diff --git a/k8s/apps/furumi-server/deployment.yaml b/k8s/apps/furumi-server/deployment.yaml
index 0e4897e..428c2e7 100644
--- a/k8s/apps/furumi-server/deployment.yaml
+++ b/k8s/apps/furumi-server/deployment.yaml
@@ -46,8 +46,15 @@ spec:
                 secretKeyRef:
                   name: furumi-ng-creds
                   key: OIDC_REDIRECT_URL
+            - name: FURUMI_OIDC_SESSION_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: furumi-ng-creds
+                  key: OIDC_SESSION_SECRET
             - name: FURUMI_ROOT
               value: "/media"
+            - name: RUST_LOG
+              value: "debug"
           ports:
             - name: grpc
               containerPort: 50051
diff --git a/k8s/apps/furumi-server/external-secrets.yaml b/k8s/apps/furumi-server/external-secrets.yaml
index be4abfa..bcf8ca7 100644
--- a/k8s/apps/furumi-server/external-secrets.yaml
+++ b/k8s/apps/furumi-server/external-secrets.yaml
@@ -18,6 +18,8 @@ spec:
           {{ .client_secret }}
         OIDC_ISSUER_URL: https://idm.hexor.cy/application/o/furumi-ng-web/
         OIDC_REDIRECT_URL: https://music.hexor.cy/auth/callback
+        OIDC_SESSION_SECRET: |-
+          {{ .session_secret }}
   data:
     - secretKey: token
       sourceRef:
@@ -43,3 +45,11 @@ spec:
       remoteRef:
         key: b8b8c3a2-c3fe-42d3-9402-0ae305e1455f
         property: fields[2].value
+    - secretKey: session_secret
+      sourceRef:
+        storeRef:
+          name: vaultwarden-login
+          kind: ClusterSecretStore
+      remoteRef:
+        key: b8b8c3a2-c3fe-42d3-9402-0ae305e1455f
+        property: fields[3].value