diff --git a/config-files/sops-nix/secrets.yaml b/config-files/sops-nix/secrets.yaml
index 3f07db2..0d485a4 100644
--- a/config-files/sops-nix/secrets.yaml
+++ b/config-files/sops-nix/secrets.yaml
@@ -32,4 +32,14 @@ docker:
     HOME_ROUTER_SUBNET=$HOME_ROUTER_SUBNET
     HOME_ROUTER_IP=$HOME_ROUTER_IP
     HOME_SERVER_IP=$HOME_SERVER_IP
-    FTLCONF_webserver_api_password=$FTLCONF_WEBSERVER_PASSWORD
\ No newline at end of file
+    FTLCONF_webserver_api_password=$FTLCONF_WEBSERVER_PASSWORD
+  disks:
+    data-disk-1=$DATA-DISK-1
+    data-disk-2=$DATA-DISK-2
+    data-disk-3=$DATA-DISK-3
+    data-disk-4=$DATA-DISK-4
+    data-disk-5=$DATA-DISK-5
+    data-disk-6=$DATA-DISK-6
+    parity-disk-1=$PARITY-DISK-1
+    parity-disk-2=$PARITY-DISK-2
+    parity-disk-3=$PARITY-DISK-3
diff --git a/configuration.nix b/configuration.nix
index 8d281f4..f4dc795 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -37,6 +37,15 @@ in
   sops.secrets."docker/passbolt" = { owner = "numbus-admin"; path = "/etc/docker-compose/passbolt/.env"; };
   sops.secrets."docker/hass" = { owner = "numbus-admin"; path = "/etc/docker-compose/hass/.env"; };
   sops.secrets."docker/pihole" = { owner = "numbus-admin"; path = "/etc/docker-compose/pihole/.env"; };
+  sops.secrets."disks/data-disk-1" = { owner = "root"; };
+  sops.secrets."disks/data-disk-2" = { owner = "root"; };
+  sops.secrets."disks/data-disk-3" = { owner = "root"; };
+  sops.secrets."disks/data-disk-4" = { owner = "root"; };
+  sops.secrets."disks/data-disk-5" = { owner = "root"; };
+  sops.secrets."disks/data-disk-6" = { owner = "root"; };
+  sops.secrets."disks/parity-disk-1" = { owner = "root"; };
+  sops.secrets."disks/parity-disk-2" = { owner = "root"; };
+  sops.secrets."disks/parity-disk-3" = { owner = "root"; };
 
   # Bootloader options
   boot.initrd.systemd.enable = true;
diff --git a/deploy.sh b/deploy.sh
index 4663328..190b568 100755
--- a/deploy.sh
+++ b/deploy.sh
@@ -180,6 +180,15 @@ files_generation() {
   PASSBOLT_MYSQL_USER=$(openssl rand -base64 29 | tr -d "123456789=+/" | cut -c1-10)
   PASSBOLT_MYSQL_PASSWORD=$(openssl rand -base64 29 | tr -d "=+/" | cut -c1-64)
   FTLCONF_WEBSERVER_PASSWORD=$(openssl rand -base64 29 | tr -d "=+/" | cut -c1-64)
+  DATA-DISK-1=$(openssl rand -base64 300 | tr -d "=+/" | cut -c1-256)
+  DATA-DISK-2=$(openssl rand -base64 300 | tr -d "=+/" | cut -c1-256)
+  DATA-DISK-3=$(openssl rand -base64 300 | tr -d "=+/" | cut -c1-256)
+  DATA-DISK-4=$(openssl rand -base64 300 | tr -d "=+/" | cut -c1-256)
+  DATA-DISK-5=$(openssl rand -base64 300 | tr -d "=+/" | cut -c1-256)
+  DATA-DISK-6=$(openssl rand -base64 300 | tr -d "=+/" | cut -c1-256)
+  PARITY-DISK-1=$(openssl rand -base64 300 | tr -d "=+/" | cut -c1-256)
+  PARITY-DISK-2=$(openssl rand -base64 300 | tr -d "=+/" | cut -c1-256)
+  PARITY-DISK-3=$(openssl rand -base64 300 | tr -d "=+/" | cut -c1-256)
 
   echo -e "\n\n  ✅ Encrypting secrets in the correct file..."
   envsubst < "config-files/sops-nix/secrets.yaml" | sops encrypt --filename-override secrets.yaml \