diff --git a/flake.lock b/flake.lock
index 96cdf59..29d727b 100755
--- a/flake.lock
+++ b/flake.lock
@@ -413,11 +413,11 @@
     },
     "zeroq-credentials": {
       "locked": {
-        "lastModified": 1753537856,
-        "narHash": "sha256-54AyySYrd9ZFL/RijcU0oqLvjAloJcwhkBOmyC78Jy0=",
+        "lastModified": 1755434935,
+        "narHash": "sha256-A0Q45eyZ4WoZ4sYYtvRv81rQ5gEvsoXWDB/1WImV4x0=",
         "ref": "refs/heads/master",
-        "rev": "09c44ad915049ae4fb31869bf2539831e91ae148",
-        "revCount": 24,
+        "rev": "8da210f781e4d0f60f372f24c9b76f484b37671b",
+        "revCount": 26,
         "type": "git",
         "url": "ssh://git@github.com/oqyude/zeroq-credentials.git"
       },
diff --git a/nixosModules/vds/nginx.nix b/nixosModules/vds/nginx.nix
index 9599771..2c4bd8e 100755
--- a/nixosModules/vds/nginx.nix
+++ b/nixosModules/vds/nginx.nix
@@ -1,5 +1,6 @@
 {
   config,
+  inputs,
   ...
 }:
 let
@@ -16,29 +17,22 @@ in
       virtualHosts = {
         "immich.zeroq.ru" = {
           # 31.57.105.253
-          addSSL = true;
+          forceSSL = true;
           enableACME = true;
           locations."/" = {
             proxyPass = "http://${server}:2283"; # Порт Immich
             proxyWebsockets = true; # Если Immich использует WebSockets
           };
-          locations."/.well-known/acme-challenge/" = {
-            root = "/var/lib/acme/acme-challenge";
-            tryFiles = "$uri $uri/ =404";
-          };
-        };
-        "nextcloud.zeroq.ru" = {
-          addSSL = true;
-          enableACME = true;
-          locations."/" = {
-            proxyPass = "http://${server}:10000"; # Порт Nextcloud
-            proxyWebsockets = true;
-          };
-          locations."/.well-known/acme-challenge/" = {
-            root = "/var/lib/acme/acme-challenge";
-            tryFiles = "$uri $uri/ =404";
-          };
         };
+        # "nextcloud.zeroq.ru" = {
+        #   addSSL = true;
+        #   forceSSL = false;
+        #   enableACME = false;
+        #   locations."/" = {
+        #     proxyPass = "http://${server}:10000"; # Порт Nextcloud
+        #     proxyWebsockets = true;
+        #   };
+        # };
         # "llm.zeroq.ru" = {
         #   addSSL = true;
         #   enableACME = true;
@@ -52,7 +46,14 @@ in
   };
   security.acme = {
     acceptTerms = true;
-    defaults.email = "oqyude@gmail.com";
+    defaults.email = "go.bin043120@gmail.com";
+    certs."immich.zeroq.ru" = {
+      email = "oqyude@gmail.com";
+      dnsProvider = "cloudflare";
+      dnsResolver = "1.1.1.1";
+      environmentFile = "${inputs.zeroq-credentials}/accounts/cloudflare.txt";
+      #webroot = null; # Required in my case
+    };
   };
   networking.firewall.allowedTCPPorts = [
     80