f
--- /dev/null
+++ b/tests/clusters/ci/main/apps/lotus/kustomize/lotus-helm/kustomize/resources/release.yaml
@@ -0,0 +1,18 @@
+# Create lotus Helm release
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: lotus
+spec:
+  chart:
+    spec:
+      # Use this chart from the repository
+      chart: lotus
+      # Pin version to major
+      version: "0.x"
+      # Use this Helm repository
+      sourceRef:
+        kind: HelmRepository
+        name: radio-aktywne
+  # This key always needs to be here for patching to work
+  postRenderers: []
diff --git a/tests/clusters/ci/main/apps/lotus/kustomize/lotus-helm/kustomize/resources/repository.yaml b/tests/clusters/ci/main/apps/lotus/kustomize/lotus-helm/kustomize/resources/repository.yaml
new file mode 100644
index 0000000..35085d1
--- /dev/null
+++ b/tests/clusters/ci/main/apps/lotus/kustomize/lotus-helm/kustomize/resources/repository.yaml
@@ -0,0 +1,8 @@
+# Create lotus Helm repository
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: HelmRepository
+metadata:
+  name: radio-aktywne
+spec:
+  type: oci
+  url: oci://ghcr.io/radio-aktywne/charts