diff --git a/hosts/pi4/nextcloud.nix b/hosts/pi4/nextcloud.nix
index 337f918..ee9bcc3 100644
--- a/hosts/pi4/nextcloud.nix
+++ b/hosts/pi4/nextcloud.nix
@@ -1,8 +1,13 @@
 # https://mich-murphy.com/configure-nextcloud-nixos/
-{ pkgs, config, ... }:
+{
+  pkgs,
+  config,
+  common,
+  ...
+}:
 let
-  adminPass = "nextcloud/admin-pass";
-  domain = "beta.nextcloud.martials.no";
+  adminPassKey = "nextcloud/admin-pass";
+  domain = "beta.nextcloud.${common.domain}";
   dbname = "nextcloud";
   dbuser = dbname;
 in
@@ -14,14 +19,13 @@ in
       autoUpdateApps.enable = true;
 
       config = {
-        adminpassFile = config.sops.secrets.${adminPass}.path;
+        adminpassFile = config.sops.secrets.${adminPassKey}.path;
         dbtype = "pgsql";
         dbname = dbname;
         dbuser = dbuser;
         # default directory for postgresql, ensures automatic setup of db
         dbhost = "/run/postgresql";
         adminuser = "admin";
-        defaultPhoneRegion = "NO";
       };
 
       extraApps = {
@@ -37,10 +41,11 @@ in
       hostName = domain;
       https = true;
 
-      maxUploadSize = "0";
+      maxUploadSize = "0"; # No max limit
       package = pkgs.nextcloud31;
 
       settings = {
+        default_phone_region = "NO";
         trusted_domains = [
           domain
         ];
@@ -66,7 +71,7 @@ in
     };
   };
 
-  sops.secrets.${adminPass}.neededForUsers = true;
+  sops.secrets.${adminPassKey}.neededForUsers = true;
 
   # ensure postgresql db is started with nextcloud
   systemd.services."nextcloud-setup" = {
diff --git a/shared/secrets/secrets.yaml b/shared/secrets/secrets.yaml
index 2e97795..e01f530 100644
--- a/shared/secrets/secrets.yaml
+++ b/shared/secrets/secrets.yaml
@@ -1,40 +1,40 @@
 forgejo:
-    admin-pass: ENC[AES256_GCM,data:RGTOw0Yo5rJGEVLGsQgyk9Wc,iv:SuN770eAgFIVd4pJ6vmPIvVCMqTW/2sBUYUbqym2cHo=,tag:YlyNR/fFchdBwzCuIsWGMA==,type:str]
-    #ENC[AES256_GCM,data:oMpYBQ30sdCTtgxEZvYxTd9oi9QM0bYp5NisMdQHYT/nF2k=,iv:H9/g7XttJScVXV38+yHdbgWNFDhBYyudjK5BKHTt5wo=,tag:FNfkKfkKWDBUAXiGXkDchw==,type:comment]
-    runner-token: ENC[AES256_GCM,data:xbULBWrqosktW7XHViLH7Sk76upH31RFQNsBcXWWN7bpRadF3tpBA/hksMyEdg==,iv:v3vzUb5wsWeKWRYWT+ks4ZWGXQRhZ+td3N3bpuwoVc8=,tag:rEVoEw/QOSs8puujsRBxXQ==,type:str]
+  admin-pass: ENC[AES256_GCM,data:RGTOw0Yo5rJGEVLGsQgyk9Wc,iv:SuN770eAgFIVd4pJ6vmPIvVCMqTW/2sBUYUbqym2cHo=,tag:YlyNR/fFchdBwzCuIsWGMA==,type:str]
+  #ENC[AES256_GCM,data:oMpYBQ30sdCTtgxEZvYxTd9oi9QM0bYp5NisMdQHYT/nF2k=,iv:H9/g7XttJScVXV38+yHdbgWNFDhBYyudjK5BKHTt5wo=,tag:FNfkKfkKWDBUAXiGXkDchw==,type:comment]
+  runner-token: ENC[AES256_GCM,data:xbULBWrqosktW7XHViLH7Sk76upH31RFQNsBcXWWN7bpRadF3tpBA/hksMyEdg==,iv:v3vzUb5wsWeKWRYWT+ks4ZWGXQRhZ+td3N3bpuwoVc8=,tag:rEVoEw/QOSs8puujsRBxXQ==,type:str]
 password-hash: ENC[AES256_GCM,data:FsGHBAw/z4tcBRObVlo//UotWHyHns0+vdJVgt2lfGiIfQG+1I60g2Tzgv/O+gz3oz41NIwAYf61SR9AfXhpnc1AxiZRlCBwMQ==,iv:oiJndSVZQ+00UPz0TuJXV+T8x9mtecrNDUaablOGffU=,tag:wQuow7C8KqelJOE9KqCxMA==,type:str]
 nextcloud:
-    admin-pass: ENC[AES256_GCM,data:RBuuNc7J/CCJXG8n73B5cw==,iv:uKNj40SdJn6LbZoV1i9fq+5TGmRDPYVhCxAUghV4vqs=,tag:wUHBPo5T+2tyjsQFlUXDEQ==,type:str]
+  admin-pass: ENC[AES256_GCM,data:RBuuNc7J/CCJXG8n73B5cw==,iv:uKNj40SdJn6LbZoV1i9fq+5TGmRDPYVhCxAUghV4vqs=,tag:wUHBPo5T+2tyjsQFlUXDEQ==,type:str]
 sops:
-    age:
-        - recipient: age1j66v6z6hlsgqjfv5fz7fldm5q9jay4j5v5du6ymfda6hv40nsqesg89g7p
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyMHl6emFJdE4rVGduT2V1
-            Y1hFdlRxVHJ1NlV0R2JRZm5SMVVzVmpRQlM0CjhUN0dqajNpQXg4a29Ca1VLMDJ1
-            UmpsMFRJd254TlpGNzdDV2ZQTU9icDAKLS0tIG0wSVppUmU5TVdlMHhsQ3pMNDhJ
-            TFkrWitpb3h3UDhFNUN5Yi80YXlLbjQKxdG0m3CZ+elvzSNC9+aD15AOejkT5hJR
-            hhjtn+aUF8JvAIgggLqE1qU1XYIkbzk5//TWz5FaKeszinv9x8plvA==
-            -----END AGE ENCRYPTED FILE-----
-        - recipient: age1fxr5s6d6ar0xy5pr63kpq93tk7jha5k96jcxnyquj6s2mw8mmcpss8w29w
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzRGNSYjM2Qkx5M294QWVS
-            ZkJzR0VuTzdOR1FIc2c2bWx0akVPZVB0T1hvCmxuMjZWWlVmSUhKUys0QlMxMDV3
-            ZCt1ZjJNZlV5K0Zpd3NGcldhWDFDcjgKLS0tIG9mSHA1Um5Hb2NtVm5XRFdvVHVT
-            NHp1WThrcU1hOEI5RExCbVlnV2VYNlEKV4DSgHYs/zhF34h14RX2rvVXNo2uxCpD
-            uUiwU4and1T5Q09MOjqdbs2e7QM+VjKB4P/w34KkcqXTkJeR/IBF/g==
-            -----END AGE ENCRYPTED FILE-----
-        - recipient: age1xlnprpvshv93eerthxzg6cahklsfc4efh8dd6u8dte9u6cl0u5qsz48qlt
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1c3p0N0c2RGJZMmxzcUgw
-            bHZhcnlnWlczSGJRMVJRNitqVmV6YThIRWlBCitWUzVCN25JbzhJeG9haEVORUk5
-            QmhIc0R0c0diNmNPc0dYM2YyNVdScVUKLS0tIG1waU1QYXNVMXU4bC9rNUxwUDIz
-            SGdNMnVlQlNEeVJkWmZEM1FRT2JJMGMKbZ/znJM6tFhzhHariRXMLgH/4CRZZKrb
-            YtmSdeL/Pd5YIecCpjDHDn4vQ0TBAmLaX+zVbNbRKmMZoY7777ywfA==
-            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-05-31T15:36:05Z"
-    mac: ENC[AES256_GCM,data:Um09D7CR5+c4L6bTdRvz1Cy5qHthlKfLfH6k9Z2NTuD2QY9Ua4kXV8byvXiP+GrrKgzV11c0a3Hk7zaQoutXmwatnaOJRT9EH3FIEADLGAFwbsSAgV7ZJ+oamZnIw/XSW/LGpwvPrX5gaTnc7jJJ3V3+tWqgBUmL4wNb2SigglM=,iv:wAXaPUs20wqh7cn8ZmFI7XLlaOYLkjtcVRm1sosO9U4=,tag:FwfNbEf+YoQBHsYBw5k6mw==,type:str]
-    unencrypted_suffix: _unencrypted
-    version: 3.10.2
+  age:
+    - recipient: age1j66v6z6hlsgqjfv5fz7fldm5q9jay4j5v5du6ymfda6hv40nsqesg89g7p
+      enc: |
+        -----BEGIN AGE ENCRYPTED FILE-----
+        YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyMHl6emFJdE4rVGduT2V1
+        Y1hFdlRxVHJ1NlV0R2JRZm5SMVVzVmpRQlM0CjhUN0dqajNpQXg4a29Ca1VLMDJ1
+        UmpsMFRJd254TlpGNzdDV2ZQTU9icDAKLS0tIG0wSVppUmU5TVdlMHhsQ3pMNDhJ
+        TFkrWitpb3h3UDhFNUN5Yi80YXlLbjQKxdG0m3CZ+elvzSNC9+aD15AOejkT5hJR
+        hhjtn+aUF8JvAIgggLqE1qU1XYIkbzk5//TWz5FaKeszinv9x8plvA==
+        -----END AGE ENCRYPTED FILE-----
+    - recipient: age1fxr5s6d6ar0xy5pr63kpq93tk7jha5k96jcxnyquj6s2mw8mmcpss8w29w
+      enc: |
+        -----BEGIN AGE ENCRYPTED FILE-----
+        YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzRGNSYjM2Qkx5M294QWVS
+        ZkJzR0VuTzdOR1FIc2c2bWx0akVPZVB0T1hvCmxuMjZWWlVmSUhKUys0QlMxMDV3
+        ZCt1ZjJNZlV5K0Zpd3NGcldhWDFDcjgKLS0tIG9mSHA1Um5Hb2NtVm5XRFdvVHVT
+        NHp1WThrcU1hOEI5RExCbVlnV2VYNlEKV4DSgHYs/zhF34h14RX2rvVXNo2uxCpD
+        uUiwU4and1T5Q09MOjqdbs2e7QM+VjKB4P/w34KkcqXTkJeR/IBF/g==
+        -----END AGE ENCRYPTED FILE-----
+    - recipient: age1xlnprpvshv93eerthxzg6cahklsfc4efh8dd6u8dte9u6cl0u5qsz48qlt
+      enc: |
+        -----BEGIN AGE ENCRYPTED FILE-----
+        YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1c3p0N0c2RGJZMmxzcUgw
+        bHZhcnlnWlczSGJRMVJRNitqVmV6YThIRWlBCitWUzVCN25JbzhJeG9haEVORUk5
+        QmhIc0R0c0diNmNPc0dYM2YyNVdScVUKLS0tIG1waU1QYXNVMXU4bC9rNUxwUDIz
+        SGdNMnVlQlNEeVJkWmZEM1FRT2JJMGMKbZ/znJM6tFhzhHariRXMLgH/4CRZZKrb
+        YtmSdeL/Pd5YIecCpjDHDn4vQ0TBAmLaX+zVbNbRKmMZoY7777ywfA==
+        -----END AGE ENCRYPTED FILE-----
+  lastmodified: "2025-05-31T15:36:05Z"
+  mac: ENC[AES256_GCM,data:Um09D7CR5+c4L6bTdRvz1Cy5qHthlKfLfH6k9Z2NTuD2QY9Ua4kXV8byvXiP+GrrKgzV11c0a3Hk7zaQoutXmwatnaOJRT9EH3FIEADLGAFwbsSAgV7ZJ+oamZnIw/XSW/LGpwvPrX5gaTnc7jJJ3V3+tWqgBUmL4wNb2SigglM=,iv:wAXaPUs20wqh7cn8ZmFI7XLlaOYLkjtcVRm1sosO9U4=,tag:FwfNbEf+YoQBHsYBw5k6mw==,type:str]
+  unencrypted_suffix: _unencrypted
+  version: 3.10.2