diff --git a/modules/cloud/gotosocial/default.nix b/modules/cloud/gotosocial/default.nix
index 17c304c..745dc62 100644
--- a/modules/cloud/gotosocial/default.nix
+++ b/modules/cloud/gotosocial/default.nix
@@ -4,6 +4,7 @@ let
   cfg = config.cloud.gotosocial;
 
   dbUser = "gotosocial";
+  storageLocation = "/mnt/data/gotosocial";
 in
 {
   options.cloud.gotosocial = {
@@ -74,6 +75,9 @@ in
         # Media
         media-emoji-remote-max-size = 256 * 1024 /* bytes */;
         media-emoji-local-max-size = 256 * 1024 /* bytes */;
+        media-remote-cache-days = 7;
+        media-cleanup-from = "00:00";
+        media-cleanup-every = "24h";
         # OIDC
         oidc-enabled = true;
         oidc-idp-name = "DTTH";
@@ -82,10 +86,22 @@ in
         http-client.block-ips = [ "11.0.0.0/24" ];
         # Advanced
         advanced-rate-limit-requests = 0;
+        # Storage
+        storage-backend = "local";
+        storage-local-base-path = "${storageLocation}/storage";
         # instance-inject-mastodon-version = true;
       };
     };
     systemd.services.gotosocial.requires = mkAfter [ "postgresql.service" "arion-authentik.service" ];
     systemd.services.gotosocial.after = mkAfter [ "postgresql.service" "arion-authentik.service" ];
+    systemd.services.gotosocial.unitConfig = {
+      RequiresMountsFor = [ storageLocation ];
+      ReadWritePaths = [ storageLocation ];
+    };
+    systemd.tmpfiles.settings."10-gotosocial".${storageLocation}.d = {
+      user = dbUser;
+      group = dbUser;
+      mode = "0700";
+    };
   };
 }
diff --git a/nki-personal-do/configuration.nix b/nki-personal-do/configuration.nix
index dfde9a3..447da89 100644
--- a/nki-personal-do/configuration.nix
+++ b/nki-personal-do/configuration.nix
@@ -193,7 +193,7 @@
   };
 
   # GoToSocial
-  sops.secrets.gts-env = { };
+  sops.secrets.gts-env = { restartUnits = [ "gotosocial.service" ]; };
   cloud.gotosocial = {
     enable = true;
     envFile = config.sops.secrets.gts-env.path;
diff --git a/nki-personal-do/secrets/secrets.yaml b/nki-personal-do/secrets/secrets.yaml
index 7317fd7..c02ed8e 100644
--- a/nki-personal-do/secrets/secrets.yaml
+++ b/nki-personal-do/secrets/secrets.yaml
@@ -14,7 +14,7 @@ heisenbridge: ENC[AES256_GCM,data:rJY7gpcOY8nODR3KlYW1rEs54mKxr+AjNBeg1/2vTG0Gzp
 matrix-discord-bridge: ENC[AES256_GCM,data:/rlSjD6inKfak7HKKghH5ays5RjKmb9czGsoIOYHyTZC4A5EMucCbfn8DL1gkYXgvRHJ+QglGX/BGo5ebaxSj6nF60+aW87UG31KggOt5kkMuWsPsjvrufoc5IlNfWnXIWmqf8cdC01hmHEp7biUpI8CcfEZiD9OkOxbZcRfYqW+ttnzplFniRBjGPVZfL5g4DBbuJen5MuOrrMDo5CT+78n,iv:r9VBbDCAAElisCaDehrB6PhJHsaaHjdrk3103lmBT7o=,tag:WoNMMfyMifsL56yWq3MUOg==,type:str]
 authentik-env: ENC[AES256_GCM,data:CjxTaqIcpBX7ea9L3tgJDELr8HBPJdxXsrOfhsiH4cXwCEzktsNKHjF7l95ZFgI5O08q4Vlbln5Dg4xPEx33nwUesEbQrT5d+n+2YaAxmm/WInrYzF+jB7HYTXASb3rY9PWgd2C3v+YPBkJetHlTUc/k19Q7lOQRNw==,iv:cG8Bi2eCsS+v94tSJBsqp+bjVLzXZvvwX1QVVSYExL8=,tag:VmbfcxCcfi3IpKjg3f8QPw==,type:str]
 firezone-env: ENC[AES256_GCM,data:Guwc3ovHJyr0m0gsvcJeYDXxOsccv6ZMBJSjWa87F7BZwCXLanMetz8b/GAxe/+0qT8IBKCDvLS7B5v2DM5SYOZD2tQWnrwjU90Pjji2RZhZZy7Pc1kAmhLA6ddpBKGJTLcGxWkTnWOcv8qWEwmfNpgT+kUIDLmjQz2pIMUXiXBpheQyPLWBvIIgrBT8QxkX81LHSUDNG29r7olJv1t4oox58r/PKxnfzUkX7lMhZdIpDMbxdWCU6/F2R483YIaFAaL1BuhCkK/QbuqOPRL7yIGID+W1a0JvKsRc2oPPU7WAWyGA3CLwmJka2sTvHrxosMgY/eZYfCWDtRno6q+OA+LI5ZfFu0weA9dpiUkWLGJ2auSZtiL0Sa5D0VHxZlG2m0iD7o3bcIWUi65cb2olcABn3NikMglw6PCWXxM7E5hqAbpvwcN5JeIkTTesI6xthzT9eoUak5SSvdThrwSlc3dvMqOvmRVGD/wR8T9GcKIZoNT7wOvgltecpDbYPNgwKimHhBloMON/qKXuIaYV1dP1XQ10MMpSM1vUZl/JD24pDjFXH8XkZK6owVI2tRTTRZajQT2uB73oVN8EMPFHPdI3uwyH72NycQojIzXmDvMI/UXNsYWArWZyTwGpHbE0pr+I9rXch78pJYKvlIVFTqicE/NceeOm8bMO1O7qofk1/yiIE8RVjs7YrNNahcBrNI+97lvBNLmk9zpWU0YFtfmyDb/XxBsepwj++QY+3gJ5331ohp9BK5Ypr9pp1WRt9syKv2cwFMBIcHKMCji43NW1MqBj/2bgKGfoNAyCUaJqZ9yRcb1TwHyulvEVhJUAOeUxPHdJeA==,iv:6kPPn4Zl1lhxaEtRqq2BcMW7d1zKy/HUJzXdAgkPv7E=,tag:VaVIWg4RbOE7tnimOuqhGw==,type:str]
-gts-env: ENC[AES256_GCM,data:1IDVahbNHqoIod38nkNIrya0SgI5yYbE5LpcI3V/ZoTA1wPyi52eAmAp5RykqgsI59wUsMqIwiWsLLEWnn9E8vWyyK8YvsBTaIFboMwmjg4qp+MTdb17FBCkjzoP+ymgQQo7EQW34wwHhvWZGF1KgvqdC9WHQ2qg6+WZTIuBrY893pFneeMnslM4BReP1a9GB6Msbi1XZfAi4tZhgCG+9v3fEFfmPVPg7VqXdBZT65hiuagJWd9/oXrs6aK9RNeOo0+s6E05jLhUMiW6ROVKr7tPjKDLTbY3FT7WPsK5CWrzbmfizPAvGJuUFqBVfZoj9+V1UsePSOa/R3dE12Z+Ufv+vnuxdQM4D8c+BY+F0bZvNqYpqTWFnzGxV/GPMIwj0ZbrBJkjLpPnlvCtKTl/lA4a4SyWi/s+DB4sTqsdEdk7J5PdHaZNkVsVqA29fW4BZ6U3BLaWzDyCvv670dNQHEGTM03dq/bfSE3pbHT6VgZuCTzcNS/h5n6I6mev9dP+l9rlZdsrT+EBSP60nABmeTPDlBfGJZnkdmB8nxqLD0T4cwc0PJIVvVdBdolHm0jsqFrHpiJDB+BfhsOr585GWA6HUVmYLLBaJRtqw3hSAAUboGpPaOqfuHbPbVNFoUuCAV28+EwmUIGJQcrwHadePBl74xFpCuf96r3paDzHXlRpZj1q4ByTmstJ1Ce7NyuWL/iBa/h7sWNiY00o1n0OTPJhiFZzOfrF6bGpNR1GNnFLV2gqAoPXffVW5pwm4ra4KgamP+WHKbqwHMS0h0MNpa+T0waoB/lgcXgz0isy5jp1JXeD1vbZzjK7bzFFRSqTv9uVKaIUo3c5KX7INazJ2n038c80QNxLpJrtjQsGYv9lgtBpACWNx5WlgRK6wh6o/mB13xtFB/p3659BsEyOrMz87O3sCA6SeF+J7d3Jh6PiWG/C3yfOqKxc2bRB2MDzaWSYkEznlPL4SSa/h+QyFQ6yDtvewM/QpRKx8Oe9Sq8pfFiSo1hIKFQzNwbpHA7We6za8PJn/CilIaZKD0uLv+jYpbkn,iv:NSa+Gt0MROoBJdkK5CsWDWNLn1Ju/e9pX6hiYU5pKR4=,tag:rv1dwLNxdrjYliSjI/ojCg==,type:str]
+gts-env: ENC[AES256_GCM,data:qcoDQh23XApyXPwvzMTGb2x2sMgis9SqFU2NRuR4O2puPYEb7ShTYCNSHBNje11w8WAsLmXnbY+kke7bIFIsgb7JOPBKvRvV5TumH2eBuiEAwW98erEU+s+7ArY68OIIhuyX+pViVlvj6rMHzS91zr5IE9hA3tWpdSQ5gb/LyZhcxJgK4cksLIkDNSZFn87qVGEpYChsM5jbbQq2zk39e0AmJpeLUVgLmydMhI6A6UnclW2n+43W+SOUMl9IwB1SrXA8sFphOLsyUfxG2Ne0L4QFtnywUxPln+COSHmC6Qd+yZdF7O9leQoWEWg7d0OvjFkZCrF4HryMIYIgRk7WGTuazcN6FtQHY4tiCePCx3DBy8TxDMg8vAd1WJsEca/9LeBNl6fzfJ/ZoTCbCvtI3SyiqNCxwIwpXrnUykwszs+KdnVKnfMSACs9aP0I1JCdxKyMWWFwCV5VGrRZh/3JQst/GLOiw58EbtwmavlGYjaaUM+JzcCDIWmZbF5G7P10SPgu/931FBchN1+r9jcbEUXemfE1Oit1J2pgAmRh/6Y7kSbj+8rtvOIxVVxoKidVETUJ/W92NsWRpgdSrcFy7W0nu55ufZOzEHLFKsEoSGZL1IlLh4iw0iC0xtCcgiR/cRZQNd7igkV6T+HT64kkjPy2WI3Ei60gkqjoxDT60Sxd1UlBr1ge0dI+SY8XOq4mgvBXWQynjNDdKZOzVIT0Z/o9cBjx1nZUA5Bw5fmTKw+sF/68lHqeRCyNNhUaOLOzH0SH5CbKUayRFYxvyjW3UAAFvqoFkOODAFOMtjDZ+vfHDtJ/I5GpR8HdeQ6ewMwltVc+8Hkn0PtSDRBN+e2Bh90pQdnzHn8OCFQrx3cnHK6r6g+Zvbq3nEKeEHXLSNw7Z5qUL35xhO7rOMteUdTVIrV4GE78jAKyCuKttcjkNao3HjDAA7RePxUJ90h4OU/fq2MLcSqV0Yo3DIXtTN8=,iv:B7VIq/i6RgqSC/aV5GrLazbnBeGtq3twisSf60VAjfM=,tag:V4eAGJqPbZQTEwS7ieZBog==,type:str]
 headscale:
     client_secret: ENC[AES256_GCM,data:MLW0z2stjhXgxb4poAYr7LzrLzTNj5HqJzsyzOvYpKpKbyfx7SEdeZidG+m3ROuaN4PVsdpJblFjsvozzQlDQYRJZo8q+kpPvUPvhU0Ejya/XBO/sFcJKzulpfr4j3rK7FSKh2V6PiB8m9mvLziHfDmgL30le0wDD9uCNWkaHVo=,iv:1hRwI1NG2yO6igBsEGCg2Qn/po97ZhsyAEZOMKP3EZc=,tag:FV+RXBKyq+EJRsKT+DZ6lQ==,type:str]
     webui-env: ENC[AES256_GCM,data:F4fGd5szjEGYqseq15VF8Emdd5oXKAlj+O7jET7BpD/w0/M162KgXQ/xN/uzO5Bh/euzedMrair0c8SQKO/06Ko9cj35lclaSrnBiwHSDIkFvuoITvLeSVSR4W3dsui91Dh8GCCYO8JAZQnpqClls6kHBOO2FYVwF06zg8Coxli9cKkPdeJKLDEnPGUb2UpLoP0dieanNFc3YNIavlXwkgt4/hxEoKHJplTYrilekBtZjD998SyvubhhVKHTH/VhTgxodXgnbI3sV1a3uJCrUKWt79NwHu5TUd+C2/gZqAniCbo4AX8=,iv:87cme6ToLFR4eF5apZauIm3Q6HR3Z8EM3GkQxo06oNI=,tag:dbXLQhw6qn/DyYJ3/UeDiw==,type:str]
@@ -75,8 +75,8 @@ sops:
             by9kZFlTRVdCZFkxYTVVb0RIRk8zUlkKCqMw9oL9RaYBV5Hhy3o8Nm5xmGrPH8Sd
             hv36sxRFFNZT/DCKaHaSRbT3mfpBZSTXJt1dgl4nZe6whH54t/1KmA==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-10-21T02:11:18Z"
-    mac: ENC[AES256_GCM,data:Tmt/MzVotCTNqMpcK/aZdudjjYppId88Wg7b/H8w2sC8I2wFMoz1srSneieV3gVJkpA/EWbnhmsQynwQh93dMhno92+EVQF9u04gu23DYzp5FVxHWNHp3rc0cPFwt6EnvKyHfevxJq49v06gpSiHSKpTqyiNvmxwJjn9xCAZHTU=,iv:z9pUp3yGt5IaNCaeVgV+Zq0vR2Xq5RTbWuSBvlpBUug=,tag:/8pn9UkZCmnpmMkoddtB9A==,type:str]
+    lastmodified: "2024-10-26T12:06:05Z"
+    mac: ENC[AES256_GCM,data:nici08Luubj2xDfsi1s16VCyG5oizIC6DRfvypmjWRpn0DSpcoWW1j32ya2poEwzpBJoVksFp7ijyjaJv8obExKx94ZYc790eOp/kp1f8lBaHDF8qrYYPL5penkt+UTKeb8xb7BPCJ7O89IVkIjAt7EoQOliMYrLpbiZGkMdHE0=,iv:qY5+MjU5VaXAesuFGt4SgmEdcJ6+vb/mk+NdOPLjCik=,tag:poRJZW3sAMv6EMi64SEQyA==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.9.1
diff --git a/overlay.nix b/overlay.nix
index 8ea7abf..63eed4c 100644
--- a/overlay.nix
+++ b/overlay.nix
@@ -25,7 +25,7 @@ let
 
   overlay-versioning = final: prev: {
     gotosocial = prev.gotosocial.overrideAttrs (attrs: rec {
-      version = "0.17.0";
+      version = "0.17.1";
       ldflags = [
         "-s"
         "-w"
@@ -35,13 +35,13 @@ let
 
       web-assets = final.fetchurl {
         url = "https://github.com/superseriousbusiness/gotosocial/releases/download/v${version}/gotosocial_${version}_web-assets.tar.gz";
-        hash = "sha256-ASqPIf98qdnkh3j72ifQN3mWnzNCTRcUegmrStvQ08Q=";
+        hash = "sha256-rGntLlIbgfCtdqpD7tnvAY8qwF+BpYbQWfAGMhdOTgY=";
       };
       src = final.fetchFromGitHub {
         owner = "superseriousbusiness";
         repo = "gotosocial";
         rev = "v${version}";
-        hash = "sha256-uyqP3zhjcXKejGFAwZoTn2kY8IpX0QAAXNzb1VG6ve8=";
+        hash = "sha256-oWWsCs9jgd244yzWhgLkuHp7kY0BQ8+Ay6KpuBVG+U8=";
       };
       postInstall = ''
         tar xf ${web-assets}