diff --git a/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/kustomization.yaml b/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/kustomization.yaml
index 3d7c93bd6..4f128bd04 100644
--- a/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/kustomization.yaml
+++ b/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/kustomization.yaml
@@ -3,8 +3,11 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ./persistent-volume-claim.yaml
-  - ./helm-release.yaml
+  - secret.sops.yaml
+  - replication-destination.yaml
+  - persistent-volume-claim.yaml
+  - replication-source.yaml
+  - helm-release.yaml
 configMapGenerator:
   - name: minecraft-public-playground-world-config
     files:
diff --git a/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/persistent-volume-claim.yaml b/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/persistent-volume-claim.yaml
index b583cfcb6..b6fbb3d8f 100644
--- a/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/persistent-volume-claim.yaml
+++ b/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/persistent-volume-claim.yaml
@@ -6,6 +6,10 @@ metadata:
 spec:
   accessModes:
     - ReadWriteOnce
+  dataSourceRef:
+    kind: ReplicationDestination
+    apiGroup: volsync.backube
+    name: minecraft-public-playground-world-data
   resources:
     requests:
       storage: 10Gi
diff --git a/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/replication-destination.yaml b/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/replication-destination.yaml
new file mode 100644
index 000000000..3e8de484b
--- /dev/null
+++ b/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/replication-destination.yaml
@@ -0,0 +1,31 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/volsync.backube/replicationdestination_v1alpha1.json
+apiVersion: volsync.backube/v1alpha1
+kind: ReplicationDestination
+metadata:
+  name: minecraft-public-playground-world-data
+  labels:
+    # https://fluxcd.io/flux/components/kustomize/kustomizations/#controlling-the-apply-behavior-of-resources
+    kustomize.toolkit.fluxcd.io/ssa: IfNotPresent
+spec:
+  trigger:
+    manual: restore-once
+  restic:
+    repository: vault-volsync
+    copyMethod: Snapshot
+    volumeSnapshotClassName: csi-ceph-blockpool
+    cacheStorageClassName: ceph-block
+    cacheAccessModes:
+      - ReadWriteOnce
+    cacheCapacity: 1Gi
+    storageClassName: ceph-block
+    accessModes:
+      - ReadWriteOnce
+    capacity: 2Gi
+    moverSecurityContext:
+      runAsUser: 1000
+      runAsGroup: 1000
+      fsGroup: 1000
+    enableFileDeletion: true
+    cleanupCachePVC: true
+    cleanupTempPVC: true
diff --git a/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/replication-source.yaml b/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/replication-source.yaml
new file mode 100644
index 000000000..7bed98635
--- /dev/null
+++ b/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/replication-source.yaml
@@ -0,0 +1,31 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/volsync.backube/replicationsource_v1alpha1.json
+apiVersion: volsync.backube/v1alpha1
+kind: ReplicationSource
+metadata:
+  name: minecraft-public-playground-world-data
+spec:
+  sourcePVC: minecraft-public-playground-world-data
+  trigger:
+    schedule: "0 * * * *"
+  restic:
+    copyMethod: Snapshot
+    pruneIntervalDays: 14
+    repository: minecraft-public-playground-world-volsync
+    volumeSnapshotClassName: csi-ceph-blockpool
+    cacheCapacity: 1Gi
+    cacheStorageClassName: ceph-block
+    cacheAccessModes:
+      - ReadWriteOnce
+    storageClassName: ceph-block
+    accessModes:
+      - ReadWriteOnce
+    moverSecurityContext:
+      runAsUser: 1000
+      runAsGroup: 1000
+      fsGroup: 1000
+    retain:
+      hourly: 24
+      daily: 7
+      weekly: 4
+      monthly: 3
diff --git a/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/secret.sops.yaml b/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/secret.sops.yaml
new file mode 100644
index 000000000..2cb5cefd6
--- /dev/null
+++ b/kubernetes/talos-flux/apps/gaming-public/minecraft-java/playground-world/secret.sops.yaml
@@ -0,0 +1,31 @@
+# yamllint disable
+apiVersion: v1
+kind: Secret
+metadata:
+    name: minecraft-public-playground-world-volsync
+type: Opaque
+stringData:
+    RESTIC_REPOSITORY: ENC[AES256_GCM,data:MGrKvdtgZNwHPxShnYpgC76Evj7LksMyoA4iA67lJUKFhG/bph/T3lsFWXD5Nkv9OtFtO30tSuRKCbGqOptLrBqDOX+hc6peHLRnDK+Be0PClcH27hFK51SA1Uc6,iv:hcODNwb0W0BY5loMoEOjFf1uxdXlxDyHBiedOqFjBY4=,tag:4n444+/w9k8IBqomTPg9OQ==,type:str]
+    RESTIC_PASSWORD: ENC[AES256_GCM,data:cYJRWOAQuC5j3Tttt9RluEcpN7nNHbGi9lVlRw4jNgf/7pSBV/xICgub+srZSM3/H35OXzzKxDMxbPTwm8cr1Q==,iv:PMxvFayHK1PukOE/TOljoednoHei44hOC+bUwK6CN4k=,tag:nyJJEe1Fy6v18OA8m/s+0Q==,type:str]
+    AWS_ACCESS_KEY_ID: ENC[AES256_GCM,data:JEXZW41lEw==,iv:pduvJsbyBRNMiP6rJ5T7mz79rdW5VLpR/Y3lOXHKU8A=,tag:HZKS59FvxO4FwZrb3LhKmg==,type:str]
+    AWS_SECRET_ACCESS_KEY: ENC[AES256_GCM,data:aguU70F7QhX2FSEJFmknY8+31PbPIXdF0iGArAkBIihiGhAfOMkD6upDfpZmuZYQcJJgRPpH2jk=,iv:I/9UIpgz0uXHzhhlbV4481gS9KRtm1ZhzvoxJScGsxg=,tag:ax0t2h1ltyPkk+0TgnMCIg==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age16zqeqx5y6ay3flwz0d06rn83yjv9ckys3j8tpkysf9v6295fhc6sf4r0uj
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzYjdZeVptaDlPZW9idmtP
+            UkRGdmxyb0REM2s4dnZVSERQNFFSRHlqVkcwClJlZHVhQUVnUm16QVloazMyUUFx
+            Q24vakF5RUEvMTExZ0lPa1RXblFEV3cKLS0tIFNMcGx3NzRQT0U4MTZER0FQUzh3
+            SThDODl4ZFFMMUlxM3BneWlrNDdjdUUKm16agevW+HLV4al0q2m5W/SyS84E5SXh
+            QfWlkG1byRaLRQ+tMeTuCN0tk2A2asmSPygQ1IKo4AO9kMirDEjQ6w==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-01-31T23:01:24Z"
+    mac: ENC[AES256_GCM,data:TAtN4VdVCqzVJq4PfVg69IEE5ZYIZl0nhVkficUF1tuaiBXDBuLOU4LDST4/UvdX0G8FRUZYG5PPugePDI8lNV6hQcTzwY4r2Hbx8EJgnrezEJvusu3kSfe5nT7idbEaoG8vhPucUkrnHzhtUnDxw7jrSVTqkNyyaDV4h0wT/7M=,iv:hQWx8SCXjrJT+ufvAhRSPK+qJVCUWt5sFH5gOYE2Aqk=,tag:aNeA4x4hSEKStqERm20AMA==,type:str]
+    pgp: []
+    encrypted_regex: ^(data|stringData)$
+    version: 3.9.4
diff --git a/kubernetes/talos-flux/apps/gaming-public/minecraft-java/velocity-proxy/config/velocity.toml b/kubernetes/talos-flux/apps/gaming-public/minecraft-java/velocity-proxy/config/velocity.toml
index e335a7778..f3fdc7c71 100644
--- a/kubernetes/talos-flux/apps/gaming-public/minecraft-java/velocity-proxy/config/velocity.toml
+++ b/kubernetes/talos-flux/apps/gaming-public/minecraft-java/velocity-proxy/config/velocity.toml
@@ -64,7 +64,7 @@ kick-existing-players = false
 #                  description and mod list.
 # - "all":         Uses the backend server's response as the proxy response. The Velocity
 #                  configuration is used if no servers could be contacted.
-ping-passthrough = "DISABLED"
+ping-passthrough = "all"
 
 # If not enabled (default is true) player IP addresses will be replaced by <ip address withheld> in logs
 enable-player-address-logging = true