diff --git a/.deploy/litestream-template.yml b/.deploy/litestream-template.yml
new file mode 100644
index 0000000..50e82cb
--- /dev/null
+++ b/.deploy/litestream-template.yml
@@ -0,0 +1,10 @@
+access-key-id: ${R2_ACCESS_KEY_ID}
+secret-access-key: ${R2_SECRET_ACCESS_KEY}
+dbs:
+  - path: /data/app.db
+    replicas:
+      - type: s3
+        bucket: ${R2_BUCKET}
+        path: app.db
+        region: auto
+        endpoint: ${R2_ENDPOINT}
\ No newline at end of file
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index ea87f1e..bba3795 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -49,19 +49,29 @@ jobs:
             echo "TAG_NAME=${{ github.event.inputs.version }}" >> $GITHUB_ENV
           fi;
       
+      - name: setup .net core
+        uses: actions/setup-dotnet@v3
+        with:
+          dotnet-version: '8.*'
+          
+      - name: Install x tool
+        run: dotnet tool install -g x
+          
+      - name: Apply Production AppSettings
+        working-directory: ./BlazorDiffusion
+        run: | 
+          cat <<EOF >> appsettings.json.patch
+          ${{ secrets.APPSETTINGS_PATCH }}
+          EOF
+          x patch appsettings.json.patch
+
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v2
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-          
         
-      - name: Setup dotnet
-        uses: actions/setup-dotnet@v3
-        with:
-          dotnet-version: '8.*'
-      
       # Build and push new docker image, skip for manual redeploy other than 'latest'
       - name: Build and push Docker image
         run: |
@@ -103,6 +113,8 @@ jobs:
           echo "APP_NAME=${{ github.event.repository.name }}" >> .deploy/.env
           echo "IMAGE_REPO=${{ env.image_repository_name }}" >> .deploy/.env
           echo "RELEASE_VERSION=${{ env.TAG_NAME }}" >> .deploy/.env
+          echo "R2_ACCESS_KEY_ID=${{ secrets.R2_ACCESS_KEY_ID }}" >> .deploy/.env
+          echo "R2_SECRET_ACCESS_KEY=${{ secrets.R2_SECRET_ACCESS_KEY }}" >> .deploy/.env
       
       # Copy only the docker-compose.yml to remote server home folder
       - name: copy files to target server via scp
@@ -115,7 +127,28 @@ jobs:
           strip_components: 2
           source: "./.deploy/docker-compose.yml,./.deploy/.env"
           target: "~/.deploy/${{ github.event.repository.name }}/"
-      
+
+        # Populate litestream.yml with variables from build process, including TAG_NAME.
+      - name: litestream.yml file prep
+        uses: danielr1996/envsubst-action@1.1.0
+        env:
+          R2_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }}
+          R2_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }}
+        with:
+          input: .deploy/litestream-template.yml
+          output: .deploy/litestream.yml
+
+      - name: copy litestream.yml file via scp
+        uses: appleboy/scp-action@v0.1.3
+        with:
+          host: ${{ secrets.DEPLOY_HOST }}
+          username: ${{ secrets.DEPLOY_USERNAME }}
+          port: 22
+          strip_components: 1
+          key: ${{ secrets.DEPLOY_KEY }}
+          source: ".deploy/litestream.yml"
+          target: ".deploy/${{ github.event.repository.name }}/config"
+
       - name: Run remote db migrations
         uses: appleboy/ssh-action@v0.1.5
         env: