{pkgs, ...}: let
  secrets = import ../modules/secrets.nix;
in {
  services = {
    nextcloud = {
      enable = true;
      package = pkgs.nextcloud29;
      hostName = "cloud.${secrets.jimDomain}";
      datadir = "/mnt/nextcloud";
      https = true;
      config = {
        adminuser = "jimbo";
        adminpassFile = "/mnt/nextcloud/password.txt";
      };
      settings = {
        trusted_proxies = [ "127.0.0.1" ];
        trusted_domains = [ "cloud.${secrets.jimDomain}" ];
        overwriteprotocol = "https";

        # Mailserver settings
        mail_smtphost = "mx.${secrets.jimDomain}";
        mail_domain = "${secrets.jimDomain}";
        mail_from_address = "noreply";
        mail_smtpauth = "true";
        mail_smtpname = "noreply@${secrets.jimDomain}";
        mail_smtppassword = secrets.noreplyPassword;
        mail_smtpmode = "smtp";
        mail_smtpport = 587;
      };
    };
    nginx.virtualHosts."cloud.${secrets.jimDomain}" =  {
      enableACME = true;
      addSSL = true;
      locations."/" = {
        proxyWebsockets = true;
        extraConfig = "
         location /.well-known/carddav {
            return 301 $scheme://$host/remote.php/dav;
          }
          location /.well-known/caldav {
            return 301 $scheme://$host/remote.php/dav;
          }
       ";
      };
    };
  };
}