diff --git a/.sops.yaml b/.sops.yaml
index 05917db..896a310 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -4,7 +4,21 @@ keys:
   - &win10 age1cz006hex596lmj88kkhrkvq89luqk59hxuq83q4kvhz82ltwpe4ss8gm3t
   - &serverpc age1sn4uu6r6wrylpznx75jcw7ww58r9cut35n40gu4scpt9xy79rgrq2d7wga
 creation_rules:
-  - path_regex: .env
+  - path_regex: .conf
+    key_groups:
+    - age:
+        - *desktop
+        - *laptop
+        - *win10
+        - *serverpc
+  - path_regex: .sh$
+    key_groups:
+    - age:
+        - *desktop
+        - *laptop
+        - *win10
+        - *serverpc
+  - path_regex: .env$
     key_groups:
     - age:
         - *desktop
diff --git a/common/users/docker/vw/default.nix b/common/users/docker/vw/default.nix
index 17bb99d..aae20fd 100644
--- a/common/users/docker/vw/default.nix
+++ b/common/users/docker/vw/default.nix
@@ -18,6 +18,11 @@
         sopsFile = ./vw.env;
         path = "/home/${config.home.username}/src/vw/vw.env";
       };
+      rclone_config_file = {
+        format = "binary";
+        sopsFile = ./rclone.conf;
+        path = "/home/${config.home.username}/src/vw/rclone-config/rclone/rclone.conf";
+      };
       vw_backup = {
         format = "dotenv";
         sopsFile = ./backup.env;
diff --git a/common/users/docker/vw/docker_compose.yaml b/common/users/docker/vw/docker_compose.yaml
index 1432b7d..3957539 100644
--- a/common/users/docker/vw/docker_compose.yaml
+++ b/common/users/docker/vw/docker_compose.yaml
@@ -17,7 +17,7 @@ services:
     env_file: ./backup.env
     volumes:
       - vw-data:/bitwarden/data/
-      - vw-rc-data:/config/
+      - ./rclone-config:/config/
     #   - /path/to/env:/.env
 
 volumes:
@@ -27,10 +27,3 @@ volumes:
     # and bitwardenrs-data for migrated users
     name: vw-data
     # name: bitwardenrs-data
-  vw-rc-data:
-    external: true
-    # Specify the name of the volume where you save the rclone configuration,
-    # use vaultwarden-rclone-data for new users
-    # and bitwardenrs-rclone-data for migrated users
-    name: vw-rc-data
-    # name: bitwardenrs-rclone-data
diff --git a/common/users/docker/vw/rclone.conf b/common/users/docker/vw/rclone.conf
new file mode 100644
index 0000000..48d325c
--- /dev/null
+++ b/common/users/docker/vw/rclone.conf
@@ -0,0 +1,32 @@
+{
+	"data": "ENC[AES256_GCM,data:YOg8GHOcnS19yGYtRcuUWGENfe9W5ljzVJbRVKaDDp1J/ILiJ3Gb7f1B98QW1QBTYykdsx6SD2LthRh27RZxyxHfLpohiSJOehV0BkbEbMwFZrkqBkGQkxrM4wmZ4CdBvAJQ1lnUEzDXGJgLWP6COCcTF1QkoUlWiGedkoS9Uiy8Qe7wsZbX1PIYNa8LxhhlljxXAow09x1O7A2uOC+cAGIFu5S3GpG1qMjzyzg6chMkYsEsyBV2RkJ68vmJKxeR3PuoTZC9IINiLt5mUZdjSaFcfQKOoLNcR7NBgBILS5ez+JVgWKgkHHHc6ATrLKkqqSTkFYkFR17nzmd2sLLwho0PfPjy7QFZbMExPgyl8xGxngxYkislso4/1FNQTTGhzd6oz5oar3MCrEpiI4rLg7As031lp5k72Xl4CuKe0+ulDqM2Fn2IHUEu90LFhDV5mqpPGNtEAh8Lj+kOecVzlCOEnlQmhJX50+N1oCTu20GVUc0SoJEENFmb8rnnH1cQFzWI0tEfys3oDmHxfTlqRkBi9Sd31NRHeUoQDcZ2IKKQUDKKcSBWp2lWxyCKB1hJ2c7y9D0eeydHUCmPbvvqywroMJYOdoAxzpc0PIlxzKmsEzDIaRvabBBcArOLW7HD248tdxMhf4Uie4/boi0vUlehWV4rBI/fDCwVLyc+fKBhpRnO4wpzTt+C8o4pl2emht4QYb5A8rEVkTN3+najGgaoF6xf2k4c0GD/N3Bky2CR6boe0716lmJ6TpsNqxqNWvi4dAyugcpgBO3NiIFuGvb5J/AvmZfbZowSvY/UMR/YgBcUPYcgOc7Ht6/RJ2g0O/Aad6BBIj9d,iv:D1pYSTFkvDI+0BiBM6tM30k0qeYg59RUZGt2v3smpg0=,tag:ntlsuFOetnoP8qXCdYqNpQ==,type:str]",
+	"sops": {
+		"kms": null,
+		"gcp_kms": null,
+		"azure_kv": null,
+		"hc_vault": null,
+		"age": [
+			{
+				"recipient": "age1xsuyaeehzv4ar4f6xpc6tfp9pttzjf7qdyl3x2tj42vjc8szlqpq834e3d",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJQ2ZyVzc0RlVoYXh2R3Rj\nUFprZzdDaUU0N1NSZ0VXNHV0SlNkOXJTendNCnB0NGI5NmZFeVl4d01rS0pYd1Rz\nNjFQMitHa09WVExhWG5RbGtkVWRsZWMKLS0tIFVwbytmY1hNS0hnRG4wSk4waXkz\nNWhuTE9hVDFqTW9ZajNKRnMxYjlZRTQKurT9RlM8hmlr9qqAbeD380RnHdDTrFEV\n3znfbsGYsKdn94cmKDF+Y+MmtEa7W3usiNJMRseiEifpPS2btnZoAw==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1tq8zaaqe8t4u2jgyf7usngtzyql0ymyxq6hntmu04vt5ypwhxensmzynhl",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPYnQ0aFU0dmhua3c4OERN\nVGRMMzdQR25CZS8rQVFlaHVoRlhZdjc3Um40CjBMbEVLaXM4YXc1ZTBTZDhxSVJ0\nR1BpcUtqN0dleFJwVGF6WThYMVVVdlkKLS0tIHJtc2RsRmNEc0xSNGFqSk1oYXRw\nRGRrVjBteDlUWXU2KzJhMmVtUThXTVUKlZN804jGCG/5AbCfcMDZ1GTrb/RQiWe5\nPjluS/bCJjhvvFCBjhQpuQpDbC6xlFSOu9wkqMwJxhToKXYE9FxPkQ==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1cz006hex596lmj88kkhrkvq89luqk59hxuq83q4kvhz82ltwpe4ss8gm3t",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWRVcrTWl4b2Vjc1BKT0kw\nZ3JiUUdNWUx5VStBa1NTYldTWENvZUZUTFVRCms1Qm1KOE9CYW1JZ3RiMmVZeUt6\nN0VQaUNSeGZ1NHhXTnZmdmZxR01KaVEKLS0tIHlyM0ZXMmZjNE10RjdoT1dackM0\nKzNHZDRCZWREY0orekpEL2c0MmhJUlUKUC93nSvMDCEtcDe/cePbl1YD9CMd75Pl\nFV3MvfMKbZZBG/mOIZmPUwKby+zm3lb5JixUcBqGaEQ4DGiryCPGmQ==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1sn4uu6r6wrylpznx75jcw7ww58r9cut35n40gu4scpt9xy79rgrq2d7wga",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3WlNLU3Q1Y2xCSk9hTSti\nTHZYcXQ5SHY3Zy9kVURhR1JwSzZlVTQyWGdzCjNKNTgzL2tLS2xBU2RLTGFva1Ra\nWlRlQTJza2dCTE56eVI4WjR2dWJkamcKLS0tIHlhQk5lZXN3N1g4ZVN5S215Tkt4\nL3h2Y2k0WnFHd28rNTluTEFMYUZyLzAK+4CD+BEMSZ4CZBH0YqlRAlPSsqaoxh0u\nKA/FvwOpWoD/MvWgdiHnhMxZL7WxzU6ELxpUopo1FoLls+FU/KQ/CA==\n-----END AGE ENCRYPTED FILE-----\n"
+			}
+		],
+		"lastmodified": "2025-02-23T17:53:54Z",
+		"mac": "ENC[AES256_GCM,data:MO/LOYkIYkKZyd6MltV/oUY0JUN7DFKL/sf5oe5GEm7yp21oVM+MZfTTalYAtTHPOkwaRozUQxaL/uEt1V1JUfuSthyjlL2L+D98UWKnU2aXeJ9TwWYZOQm43I64ssvwR8lkPNlJnbf1RmyrE8kj/yMXynP6RiStZtdv10wF/rU=,iv:0phiTfcOFXrakVH4Ar1wx2QzxvQczgnmwcdkOFz4fNs=,tag:WyoqJ5PRovNh39eNQJNmHw==,type:str]",
+		"pgp": null,
+		"unencrypted_suffix": "_unencrypted",
+		"version": "3.9.4"
+	}
+}
\ No newline at end of file