diff --git a/flake.nix b/flake.nix
index 2264488..648a79b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -6,9 +6,13 @@
       inputs.nixpkgs.follows = "nixpkgs";
       inputs.darwin.follows = "";
     };
+    attic = {
+      url = "github:zhaofengli/attic";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
   };
 
-  outputs = { self, nixpkgs, agenix, ... }@attrs:
+  outputs = { self, nixpkgs, agenix, attic, ... }@attrs:
     let
       containerDef = import ./containers.nix;
       serviceContainers = containerDef.containers;
@@ -36,7 +40,11 @@
           modules = [
             ({ modulesPath, ... }: {
 
-              imports = [ agenix.nixosModules.default ./hardware-configuration.nix ];
+              imports = [ 
+                agenix.nixosModules.default 
+                attic.nixosModules.atticd
+                ./hardware-configuration.nix 
+              ];
 
               nix = {
                 buildMachines = [ ];
@@ -68,6 +76,21 @@
                   enable = true;
                 };
 
+                atticd = {
+                  enable = true;
+                  credentialsFile = 
+                    self.nixosConfigurations.eve-psr-nix0.config.age.secrets.attic_token.path;
+                  settings = {
+                    listen = "0.0.0.0:8040";
+										chunking = {
+      							  nar-size-threshold = 64 * 1024; # 64 KiB
+      							  min-size = 16 * 1024; # 16 KiB
+      							  avg-size = 64 * 1024; # 64 KiB
+      							  max-size = 256 * 1024; # 256 KiB
+      						 	};
+      						};
+								};
+
                 hydra = {
                   enable = true;
                   hydraURL = "https://hydra.matri.cx";
@@ -98,7 +121,7 @@
                 users = {
                   sezycei = {
                     isNormalUser = true;
-                    passwordFile = config.age.secrets.sezycei.path;
+                    passwordFile = self.nixosConfigurations.eve-psr-nix0.config.age.secrets.sezycei.path;
                     extraGroups = [ "wheel" ];
                     packages = with pkgs; [ 
                       byobu 
@@ -114,6 +137,7 @@
 
               age = {
                 secrets = {
+                  attic_token.file = ./secrets/attic_token.age;
                   keys.file = ./secrets/keys.age;
                   sezycei.file = ./secrets/sezycei.age;
                 };
diff --git a/secrets.nix b/secrets.nix
index 240b67e..6374f72 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -4,6 +4,13 @@ let
   all = [ james eve-psr-nix0 ];
 in
 {
-  "secrets/keys.age".publicKeys = all;
-  "secrets/sezycei.age".publicKeys = all;
+  "secrets/attic_token.age" = {
+    publicKeys = all;
+  };
+  "secrets/keys.age" = { 
+    publicKeys = all;
+  };
+  "secrets/sezycei.age" = {
+    publicKeys = all;
+  };
 }
diff --git a/secrets/attic_token.age b/secrets/attic_token.age
new file mode 100644
index 0000000..904916a
Binary files /dev/null and b/secrets/attic_token.age differ