{ modulesPath, pkgs, config, ... }: {
  imports = [ "${modulesPath}/virtualisation/amazon-image.nix" ];
  
  environment.systemPackages = with pkgs; [
    vim
    wget
    curl
    openssh
  ];
  
  services.nextcloud = {
    enable = true;
    hostName = "nextcloud.yourdomain.com";  # Replace with your domain.
    https = true; # Enable HTTPS
    config = {
      dbtype = "pgsql";
      dbuser = "nextcloud";
      dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
      dbname = "nextcloud";
      adminpassFile = "/path/to/password/file"; # Replace with your password file.
      adminuser = "root";
      defaultPhoneRegion = "US";  # Replace with your country code.
    };
    package = pkgs.nextcloud26;
    extraApps = {
      # Recommanded apps
      # You can install apps according to your preference
      # Afterall, it's your own cloud and you know how to do it.
      contacts = pkgs.nextcloud26Packages.apps.contacts;
      mail = pkgs.nextcloud26Packages.apps.mail;
      calendar = pkgs.fetchNextcloudApp rec {
        url = "https://github.com/nextcloud-releases/calendar/releases/download/v4.3.4/calendar-v4.3.4.tar.gz";
        sha256 = "0pj1h86kdnckzfrn13hllgps4wa921z4s24pg5d2666fqx89rwrv";
      };
      notes = pkgs.fetchNextcloudApp rec {
        url = "https://github.com/nextcloud-releases/notes/releases/download/v4.7.2/notes.tar.gz";
        sha256 = "0klqf8dixrrb8yp8cc60ggnvhmqb3yh9f6y1281jn8ia5jml622v";
      };
      camerarawpreviews = pkgs.fetchNextcloudApp rec {
        url = "https://github.com/ariselseng/camerarawpreviews/releases/download/v0.8.1/camerarawpreviews_nextcloud.tar.gz";
        sha256 = "1n1395m81m81klxzxd03ww07m0xjp0blbmx23y457k62j3kkr0m2";
      };
      drawio = pkgs.fetchNextcloudApp rec {
        url = "https://github.com/jgraph/drawio-nextcloud/releases/download/v2.1.1/drawio-v2.1.1.tar.gz";
        sha256 = "0frizrgkbmc3mhhap7cq45z43l4whzkszx7v0v0q2ylmq8sbxszm";
      };
      registration = pkgs.fetchNextcloudApp rec {
        url = "https://github.com/nextcloud-releases/registration/releases/download/v2.1.0/registration-v2.1.0.tar.gz";
        sha256 = "07dqc670qmdb3c8jjnj7azxxspjhiv6m9nrj960y3rjabyzy25m9";
      };
      music = pkgs.fetchNextcloudApp rec {
        url = "https://github.com/owncloud/music/releases/download/v1.8.3/music_1.8.3_for_nextcloud.tar.gz";
        sha256 = "1kajm5ppp63g42xdvkmv0glw7snsc2fi7pcra1sg4kd005ffz42d";
      };
      bookmarks = pkgs.fetchNextcloudApp rec {
        url = "https://github.com/nextcloud/bookmarks/releases/download/v13.0.1/bookmarks-13.0.1.tar.gz";
        sha256 = "0xx331bgly91y8ncxk36ha3ncrr2xlivblfi7rix6ffkrdx73yb9";
      };
    };
    extraOptions = {
      mail_smtpmode = "smtp";
      smtpsecure = "ssl";
      mail_sendmailmode = "smtp";
      mail_from_address = "nextcloud-system";
      mail_dmoain = "mail.yourdomain.com"; # Replace with your domain.
      mail_smtphost = "email-smtp.us-east-2.amazonaws.com"; # Replace with your email provider.
      mail_smtpport = "465";
      mail_smtpauth = 1;
      mail_smtpname = "STMPNAME";  # Replace with your SMTP username (or Email address).
      mail_smtppassword = "password";
    };
    phpOptions = {
      "opcache.interned_strings_buffer" = "16";
    };
    appstoreEnable = true;  # Enable appstore
  };

  services.postgresql = {
    enable = true;
    ensureDatabases = [ "nextcloud" ];
    ensureUsers = [
     { name = "nextcloud";
       ensurePermissions."DATABASE nextcloud" = "ALL PRIVILEGES";
     }
    ];
  };

  systemd.services."nextcloud-setup" = {
    requires = ["postgresql.service"];
    after = ["postgresql.service"];
  };

  services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
    forceSSL = true;
    enableACME = true;
  };

  security.acme = {
    acceptTerms = true;
    defaults.email = "yourmail@example.com"; # Replace with your email.
    certs = {
      "nextcloud.yourdomain.com" = {};  # Replace with your domain.
    };
  };

  networking.firewall.allowedTCPPorts = [ 80 443 465 587 ];
}