diff --git a/network/nginx.conf b/network/nginx.conf
index 4e9990d..48bb77d 100644
--- a/network/nginx.conf
+++ b/network/nginx.conf
@@ -1,49 +1,104 @@
 worker_processes 1;
 
 events {
-   worker_connections 1024;
+	worker_connections 1024;
 }
 
 http {
-   include           mime.types;
-   default_type      application/octet-stream;
-   sendfile          on;
-   keepalive_timeout 65;
-   gzip              on;
-   charset           utf-8;
+	include           mime.types;
+	default_type      application/octet-stream;
+	sendfile          on;
+	keepalive_timeout 65;
+	gzip              on;
+	charset           utf-8;
 
-   server {
-      listen      80;
-      server_name heavenisin.space;
+	server {
+		listen      80;
+		server_name heavenisin.space;
 
-      location /gopher/ {
-         root      /srv;
-         index     index.html index.htm;
-         autoindex on;
-      }
+		include common.conf;
 
-      location / {
-         root  /srv/http/pub;
-         index index.html index.htm;
-      }
+		location /gopher/ {
+			root      /srv;
+			index     index.html index.htm;
+			autoindex on;
+		}
 
-      error_page 500 502 503 504 /50x.html;
-      location = /50x.html {
-         root /usr/share/nginx/html;
-      }
-   }
+		location / {
+			root  /srv/http/pub;
+			index index.html index.htm;
+		}
+	}
 
-   server {
-      listen      80;
-      server_name mu.heavenisin.space;
+	server {
+		listen      80;
+		server_name mu.heavenisin.space;
 
-      location / {
-         proxy_pass http://127.0.0.1:8000/;
-      }
+		include common.conf;
 
-      error_page 500 502 503 504 /50x.html;
-      location = /50x.html {
-         root /usr/share/nginx/html;
-      }
-   }
+		location / {
+			proxy_pass http://127.0.0.1:8000/;
+		}
+	}
+
+	upstream php-handler {
+		server unix:/run/php-fpm/php-fpm.sock;
+	}
+
+	server {
+		listen 81;
+		listen [::]:81;
+		server_name rain;
+		root /usr/share/webapps/nextcloud/;
+
+		add_header X-Content-Type-Options nosniff;
+		add_header X-XSS-Protection "1; mode=block";
+		add_header X-Robots-Tag none;
+		add_header X-Download-Options noopen;
+		add_header X-Permitted-Cross-Domain-Policies none;
+
+		location = /robots.txt {
+			allow all;
+			log_not_found off;
+			access_log off;
+		}
+
+		location / {
+			rewrite ^ /index.php$request_uri;
+		}
+
+		location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
+			fastcgi_split_path_info ^(.+\.php)(/.*)$;
+			include fastcgi_params;
+			fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+			fastcgi_param PATH_INFO $fastcgi_path_info;
+			fastcgi_param modHeadersAvailable true;
+			fastcgi_param front_controller_active true;
+			fastcgi_pass php-handler;
+			fastcgi_intercept_errors on;
+			fastcgi_request_buffering off;
+		}
+
+		location ~ ^/(?:updater|ocs-provider)(?:$|/) {
+			try_files $uri/ =404;
+			index index.php;
+		}
+
+		location ~ \.(?:css|js|woff|svg|gif)$ {
+			try_files $uri /index.php$request_uri;
+			add_header Cache-Control "public, max-age=15778463";
+			add_header X-Content-Type-Options nosniff;
+			add_header X-XSS-Protection "1; mode=block";
+			add_header X-Robots-Tag none;
+			add_header X-Download-Options noopen;
+			add_header X-Permitted-Cross-Domain-Policies none;
+			access_log off;
+		}
+
+		location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
+			try_files $uri /index.php$request_uri;
+			# Optional: Don't log access to other assets
+			access_log off;
+		}
+	}
 }