diff --git a/machines/compute01/nextcloud.nix b/machines/compute01/nextcloud.nix
index a9f478c..37bfd85 100644
--- a/machines/compute01/nextcloud.nix
+++ b/machines/compute01/nextcloud.nix
@@ -24,6 +24,20 @@ in {
       defaultPhoneRegion = "FR";
 
       trustedProxies = [ "::1" ];
+
+      objectstore.s3 = {
+        enable = true;
+
+        hostname = "s3.dgnum.eu";
+        region = "garage";
+        usePathStyle = true;
+        port = 443;
+
+        bucket = "nextcloud-dgnum";
+        key = "GKda5367c73ca607c349d83c35";
+        autocreate = false;
+        secretFile = config.age.secrets."nextcloud-s3_secret_file".path;
+      };
     };
 
     notify_push = { enable = true; };
@@ -41,7 +55,7 @@ in {
       updatechecker = false;
 
       allow_local_remote_servers = true;
-      "opcache.interned_strings_buffer" = 16;
+      "opcache.interned_strings_buffer" = 32;
     };
   };
 
@@ -52,7 +66,7 @@ in {
 
   dgn-secrets.options = [
     (setDefault { owner = "nextcloud"; }
-      (builtins.filter (lib.hasPrefix "nextcloud") config.dgn-secrets.names))
+      (builtins.filter (lib.hasPrefix "nextcloud-") config.dgn-secrets.names))
   ];
 
   networking.firewall.allowedTCPPorts = [ 80 443 ];
diff --git a/machines/compute01/secrets/nextcloud-s3_secret_file b/machines/compute01/secrets/nextcloud-s3_secret_file
new file mode 100644
index 0000000..20580db
--- /dev/null
+++ b/machines/compute01/secrets/nextcloud-s3_secret_file
@@ -0,0 +1,24 @@
+age-encryption.org/v1
+-> ssh-ed25519 tDqJRg 2RokFJ8iIvUHNIkc8C0GB1CSho8pDWnj5zQ3rfCiI3k
+C/u+oGgguGe8ZhcWFN3dWFdby7g+uizSoc9qUfyqh6U
+-> ssh-ed25519 jIXfPA yGY4tw7TB0dxo7feCsTDgyMp9RFbJJUge9vF7DbhDRI
+xjQcbO9sIDudnsILaQp1xZuDP5qYz0zz7sN5I115yTU
+-> ssh-ed25519 QlRB9Q 90eLE1s+T5NdMprV4dOyVCoZbFKDYzr+ZmET8RTWOCE
+n4uZBqYolKJ+gtNvZaleSLtY9JXHDKZBVYQTrAu64uE
+-> ssh-rsa krWCLQ
+mvsGtGUsHMVlLVd4WWWPmUU3XukP53JDxltl198Ar1nkviOU3e7kuBo7iQJqP7KM
+GyZyZof280IWEulMgq15XPLyiPUXUs5ZJU4ESObWNaFV56fCRnJVpy1egoUx6QcA
+jWpM3IdSswKM7JJIhZF6ol0C1HFFVmDOMyPu50YnoFUs2AgQZbiYAah8JFOIi55C
+pzn0sTz/uejbbkqbmNnFEiNg6lH0u1hvIkFt00CSPtQFjcEgctOfK3lTjwbhj4C1
+VPjEmuEjl6BsfSRYS5/qyXJNBf9j3GXz/ngFeowgwOkFvhMHdpHLnzFTK5ST8ZkM
+usrlFAWo4EsGArIB+9eo6A
+-> ssh-ed25519 /vwQcQ EcyRCQAIz0MPe9SYyOp3Mw/SzmOSejj0TjBLOZNp7CQ
+QTvtuZ0asPFJK14fLfeQ8ikHDm1Dph1G7YhEmrnzeUc
+-> ssh-ed25519 0R97PA Kun17Nn0O9HcAq1z1kuWtJmgW/6/edrl5wrWJhkw8HA
+Q7EZzEyK70xrdYBxz33GlgKOP2QScwYBRLlYufRVQss
+-> !<+i-grease FxH]dhGf `
+uQHW6ZkCjGWBGqY9vDpOiib4Ti+ayNuS8tJnKnXaxTVH/UhCQrai2qhFdnRIHcO2
++1VU3tqiN8LWyBXeeEC8Tq8I
+--- BSn6z9x3g31WTDla9cia0InR+KDEerjJh2bRhXlwbaY
+ÔwâžeÝŸˆ/–ú˜ñmÎßOT´Àm,K\«ƒ¯5ñù´Ô–­€Ø®‹T tàmÓ
+SÂQÕˆª‰õª”=IëS,CšPèp÷ˆFMŸ?·æ–=àÅçP~‘‚°›¨î
\ No newline at end of file
diff --git a/machines/compute01/secrets/secrets.nix b/machines/compute01/secrets/secrets.nix
index b50b7d3..f5f87a7 100644
--- a/machines/compute01/secrets/secrets.nix
+++ b/machines/compute01/secrets/secrets.nix
@@ -5,4 +5,5 @@ in
 
 lib.setDefault { inherit publicKeys; } [
   "nextcloud-adminpass_file"
+  "nextcloud-s3_secret_file"
 ]