diff --git a/hosts/sakura/services/atticd.nix b/hosts/sakura/services/atticd.nix
index aa142d2..b8ec7ec 100644
--- a/hosts/sakura/services/atticd.nix
+++ b/hosts/sakura/services/atticd.nix
@@ -1,9 +1,10 @@
 {config, ...}: {
   sops.secrets.attic-secret = {};
-
+  sops.secrets.s3-keyid = {};
+  sops.secrets.s3-secret-key = {};
   services.atticd = {
     enable = true;
-    credentialsFile = "/etc/attic/atticd.env";
+    credentialsFile = config.sops.secrets.attic-secret.path;
     settings = {
       listen = "[::]:8100";
       allowed-hosts = ["cache.notohh.dev"];
@@ -19,6 +20,16 @@
 
         max-size = 256 * 1024; # 256 KiB
       };
+      storage = {
+        type = "s3";
+        region = "auto";
+        bucket = "notoh-binary-cache";
+        endpoint = "https://s3.us-east-005.backblazeb2.com/";
+        credentials = {
+          access_key_id = config.sops.secrets.s3-keyid.path;
+          secret_access_key = config.sops.secrets.s3-secret-key.path;
+        };
+      };
       garbage-collection = {
         interval = "12 hours";
         default-retention-period = "2 weeks";
diff --git a/hosts/sakura/services/default.nix b/hosts/sakura/services/default.nix
index a5ca33f..64727fc 100644
--- a/hosts/sakura/services/default.nix
+++ b/hosts/sakura/services/default.nix
@@ -1,5 +1,6 @@
 {...}: {
   imports = [
+    ./atticd.nix
     ./traefik.nix
     ./authelia.nix
     ./hugo.nix