diff --git a/hosts/servers/alexandria/nextcloud.nix b/hosts/servers/alexandria/nextcloud.nix
index 9b0a55a..46e901a 100644
--- a/hosts/servers/alexandria/nextcloud.nix
+++ b/hosts/servers/alexandria/nextcloud.nix
@@ -9,7 +9,8 @@
       configureRedis = true;
       caching.apcu = false;
       https = true;
-      secretFile = config.age.secrets.nextcloud.path;
+      secretFile = config.age.secrets.nextcloud-secrets.path;
+      config.adminpassFile = config.age.secrets.nextcloud-adminpass.path;
     };
 
     nginx.virtualHosts.${config.services.nextcloud.hostName} = {
@@ -19,9 +20,16 @@
     };
   };
 
-  age.secrets.nextcloud = {
-    file = ../../../secrets/nextcloud.json.age;
-    owner = "nextcloud";
-    group = "hosted";
+  age.secrets = {
+    nextcloud-secrets = {
+      file = ../../../secrets/nextcloud-secrets.json.age;
+      owner = "nextcloud";
+      group = "hosted";
+    };
+    nextcloud-adminpass = {
+      file = ../../../secrets/nextcloud-adminpass.age;
+      owner = "nextcloud";
+      group = "hosted";
+    };
   };
 }
diff --git a/secrets/nextcloud-adminpass.age b/secrets/nextcloud-adminpass.age
new file mode 100644
index 0000000..f8cc7cc
--- /dev/null
+++ b/secrets/nextcloud-adminpass.age
@@ -0,0 +1,15 @@
+age-encryption.org/v1
+-> ssh-ed25519 hi+lKA qOCl4MjR5cDSeSYAsxPl5tk/KHkseakzZpVOqIyoLwQ
+XfHkZcH6afxZUnhYxNeOuO6q6V8YVFtq0eEYbjLtFeY
+-> ssh-ed25519 SP9f6A +tN+rN+VCZaJx5jCQs3Kr3ivi3y9mhYTWrOaCAXSO3k
+w98sEpHgU74pOpwUWy4O0fz1bycS0EnyOE1+zjjkqL8
+-> ssh-ed25519 8YSAiw V8jVTLozSF4yA1fjIz8m5H0hTEDyDxGc5rsmDgKVRQE
+v1AVnW3bEmW2h+gF3rWQR/SkuJTB7AdIB8dVZ3MusSY
+-> ssh-ed25519 3Chb7w 5zEF33J2xsu/3F01w6cCYt6I/Y1e0EzFFCn4eAy7aTk
+TAEuIqPsMff1lGbnE0gTyB2WEe0zQXKKS6zQgcOE138
+-> ssh-ed25519 J6tVTA TVK3S3XxlRxtJ+8PXZm1xZQw8ApWuv8yg9Fb9tnATkQ
+gQNrmHBQgkMG7XAe2J88efUsYEEm949d3UkZl0ihHsU
+-> <sBw-grease 9C\cJ_4/ sx9X*tys NpHI#].F mL>tV
+7msop013ZzUSahxAHTaQ55wSX7+QeGotcXVnXVPB
+--- NG7JrXM4G9CiaqAvqj7bfcIrvX4qe9X8CbVdeVsWhpA
+¬iI6Ë_&‰ìºDÖñr	Ütþ»nôSJ	õ´‚§°.Ø2%ís¤¥‰¯w,½ÿØŸ3šT¥°VTÛÓÙÉ
\ No newline at end of file
diff --git a/secrets/nextcloud-secrets.json.age b/secrets/nextcloud-secrets.json.age
new file mode 100644
index 0000000..f3624ff
--- /dev/null
+++ b/secrets/nextcloud-secrets.json.age
@@ -0,0 +1,17 @@
+age-encryption.org/v1
+-> ssh-ed25519 hi+lKA ZJtGeqapsuvF3NDNiGObtghca4ewunNVa9Ude/OsHBs
+fG068zKB/VvBYQKU1foXj7vFdBcLrGyu+Fowwo7pLTA
+-> ssh-ed25519 SP9f6A JSdAMRsPFCEWdjZnq//ewZ7lXGOYEH/dpQ2B4JcvL3Y
+ZijwUmVQKYuO8+JrZUPa0dEO9th1Y7oxN3THrU0hulA
+-> ssh-ed25519 8YSAiw WoTndUcrr1nooKBnQj3NZJ59cIup4Q4R42ILlHmno3k
++vmLaI8R1jnl1Q3h8A7mDEtZF4JZUdWvoq4C2x2cDx8
+-> ssh-ed25519 3Chb7w yZa+X5ehiq7NVRIGDlgTlCbXthtEpypF8BW658yLjls
+7u7ntsfjKcJXEH4suy7QLh/dIhfinMumVRyf8no1D30
+-> ssh-ed25519 J6tVTA rM3L742YaC0dybb/8HS4jshJ2eyb71NHsXlef25NghU
+WuCPlJj9Y4WNPsEqPv+0XrSt3LmqloSoBaP1zxcQfg0
+-> ]7x?gSuP-grease
+N8QRFOzGQXOzXFTlQikizAIzBoHJcb625wktGarT94nku1a+cZtsAqQ9ddvY8G3M
+/o9Z/UeNOwlo1ZS3thMDCBfHEW0
+--- 4sGjq2H09GiLTKfAlHuyhPcSq36weLXoYccpOZzQKK0
+uÅ£znÒ=ŠýÙ/¢ 6;IK*d1ÌH¾…"›ÁI§s`Å zY^—UÛ?ŸUÜ!P_•¨Š*J„µM4åéËÛêè!ÊÂ­›Q¥Š
+¹MR­~¼c¾ŠÉƒÊ£Û{Ç}¶”ƒlC±å\=ÒFÍ­e6q‰ç;PÙžy¤Cž¡B
\ No newline at end of file
diff --git a/secrets/nextcloud.json.age b/secrets/nextcloud.json.age
deleted file mode 100644
index 3be76e6..0000000
--- a/secrets/nextcloud.json.age
+++ /dev/null
@@ -1,16 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 hi+lKA SsSZXZTn+ZaefdeVvvnS1k/f8EjYU8Cn4W+yQFhdpSU
-M8RVb+CWBmQWK17OlB5glDzieubtg90SGRQh/hnmH1Y
--> ssh-ed25519 SP9f6A BvAhyE9erg0VvlvXojVgv7e3zv2lU3JVrfgN1+ddzSk
-Hw0UJltUg0ewDGxR/kjLA3KPvRyPp4qmmuikRqm6Lyk
--> ssh-ed25519 8YSAiw dY56LRpTmiZ/f4oWBAZzlOr8VkHUR38o6NBk67XmHks
-iNw3xxSAmzYm84eWAPwy+Kg70aqT3FegJuQgW8bgD8E
--> ssh-ed25519 3Chb7w fCUcQbI3FuzLo980/w/qvlzuVcnhFEyk+JvyY3eEM3o
-3sPYmv/hoysRtIA6Fb19QI1cSbYZ9vIDWVmmzSZbwog
--> ssh-ed25519 J6tVTA pqZWQ2IQL31HFQgBApSDDh9jqlvNO0OsCl704QHN3mw
-+ANtWy94qtpy/IrUX8sbuxqY/jupQ2Ij+porE9H1ZSg
--> JX#25-grease ik7U7n
-weuEU/AqgBSZQSb4vHzDIMTRcbNcNnESQF6OcJ8N68yA5EGvQ75tPLkCKSOkprkw
-z1FMPifPDkcviKoAAxywtrGnOqKkro2tZrXXNI4YJ0oKcBKSZkfbRho
---- jQNm3S+I4jMRrMABBNb9UXTPRQjE3JwHns+fGOA8+ps
-_~Q3tän™:ö°E~r1÷Õ¡¶6ß¡/–h•ÓÖÍÄ½NÜƒ‡lñ-Eso\‰`ô°Ñ™N×?;IÑƒ€ÛP,ÞGãXPì§6{»joÝ^mÌäñ€_	BêG’Geáø«ßÎ´6ö¯.çŸ›†~eN¸z«‘Ë¦¾”7"vÎõ˜
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 377cbcb..5faa985 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -19,7 +19,8 @@ let
   servers = alexandria;
   all-hosts = desktops ++ servers;
 in {
-  "nextcloud.json.age".publicKeys = all-hosts;
+  "nextcloud-secrets.json.age".publicKeys = all-hosts;
+  "nextcloud-adminpass.age".publicKeys = all-hosts;
   "cloudflare.age".publicKeys = all-hosts;
   "paperless.age".publicKeys = all-hosts;
 }
