diff --git a/.github/actions/attic-cache-push/action.yml b/.github/actions/attic-cache-push/action.yml
deleted file mode 100644
index 73eeb85..0000000
--- a/.github/actions/attic-cache-push/action.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-name: "Attic Watch and Push"
-description: "Composite action that logs in, sets the cache repository, starts attic watch-store in the background, and pushes results after the job completes."
-
-inputs:
-  cache_name:
-    description: "Cache name for attic login"
-    required: true
-  server:
-    description: "Server URL for attic login"
-    required: true
-  attic_auth_token:
-    description: "Authentication token for attic login"
-    required: true
-  cache_repository:
-    description: "Cache repository to use with attic"
-    required: true
-
-runs:
-  using: "composite"
-  steps:
-    - name: Attic Login
-      shell: "nix shell nixpkgs#attic-client --command {0}"
-      run: |
-        attic login "${{ inputs.cache_name }}" "${{ inputs.server }}" "${{ inputs.attic_auth_token }}"
-    - name: Attic Use Repository
-      shell: "nix shell nixpkgs#attic-client --command {0}"
-      run: |
-        attic use "${{ inputs.cache_repository }}"
-    - name: Start Attic Watch-Store in Background
-      shell: "nix shell nixpkgs#attic-client --command {0}"
-      run: |
-        # Start attic watch-store in the background
-        attic watch-store &
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index b786aac..792edcd 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -3,6 +3,10 @@ name: CI
 on:
   push:
 
+defaults:
+  run:
+    shell: nix develop --command bash -c "{0}"
+
 jobs:
   build:
     runs-on: nix
@@ -13,20 +17,15 @@ jobs:
           token: ${{ secrets.CI_TOKEN }}
           lfs: false
 
-      - name: Add submodules to nix store to circumvent another nix bug
+      - name: Setup Attic Cache
+        env:
+          CACHE_NAME: fabianhauser
+          CACHE_REPOSITORY: fabianhauser:dotfiles
+          SERVER: https://attic.qo.is/
+          ATTIC_AUTH_TOKEN: ${{ secrets.ATTIC_AUTH_TOKEN }}
         run: |
-          git clone https://git.qo.is/fabianhauser/nix-config-private.git /tmp/private
-          cd /tmp/private
-          nix flake prefetch
-
-      - name: Setup Attic Watch and Push
-        uses: ./.github/actions/attic-cache
-        with:
-          cache_name: fabianhauser
-          server: https://attic.qo.is/
-          attic_auth_token: ${{ secrets.ATTIC_AUTH_TOKEN }}
-          cache_repository: fabianhauser:dotfiles
+          attic login "$CACHE_NAME" "$SERVER" "$ATTIC_AUTH_TOKEN"
+          attic use "$CACHE_REPOSITORY"
 
       - name: Run Checks
-        shell: nix develop --command bash -c "{0}"
-        run: nix-fast-build --skip-cached --attic-cache fabianhauser:dotfiles
+        run: nix-fast-build --no-nom --max-jobs 1 --skip-cached --attic-cache fabianhauser:dotfiles
diff --git a/flake.nix b/flake.nix
index 75815e3..00021fe 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,7 +1,7 @@
 {
   nixConfig = {
-    extra-substituters = "https://cache.garnix.io";
-    extra-trusted-public-keys = "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=";
+    extra-substituters = "https://attic.qo.is/dotfiles https://cache.garnix.io";
+    extra-trusted-public-keys = "dotfiles:KpLi0qe5O5rb8E8N8vntZWBDqFwG3Ksx4AFGizYCLoU= cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=";
   };
 
   inputs = {