fix: nextcloud works now :)

modules/services/nextcloud.nix

@@ -1,11 +1,9 @@
-{ config, ... }:
+{ lib, config, ... }:
 {
   security.acme = {
     acceptTerms = true;
     preliminarySelfsigned = false;
-    defaults = {
-      email = "ahwx@ahwx.org";
-    };
+    # defaults.email = config.security.acme.defaults.email;
   };
 
   services.nextcloud = {
@@ -40,48 +38,4 @@
       ];
     };
   };
-
-  services.nginx = {
-    enable = true;
-    recommendedGzipSettings = false;
-    recommendedOptimisation = true;
-    recommendedProxySettings = true;
-    recommendedTlsSettings = true;
-
-    # Hardened TLS and HSTS preloading
-    appendHttpConfig = ''
-      # Add HSTS header with preloading to HTTPS requests.
-      # Do not add HSTS header to HTTP requests.
-      map $scheme $hsts_header {
-          https   "max-age=31536000; includeSubdomains; preload";
-      }
-      add_header Strict-Transport-Security $hsts_header;
-
-      # Enable CSP for your services.
-      #add_header Content-Security-Policy "script-src 'self'; object-src 'none'; base-uri 'none';" always;
-
-      # Minimize information leaked to other domains
-      add_header 'Referrer-Policy' 'origin-when-cross-origin';
-
-      # Disable embedding as a frame
-      add_header X-Frame-Options DENY;
-
-      # Prevent injection of code in other mime types (XSS Attacks)
-      add_header X-Content-Type-Options nosniff;
-
-      # This might create errors
-      # proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict";
-    '';
-
-    virtualHosts = {
-      "${config.services.nextcloud.hostName}" = {
-        enableACME = true;
-        forceSSL = true;
-        locations = {
-          "/".proxyPass = "http://localhost:8080";
-          "/".proxyWebsockets = true;
-        };
-      };
-    };
-  };
 }