diff --git a/nixos/cache-server.nix b/nixos/cache-server.nix
new file mode 100644
index 00000000..6b6b4ba6
--- /dev/null
+++ b/nixos/cache-server.nix
@@ -0,0 +1,20 @@
+{ config, makeEnable, ... }:
+makeEnable config "modules.cache-server" false {
+  age.secrets."cache-priv-key.pem".file = ./secrets/cache-priv-key.pem.age;
+
+  services.nix-serve = {
+    enable = true;
+    secretKeyFile = config.age.secrets."cache-priv-key.pem".path;
+    port = 5050;
+  };
+
+  services.nginx = {
+    enable = true;
+    recommendedProxySettings = true;
+    virtualHosts = {
+      "0.0.0.0" = {
+        locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
+      };
+    };
+  };
+}
diff --git a/nixos/configuration.nix b/nixos/configuration.nix
index 198fa725..59813ade 100644
--- a/nixos/configuration.nix
+++ b/nixos/configuration.nix
@@ -4,6 +4,7 @@
     ./android.nix
     ./base.nix
     ./cache.nix
+    ./cache-server.nix
     ./code.nix
     ./desktop.nix
     ./environment.nix
diff --git a/nixos/keys.nix b/nixos/keys.nix
index 9ca7f632..ba1d36bc 100644
--- a/nixos/keys.nix
+++ b/nixos/keys.nix
@@ -1,4 +1,9 @@
 rec {
+  hostKeys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG3UqIYs/NY0okKuiIO+dU2OM7A8vv3b6//GedagvLoX ryzen-shine.local"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINFbM1sL/vlDhrqPV1OMIGi4dKG0tMKhWSXx95ccbfyM biskcomp.local"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIoHW29TmS5FgK12N+bCXhGWASDdmzqSEA0QxbyGaJ+j nixquick.local"
+  ];
   kanivanKeys = [
     "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUSkj7587e+MAUNyU/KRpw9Vk++53Wv5nB+0V1QgiTO3rMQe6HJt0Tm2wi/o/T8GNjueT2D69YgkqOIF1FQwsj2EFLObcMzeBgs5gTSglqggA2I91BIc1vvgjCDpogOMAzAQGlTxRnqrEXhqG0jJtw8KIzLr9WrvWLdTT4rHtWS8RoOBgkQ8oxbggZ4vtbMBIwoIAYGRr70KBRNCsLTPLa8yEf+DDQxq1entzxSjHXHgyeBSVVpPCrBVmhjandk+lIFInjvAiAE1ZkJHSRccL73ORmgb1crwH7xlD9NwBPmypowMi8UIRMKfL2lNehT0AQIlEAikUBLMDzPIPhnwLZ imalison@ivanm-dfinity-razer.local"
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHEsLV27EteTsuVl1gLAZRCklpMFBMhakKbQ2+MkN5rm JuiceSSH"
@@ -20,5 +25,6 @@ rec {
   alexKeys = [
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP2SQkJenAX67Ze99SKOVpKDD1XvAZnxQ8RLP0dL/Ej2 alexm@MALISONSERVER"
   ];
-  allKeys = kanivanKeys ++ deanKeys ++ alexKeys;
+  agenixKeys = hostKeys ++ kanivanKeys;
+  allKeys = kanivanKeys ++ deanKeys ++ alexKeys ++ hostKeys;
 }
diff --git a/nixos/machines/ryzen-shine.nix b/nixos/machines/ryzen-shine.nix
index 67e44c65..6f3c380a 100644
--- a/nixos/machines/ryzen-shine.nix
+++ b/nixos/machines/ryzen-shine.nix
@@ -8,6 +8,7 @@
   features.full.enable = true;
   # Needed for now because monitors have different refresh rates
   modules.xmonad.picom.vSync.enable = false;
+  modules.cache-server.enable = true;
 
   boot.loader.systemd-boot.configurationLimit = 5;
 
diff --git a/nixos/secrets/cache-priv-key.pem.age b/nixos/secrets/cache-priv-key.pem.age
new file mode 100644
index 00000000..d8e3f38b
Binary files /dev/null and b/nixos/secrets/cache-priv-key.pem.age differ
diff --git a/nixos/secrets/cache-pub-key.pem b/nixos/secrets/cache-pub-key.pem
new file mode 100644
index 00000000..474d2cda
--- /dev/null
+++ b/nixos/secrets/cache-pub-key.pem
@@ -0,0 +1 @@
+1896Folsom.duckdns.org:U2FTjvP95qwAJo0oGpvmUChJCgi5zQoG1YisoI08Qoo=
\ No newline at end of file
diff --git a/nixos/secrets/gpg-keys.age b/nixos/secrets/gpg-keys.age
index fcf32d1c..b3a76249 100644
Binary files a/nixos/secrets/gpg-keys.age and b/nixos/secrets/gpg-keys.age differ
diff --git a/nixos/secrets/secrets.nix b/nixos/secrets/secrets.nix
index fc7386c0..e4a449e0 100644
--- a/nixos/secrets/secrets.nix
+++ b/nixos/secrets/secrets.nix
@@ -1,5 +1,6 @@
 let keys = (import ../keys.nix);
 in
 {
-  "gpg-keys.age".publicKeys = keys.kanivanKeys;
+  "gpg-keys.age".publicKeys = keys.agenixKeys;
+  "cache-priv-key.pem.age".publicKeys = keys.agenixKeys;
 }