diff --git a/Taskfile.yaml b/Taskfile.yaml
index 1fd5a55..32f674e 100644
--- a/Taskfile.yaml
+++ b/Taskfile.yaml
@@ -11,4 +11,8 @@ includes:
 tasks:
   execPostgres:
     desc: Exec into the postgres pod as the postgres user
-    cmd: kubectl -n database exec -it postgresql-0 -- psql -d postgres -U postgres
\ No newline at end of file
+    cmd: kubectl -n database exec -it postgresql-0 -- psql -d postgres -U postgres
+
+  execMysql:
+    desc: Exec into the mysql pod as the mysql user
+    cmd: kubectl -n database exec -it mysql-0 -- mysql -u root -p
\ No newline at end of file
diff --git a/cluster/apps/database/kustomization.yaml b/cluster/apps/database/kustomization.yaml
index 5217b6a..02de375 100644
--- a/cluster/apps/database/kustomization.yaml
+++ b/cluster/apps/database/kustomization.yaml
@@ -5,4 +5,5 @@ resources:
 #- ./network_policy.yaml
 - ./postgresql
 - ./redis
-- ./minio
\ No newline at end of file
+- ./minio
+- ./mysql
\ No newline at end of file
diff --git a/cluster/apps/database/mysql/helm-release.yaml b/cluster/apps/database/mysql/helm-release.yaml
new file mode 100644
index 0000000..62a548d
--- /dev/null
+++ b/cluster/apps/database/mysql/helm-release.yaml
@@ -0,0 +1,30 @@
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: mysql
+  namespace: database
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: mysql
+      version: 11.1.14
+      sourceRef:
+        kind: HelmRepository
+        name: bitnami-charts
+        namespace: flux-system
+  values:
+    global:
+      defaultStorageClass: mainpool-hostpath
+
+    auth:
+      existingSecret: mysql
+
+    metrics:
+      serviceMonitor:
+        enabled: true
+        labels:
+          release: kube-prometheus-stack
+
+      prometheusRule:
+        enabled: true
diff --git a/cluster/apps/database/mysql/kustomization.yaml b/cluster/apps/database/mysql/kustomization.yaml
new file mode 100644
index 0000000..f58765d
--- /dev/null
+++ b/cluster/apps/database/mysql/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- ./mysql.sops.yaml
+- ./helm-release.yaml
\ No newline at end of file
diff --git a/cluster/apps/database/mysql/mysql.sops.yaml b/cluster/apps/database/mysql/mysql.sops.yaml
new file mode 100644
index 0000000..3ead7f9
--- /dev/null
+++ b/cluster/apps/database/mysql/mysql.sops.yaml
@@ -0,0 +1,73 @@
+apiVersion: v1
+kind: Secret
+metadata:
+    name: mysql
+    namespace: database
+stringData:
+    mysql-root-password: ENC[AES256_GCM,data:8wAhBPa9CQTEj87SorjQj2GmY3E4jxbR0JAzOk0u7r8=,iv:6hv8qftod56M3udqao1MxADcrSlDMsfz2YtFLWzrzVM=,tag:kEXOtDAQg2xRzZz/csSatg==,type:str]
+    mysql-replication-password: ENC[AES256_GCM,data:cHdCVcP7+Y48e3SFzZCf9Q4peVGxhIVFFVuUwwFrGDA=,iv:GBNAFzvQUHtidYgpNKiEPWABIwVk9muEFRLaYBZbFDM=,tag:3B35mjWJV1MQ0ASZuoyyPQ==,type:str]
+    mysql-password: ENC[AES256_GCM,data:D/fW2cAMiurBixcJRCTJUmlvr0kEmTnMsgVM8xKTu18=,iv:bc+7P0cGJy+6YR1I6mzSAq6gGiEH6uOKdmSjYkdoWxs=,tag:hEDAyGpDQCKbgA9XvGeL4Q==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age: []
+    lastmodified: "2024-08-05T15:30:54Z"
+    mac: ENC[AES256_GCM,data:ni1zA28zwCp6Fvqv5FtET/ylqOV6L/IXl4KtVo73aIDunlI29qD0cpTbFMPh4bxHqqYUsa/EBF+we5kglLQzP/9qnVrNXCNZnWbkCIsVlghMOLGqVFi7CJFc42ghNGQD9BVj5115VGSX3D05x1a9JI070AoEYQ+/OgLuZf0XxDE=,iv:bi33L8MotNRkg5+WAsXE8a0RlPWfu2rCnA/WaOnHsV0=,tag:7rTzgiDKtPsfCF+e7T5ABQ==,type:str]
+    pgp:
+        - created_at: "2024-08-05T15:30:54Z"
+          enc: |-
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMAyqlIeyoxYovAQ/8DqfstkJgwoIrbTVbVBQheBfPoNl+6iV1IxctfXsr+2CF
+            rY9gV1qxOVh/E0hHyOws8F6EE+oCdbHtsGBa/1KiN0HBY55HFRm9LXF5s5EKOEWg
+            bXg0Gyoqvfny31+UAGAIW91yAGJ07jp4u3oj8RGKHF7sLcuCrk5NfajK7ALzG6hp
+            vpbXenT2D4xxsWqdhkY7azwrqqPC0XyWx2XkFscED2PzwTpT1gPALrtdhknVlCtE
+            azyPtVIg2swt3kWm5bsYJgOHhnnnDTEX412XXJTqQUmmZCTAeKRIo0xtG9Kicujy
+            gzIhxQd14i7jniYzj8uNkNWEaIBfehSqQM+IWRSB6AgV5AnalDudgSyN2R7yDi2a
+            vLt+H1UuESlfuYmqQgG9pDrJG1nigWxMhexm6Ykdz3LnSbzcrkJ9/sCXg0ZCwFok
+            RYMajxB2nHTvQBCSCSqFPzgViDYlv83Vck6vHGma3Lyhe2YDBIGC8bXNmRS92xl+
+            FkbssELrtFdxj8cbQ3WTBU33CdTs6EglSmBSJ+E8SkU7Bok09k4uXK+ZdSkq2pdI
+            I7ZSJufUmKjhvR9l6nSX0/dOOkkvtyDVdB0pPCz5WdwJBS5lInbbUMB7sU71pXor
+            swpHeQaED/BlDcxFIRKAneAfTpBgVzhoPnDnN1xYriLdsZ9kND3KzsXNaT9JeqWF
+            AgwDXjg0p2IN1X8BEACtnlSJlSqalmdhXWD4lKMiz+uQVGaHJty5Rw7CHiFLI7rU
+            wIMnZXQNCiQY+boTaQNe8VqeZ91ptsaIr+2VTrs2gGFbWccQQHwdPN582V7BSQiv
+            mdkxJhE69TTXyu4R/ycDuIgAtXpRA8pLcWsSRWkYtjzKC9Um8y7S+yqsMKCGyTjd
+            gU1mUPrPCJeh6/bThMiowfkIT1GPh4udBSQp6aFW2MOzFySOgphxXPC866lW42T6
+            aCN3n8/kpkc9SKUklUlxt0SKuoghC9NF5pIKANpKWNLrpHv3Y+UXqQt5FIjQLJe0
+            eUGZEkOpihaldG5ObOY9ddRvbnGhaJiK6UXDa5PSCVYG9Fxk9Tw85TKJNbBqd18W
+            A0cj8+CL5eJo+WM91oVbsr4MwE3lKGogVd/9nnylvy8hamoD08A9EN3uf4aqbsTE
+            S5HvHca80WjjMo6LrwcBz6N0RFwQggNT998Mlvb/JRN0Km8EfgDKBbjABBvCHPg7
+            SALnnZNgQbb3Cg3JS7Z9Fe4pKHyUxf6zJsGui0rmFa4r8xrwIkrHSUGk5I431Nkk
+            RS+ppU+Y/Pew0tE7rc2PkzM6lYexphFnViwQZqpHc9EHy2QffN/YkqaFuvIsSbs/
+            fbnJFNgYyW3l2u4Iiaf1UKKkpHRTF6W8UPTblsec9USJperDADkk5aKMV3W0WNRo
+            AQkCEEpvhrTP6NE+ay6COZGVai/ESvAF7ovx14AS2sMwaB9JPEcUG/S+cbMByDmo
+            sc4vHi3BpDxLgltUyUHC2gGkFbc6s9afM8Bd3Ut8jiLPMayhGGpe0natHoo5xz6p
+            Qktw4dL+mCQ=
+            =jZC7
+            -----END PGP MESSAGE-----
+          fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
+        - created_at: "2024-08-05T15:30:54Z"
+          enc: |-
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMAy5t8IMoPu4VARAAuoptUmFjfyG7uDw42T68nvuetOcF/Zr8hvfcNOtZXFM3
+            L4tgIBc9H5dg1S+XeFM1QweMiJdRhzXsUmLXhIFC9Bj+jaVcS5xHQ4RGcHRYBbeV
+            ssoG7hbgESBAvXW7+AUySp9vyn97dasFlb67uuBeLhTl2NImh5OY1sLsrjBPIJVv
+            SU+LPQqSn37kdrN/Ui3llGv2mVPioMovCEJG2EWykFrk7ameLmkznYYysiJ5WIx2
+            PIavyLm/E4KG3EuV/6mCDnLMocQwLkIyVkOR/GGesaZPpI9OkeN42EXyPUKeWyc5
+            52CbiR8XeRjMuQSF6zqYfat0npz+hO8mdAJLTVcoTzP2BaA78dxg7kpYxVLNTS5b
+            8hv/ndIWQr6P3fi9lzIpQOqHQ5HU7SoZm8oZeXmZWejyn5+j9omTkKmIpzZ91SHW
+            c6eDCeG5Aq5s9Vp6CuQQ+vHpEEEiX8SNdqkEoDtcIVYd1/LZLBdN2JxW9zFi1yGJ
+            HW2Dcef+sN3ide7tIgZ4fHogV9WUaaJBcvXsbDcXxAZk5Kw/ejFwCznZry/u9PQP
+            uaAVKuD9q4XdI4sMBdbr1yqXnkUBVDRVnqNLu5Upu2S2CnPJlOYUvqkR+nqcRdwz
+            W+cGMCyzL+s/8wfi3JRrcrbmnp8aVR9aZEthZnn5M9LPF/PfVOIka9H7QArC+UHU
+            aAEJAhB5SM7t19txEM97n6VHwEYZ4ya9i7ntC1mPx3ORTGAToSQFVvNXtXfsZOYc
+            WRxBcRKBsWj/p1TCh66mvrSDE33bthrvZgWBJunXFOVwXDmVNbWEi20lgu6/IFUJ
+            fMdLui4jsCVY
+            =uQ7o
+            -----END PGP MESSAGE-----
+          fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
+    encrypted_regex: ^(data|stringData)$
+    version: 3.8.1
diff --git a/cluster/apps/default/kustomization.yaml b/cluster/apps/default/kustomization.yaml
index 452d5ba..ae0ac4d 100644
--- a/cluster/apps/default/kustomization.yaml
+++ b/cluster/apps/default/kustomization.yaml
@@ -9,4 +9,5 @@ resources:
 - ./exim
 - ./well-known-site
 - ./dendrite
-- ./ganymede
\ No newline at end of file
+- ./ganymede
+- ./piwigo
\ No newline at end of file
diff --git a/cluster/apps/default/piwigo/helm-release.yaml b/cluster/apps/default/piwigo/helm-release.yaml
new file mode 100644
index 0000000..cf71f92
--- /dev/null
+++ b/cluster/apps/default/piwigo/helm-release.yaml
@@ -0,0 +1,74 @@
+# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: piwigo
+  namespace: default
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: app-template
+      version: 3.1.0
+      sourceRef:
+        kind: HelmRepository
+        name: bjws-charts
+        namespace: flux-system
+
+  values:
+    controllers:
+      main:
+#        pod:
+#          securityContext:
+#            runAsNonRoot: true
+#            runAsUser: 10000
+#            runAsGroup: 10000
+#            fsGroup: 10000
+#            fsGroupChangePolicy: OnRootMismatch
+
+        containers:
+          main:
+            image:
+              repository: lscr.io/linuxserver/piwigo
+              tag: 14.5.0
+
+            env:
+              PUID: 9000
+              PGID: 9000
+              TZ: ${SERVER_TIMEZONE}
+
+    service:
+      app:
+        controller: main
+
+        ports:
+          http:
+            port: 80
+
+    ingress:
+      main:
+        annotations:
+          cert-manager.io/cluster-issuer: letsencrypt-production
+          traefik.ingress.kubernetes.io/router.entrypoints: websecure
+          #traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
+
+        hosts:
+        - host: "gallery.${SECRET_NEW_DOMAIN}"
+          paths:
+          - path: /
+            service:
+              identifier: app
+              port: http
+
+    persistence:
+      config:
+        type: hostPath
+        hostPath: /mnt/MainPool/Kubernetes/piwigo/config
+        globalMounts:
+        - path: /config
+
+      gallery:
+        type: hostPath
+        hostPath: /mnt/MainPool/Kubernetes/piwigo/gallery
+        globalMounts:
+        - path: /gallery
diff --git a/cluster/apps/default/piwigo/kustomization.yaml b/cluster/apps/default/piwigo/kustomization.yaml
new file mode 100644
index 0000000..ea3145d
--- /dev/null
+++ b/cluster/apps/default/piwigo/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- ./helm-release.yaml
\ No newline at end of file