diff --git a/hosts/sisyphe/features/fail2ban.nix b/hosts/sisyphe/features/fail2ban.nix
index 347e0c8..4e7a599 100644
--- a/hosts/sisyphe/features/fail2ban.nix
+++ b/hosts/sisyphe/features/fail2ban.nix
@@ -4,6 +4,25 @@
     enable = true;
     ignoreIP = [ "192.168.1.0/24" ];
     extraPackages = [ ];
-    jails = { };
+    jails = {
+      nextcloud = ''
+        enabled = true;
+        filter = nextcloud
+        port = http,https
+      '';
+     };
   };
+
+  environment.etc = {
+      "fail2ban/filter.d/nextcloud.conf".text = ''
+        [Definition]
+        _groupsre = (?:(?:,?\s*"\w+":(?:"[^"]+"|\w+))*)
+        datepattern = ,?\s*"time"\s*:\s*"%%Y-%%m-%%d[T ]%%H:%%M:%%S(%%z)?"
+        failregex = ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Login failed:
+                    ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Trusted domain error.
+                    ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Two-factor challenge failed:
+        journalmatch = _SYSTEMD_UNIT=phpfpm-nextcloud.service
+      '';
+    };
+
 }
diff --git a/hosts/sisyphe/features/services/nextcloud.nix b/hosts/sisyphe/features/services/nextcloud.nix
index dbd83dd..a37407f 100644
--- a/hosts/sisyphe/features/services/nextcloud.nix
+++ b/hosts/sisyphe/features/services/nextcloud.nix
@@ -63,34 +63,6 @@
     ];
 
     phpOptions."opcache.interned_strings_buffer" = "23";
-    extraApps = {
-      inherit (pkgs.nextcloud30Packages.apps)
-        contacts
-        calendar
-        previewgenerator
-        ;
-
-      memories = pkgs.fetchNextcloudApp {
-        sha256 = "sha256-tzxeffvwMwthvBRG+/cLCXZkVS32rlf5v7XOKTbGoOo=";
-        url = "https://github.com/pulsejet/memories/releases/download/v7.3.1/memories.tar.gz";
-        license = "agpl3Only";
-      };
-      /*
-        not useful for me
-           registration = pkgs.fetchNextcloudApp {
-             sha256 = "sha256-dDaQHyHdkkd8ZammLdck2HNGqqfEaunwevdPzbWzB8Y=";
-             url = "https://github.com/nextcloud-releases/registration/releases/download/v2.4.0/registration-v2.4.0.tar.gz";
-             license = "agpl3Only";
-           };
-      */
-      facerecognition = pkgs.fetchNextcloudApp {
-        sha256 = "sha256-FtYItN0Iy2QpSNf0GPs7fIPYgBdEuKHJGwZ7GQNySZE=";
-        url = "https://github.com/matiasdelellis/facerecognition/releases/download/v0.9.60/facerecognition.tar.gz";
-        license = "agpl3Only";
-      };
-
-    };
-    extraAppsEnable = true;
     appstoreEnable = true; # why i would want appstore to be disabled ???
     autoUpdateApps.enable = true;
     cli.memoryLimit = "4G";