diff --git a/hosts/sakura/services/atticd.nix b/hosts/sakura/services/atticd.nix
index aa142d2..058c976 100644
--- a/hosts/sakura/services/atticd.nix
+++ b/hosts/sakura/services/atticd.nix
@@ -1,9 +1,11 @@
 {config, ...}: {
   sops.secrets.attic-secret = {};
+  sops.secrets.s3-keyid = {};
+  sops.secrets.s3-secret-key = {};
 
   services.atticd = {
     enable = true;
-    credentialsFile = "/etc/attic/atticd.env";
+    credentialsFile = config.sops.secrets.attic-secret.path;
     settings = {
       listen = "[::]:8100";
       allowed-hosts = ["cache.notohh.dev"];
@@ -19,6 +21,12 @@
 
         max-size = 256 * 1024; # 256 KiB
       };
+      storage = {
+        type = "s3";
+        region = "us-east-005";
+        bucket = "notoh-binary-cache";
+        endpoint = "https://s3.us-east-005.backblazeb2.com";
+      };
       garbage-collection = {
         interval = "12 hours";
         default-retention-period = "2 weeks";