diff --git a/infrastructure/backup/doc/backup_dev_notes.md b/infrastructure/backup/doc/backup_dev_notes.md
index cd51ce2..a6655e6 100644
--- a/infrastructure/backup/doc/backup_dev_notes.md
+++ b/infrastructure/backup/doc/backup_dev_notes.md
@@ -41,4 +41,39 @@ stateDiagram-v2
 2. Dort backup-restore deployment (leeres Secret mgl.?), neues Secret "rotation-credential-secret" als Daten
 3. mounten von angelegtem Secret in Pod backup-restore
 4. ba*bash*ka Skript in pod starten -> liest Secret ?leer
-5. Micha cons. 
\ No newline at end of file
+5. Micha cons. 
+
+```mermaid
+sequenceDiagram
+    participant k8s
+    participant e as entrypoint.sh
+    participant rm as restic-management.clj
+
+    k8s ->> e: cronjob calls
+    e ->> rm: start-file
+    rm ->> rm: rotate
+    activate rm
+        rm ->> rm: read-backup-repository-state (state)
+        rm ->> rm: read-secret (backup-secret/restic-password,  rotation-credential-secret/rotation-credential)
+        rm ->> rm: switch
+        activate rm
+        rm ->> rm: if init && restic-password != null
+        activate rm
+        rm ->> rm: init.sh
+        rm ->> rm: state init -> backup-ready
+        deactivate rm
+        rm ->> rm: if backup-ready && rotation-credential != null
+        activate rm
+        rm ->> rm: add-new-password-to-restic-repository.sh
+        rm ->> rm: state backup-ready -> new-password-added
+        deactivate rm
+        rm ->> rm: if new-password-added && rotation-credential == null
+        activate rm
+        rm ->> rm: remove-old-password-from-restic-repository.sh
+        rm ->> rm: state new-password-added -> backup-ready
+        deactivate rm
+        deactivate rm
+
+        rm ->> rm: store-repository-state (state)
+    deactivate rm
+```
\ No newline at end of file