diff --git a/nix-conf/home-manager/home.nix b/nix-conf/home-manager/home.nix
index bc42a51..d3d0649 100644
--- a/nix-conf/home-manager/home.nix
+++ b/nix-conf/home-manager/home.nix
@@ -43,7 +43,8 @@ in
     stateVersion = myHome.stateVersion or "22.05";
   };
   home.packages = pkgs.lib.unique ([
-    pkgs.ncdu
+    # pkgs.ncdu
+    pkgs.rclone
     pkgs.htop
     pkgs.ripgrep
     pkgs.unzip
diff --git a/nix-conf/secrets.nix b/nix-conf/secrets.nix
index f47c7f0..e1fde48 100644
--- a/nix-conf/secrets.nix
+++ b/nix-conf/secrets.nix
@@ -12,4 +12,5 @@ let
   c_ = builtins;
 in {
   "system/secrets/s3fs.age".publicKeys = c_.attrValues (all);
+  "system/secrets/_nhitrl.age".publicKeys = c_.attrValues (all);
 }
diff --git a/nix-conf/system/flake.nix b/nix-conf/system/flake.nix
index d1ff3dc..c9a3355 100644
--- a/nix-conf/system/flake.nix
+++ b/nix-conf/system/flake.nix
@@ -12,7 +12,6 @@
       lib = nixpkgs.lib; 
       proj_root = ./../..;
       # TODO: Change respectively to the system or make a nix shell to alias `nix run github:ryantm/agenix -- `
-      additionalPackages = [agenix.defaultPackage.x86_64-linux];
       base_modules = [
         agenix.nixosModule
         {
@@ -22,7 +21,10 @@
             # owner = "hungtr";
             # group = "users";
           };
-          environment.systemPackages = additionalPackages;
+          age.secrets._nhitrl_cred = {
+            file = ./secrets/_nhitrl.age;
+          };
+          environment.systemPackages = [agenix.defaultPackage.x86_64-linux];
         }
       ];
     in {
@@ -206,12 +208,17 @@
           ./configuration.nix
           # automount using s3fs
           ({config, pkgs, lib, ...}: {
-            environment.systemPackages = [pkgs.s3fs]; # s3fs-fuse
+            environment.systemPackages = [pkgs.s3fs pkgs.cifs-utils]; # s3fs-fuse
             # Sadly, autofs uses systemd, so we can't put it in home-manager
             # HACK: need to store secret somewhere so that root can access this
             # because autofs may run as root for now, we enforce putting the secret in this monorepo
             # services.rpcbind.enable = true;
             services.autofs = let 
+              # confToBackendArg {lol="what"; empty=""; name_only=null;} -> "lol=what,empty=,name_only"
+              # TODO: change null -> true/false. This allows overriding & better self-documentation
+              confToBackendArg = conf: (lib.concatStringsSep ","
+                (lib.mapAttrsToList (name: value: "${name}${lib.optionalString (value != null) "=${value}"}") conf));
+
               # mount_dest: path ("wow")
               # backend_args: nix attrs representing the arguments to be passed to s3fs 
               #    ({"-fstype" = "fuse"; "use_cache" = "/tmp";})
@@ -226,9 +233,6 @@
                 bucket
               }@inputs: let
                 s3fs-exec = "${pkgs.s3fs}/bin/s3fs";
-                # confToBackendArg {lol="what"; empty=""; name_only=null;} -> "lol=what,empty=,name_only"
-                confToBackendArg = conf: (lib.concatStringsSep ","
-                  (lib.mapAttrsToList (name: value: "${name}${lib.optionalString (value != null) "=${value}"}") conf));
               in "${mount_dest} ${confToBackendArg backend_args} :${s3fs-exec}\#${bucket}";
               personalStorage = [
                 (autofs-s3fs_entry {
@@ -245,6 +249,26 @@
                   };
                   bucket = "hungtr-hot";
                 })
+                (let args = {
+                  "-fstype" = "cifs";
+                  credentials = config.age.secrets._nhitrl_cred.path;
+                  user = null;
+                  uid = "1001";
+                  gid = "100";
+                  dir_mode = "0777";
+                  file_mode = "0777";
+                };
+                in "felia_d ${confToBackendArg args} ://felia.coati-celsius.ts.net/d")
+                (let args = {
+                  "-fstype" = "cifs";
+                  credentials = config.age.secrets._nhitrl_cred.path;
+                  user = null;
+                  uid = "1001";
+                  gid = "100";
+                  dir_mode = "0777";
+                  file_mode = "0777";
+                };
+                in "felia_f ${confToBackendArg args} ://felia.coati-celsius.ts.net/f")
               ];
               persoConf = pkgs.writeText "auto.personal" (builtins.concatStringsSep "\n" personalStorage);
             in {
diff --git a/nix-conf/system/secrets/_nhitrl.age b/nix-conf/system/secrets/_nhitrl.age
new file mode 100644
index 0000000..7b3f4d2
--- /dev/null
+++ b/nix-conf/system/secrets/_nhitrl.age
@@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 ahbzMg QEQ0gfV00KEZFXSUMAnITVG2vAhS0IrnbbEXVsQRjXA
+/iXv++nOsRRmWAu4dFTmxxC7qlCjMuTYuTa6GsYgsX0
+-> ssh-ed25519 glsjZQ Lob1uedpMxsDygT/i6Pnuwi6BzdgZPAeemISakcncVM
+UddBD1YezLMeCUn4UuHGIrK68AwCIwuHAobpkJdi/3U
+-> Tx+>#u-grease ;A%8 W
+m11Fw6roG6feroJ/o5Ro8Dv1C3Piq3bGbdV78TH9Z0URPru+srdINovMvoVqjkuZ
+eHiRwb1fN0ymLRD6/WxT4ZLKbT6J5yNPCrc+
+--- 88hy3b76RX3PAc0Lfms//lhuqsi2tsqmL9gFQqUMBKM
+>%frPåúéÚó€+÷JY`•îŽð',„ë~ÄôÊ¼fÝ‚Ä_Q2A59N/ÄV·þºÝ[ˆSgË3üß4Y(´cä}N[’Ò•ëJ¡ò6Uµ¯pvf/i§Ò+‘tÒTÞ^–Ø)
\ No newline at end of file