diff --git a/apps/frigate/kustomization.yaml b/apps/frigate/kustomization.yaml
index f5a4a20..1b71f03 100644
--- a/apps/frigate/kustomization.yaml
+++ b/apps/frigate/kustomization.yaml
@@ -2,4 +2,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
   - namespace.yaml
+  - secret.yaml
   - release.yaml
diff --git a/apps/frigate/release.yaml b/apps/frigate/release.yaml
index 126b51e..4833fa0 100644
--- a/apps/frigate/release.yaml
+++ b/apps/frigate/release.yaml
@@ -27,14 +27,32 @@ spec:
     config: |
       mqtt:
         enabled: False
+
+      record:
+        enabled: True
+        retain:
+          days: 90
+          mode: motion
+
       cameras:
-        dummy_camera:
-          enabled: False
+        dom:
+          enabled: True
           ffmpeg:
             inputs:
-              - path: rtsp://127.0.0.1:554/rtsp
+              - path: rtsp://{FRIGATE_RTSP_DOM_USER}:{FRIGATE_RTSP_DOM_PASSWORD}@192.168.3.10:554/Streaming/Channels/101
                 roles:
+                  - audio
                   - detect
+                  - record
+        garaz:
+          enabled: True
+          ffmpeg:
+            inputs:
+              - path: rtsp://{FRIGATE_RTSP_GARAZ_USER}:{FRIGATE_RTSP_GARAZ_PASSWORD}@192.168.3.11:554/Streaming/Channels/101
+                roles:
+                  - audio
+                  - detect
+                  - record
     persistence:
       media:
         enabled: true
@@ -46,3 +64,5 @@ spec:
         size: 100Mi
         storageClass: mayastor-single-hdd
         skipuninstall: true
+    envFromSecrets:
+      - frigate-camera-rtsp
diff --git a/apps/frigate/secret.yaml b/apps/frigate/secret.yaml
new file mode 100644
index 0000000..b96d39d
--- /dev/null
+++ b/apps/frigate/secret.yaml
@@ -0,0 +1,38 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: camera
+  namespace: frigate
+---
+apiVersion: secrets.hashicorp.com/v1beta1
+kind: VaultAuth
+metadata:
+  name: camera
+  namespace: frigate
+spec:
+  method: kubernetes
+  mount: kubernetes
+  kubernetes:
+    role: frigate-camera
+    serviceAccount: camera
+---
+apiVersion: secrets.hashicorp.com/v1beta1
+kind: VaultStaticSecret
+metadata:
+  name: frigate-camera-rtsp
+  namespace: frigate
+spec:
+  type: kv-v2
+
+  mount: secret
+  path: cameras
+
+  destination:
+    create: true
+    name: frigate-camera-rtsp
+    type: Opaque
+    transformation:
+      excludeRaw: true
+
+  vaultAuthRef: camera
diff --git a/vault/kubernetes-roles/frigate-camera.yaml b/vault/kubernetes-roles/frigate-camera.yaml
new file mode 100644
index 0000000..2a72d14
--- /dev/null
+++ b/vault/kubernetes-roles/frigate-camera.yaml
@@ -0,0 +1,6 @@
+bound_service_account_names:
+  - camera
+bound_service_account_namespaces:
+  - frigate
+token_policies:
+  - frigate
diff --git a/vault/policy/frigate.hcl b/vault/policy/frigate.hcl
new file mode 100644
index 0000000..ca9a9e2
--- /dev/null
+++ b/vault/policy/frigate.hcl
@@ -0,0 +1,4 @@
+
+path "secret/data/cameras" {
+    capabilities = ["read"]
+}