{
  config,
  pkgs,
  lib,
  ...
}:
let
  # ncDomain = "${config.clan.core.vars.generators.vega-nextcloud.files.subdomain.value}.${config.networking.fqdn}";
  ncDomain = "${config.networking.fqdn}";
in
{
  clan.core.vars.generators.vega-nextcloud = {
    files.subdomain.secret = false;

    prompts = {
      subdomain = {
        persist = true;
        type = "line";
        description = "Sub-domain for Nextcloud app. Default:(cloud)";
      };
    };

    script = ''cat $prompts/subdomain || echo -n "cloud" > $out/subdomain'';
  };

  clan.core.vars.generators.noreply-mailer = {
    share = true;

    files.host.secret = false;
    files.port.secret = false;
    files.account.secret = false;
    files.password.secret = true;

    script = ''
      echo "mail.b4l.co.th" > $out/host
      echo "587" > $out/port
      echo "noreply@newedge.house" > $out/account
      echo "" > $out/password
    '';
  };

  clan.core.vars.generators.nextcloud-secretFile = {
    dependencies = [ "noreply-mailer" ];
    files = {
      secret = {
        owner = "nextcloud";
        group = "nextcloud";
        secret = true;
      };
    };
    script = ''
      echo { \"mail_smtppassword\": \"$(cat $in/noreply-mailer/password)\" } > $out/secret
    '';
  };

  networking.firewall.allowedTCPPorts = [
    80
    443
  ];

  services.nextcloud = {
    hostName = ncDomain;
    package = pkgs.nextcloud31;
    secretFile = config.clan.core.vars.generators.nextcloud-secretFile.files.secret.path;
    # settings =
    #   let
    #     address = lib.splitString "@" config.clan.core.vars.generators.noreply-mailer.files.account.value;
    #   in
    #   {
    #     mail_smtpmode = "smtp";
    #     mail_smtpauth = 1;
    #     # mail_sendmailmode = "smtp";
    #     mail_smtpsecure = "ssl";
    #     mail_from_address = builtins.elemAt address 0;
    #     mail_domain = builtins.elemAt address 1;
    #     mail_smtphost = config.clan.core.vars.generators.noreply-mailer.files.host.value;
    #     mail_smtpport = config.clan.core.vars.generators.noreply-mailer.files.port.value;
    #     mail_smtpname = config.clan.core.vars.generators.noreply-mailer.files.account.value;
    #     mail_smtpauthtype = "LOGIN";
    #
    #     mail_smtpstreamoptions.ssl = {
    #       allow_self_signed = true;
    #       verify_peer = false;
    #       verify_peer_name = false;
    #     };
    #   };
  };
  # services.nginx.virtualHosts."${ncDomain}" = {
  #   # useACMEHost = "${config.networking.fqdn}";
  #   # forceSSL = true;
  # };
}