diff --git a/files/base_config/centos.conf b/files/base_config/centos.conf
new file mode 100644
index 0000000..b926731
--- /dev/null
+++ b/files/base_config/centos.conf
@@ -0,0 +1,44 @@
+# For more information on configuration, see:
+#   * Official English Documentation: http://nginx.org/en/docs/
+#   * Official Russian Documentation: http://nginx.org/ru/docs/
+
+user  nginx;
+worker_processes  1;
+
+error_log  /var/log/nginx/error.log;
+#error_log  /var/log/nginx/error.log  notice;
+#error_log  /var/log/nginx/error.log  info;
+
+pid        /run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    #keepalive_timeout  0;
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    index   index.html index.htm;
+
+    # Load modular configuration files from the /etc/nginx/conf.d directory.
+    # See http://nginx.org/en/docs/ngx_core_module.html#include
+    # for more information.
+    include /etc/nginx/conf.d/*.conf;
+}
diff --git a/files/base_config/debian.conf b/files/base_config/debian.conf
new file mode 100644
index 0000000..a911806
--- /dev/null
+++ b/files/base_config/debian.conf
@@ -0,0 +1,50 @@
+user www-data;
+worker_processes  1;
+
+error_log  /var/log/nginx/error.log;
+pid        /var/run/nginx.pid;
+
+events {
+    worker_connections  1024;
+    # multi_accept on;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+
+    access_log	/var/log/nginx/access.log;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    #keepalive_timeout  0;
+    keepalive_timeout  65;
+    tcp_nodelay        on;
+
+    gzip  on;
+    gzip_disable "MSIE [1-6]\.(?!.*SV1)";
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+}
+
+# mail {
+#     # See sample authentication script at:
+#     # http://wiki.nginx.org/NginxImapAuthenticateWithApachePhpScript
+# 
+#     # auth_http localhost/auth.php;
+#     # pop3_capabilities "TOP" "USER";
+#     # imap_capabilities "IMAP4rev1" "UIDPLUS";
+# 
+#     server {
+#         listen     localhost:110;
+#         protocol   pop3;
+#         proxy      on;
+#     }
+# 
+#     server {
+#         listen     localhost:143;
+#         protocol   imap;
+#         proxy      on;
+#     }
+# }
diff --git a/files/nginx-footer b/files/nginx-footer
new file mode 100644
index 0000000..5c34318
--- /dev/null
+++ b/files/nginx-footer
@@ -0,0 +1 @@
+}
diff --git a/files/nginx-header b/files/nginx-header
new file mode 100644
index 0000000..7dc5024
--- /dev/null
+++ b/files/nginx-header
@@ -0,0 +1,3 @@
+#
+# cdist maintained configuration - do not overwrite
+#
diff --git a/files/nginx-header-generic b/files/nginx-header-generic
new file mode 100644
index 0000000..f63030f
--- /dev/null
+++ b/files/nginx-header-generic
@@ -0,0 +1,12 @@
+    # Compress everything [tm]
+    gzip on;
+    gzip_static on;
+    gzip_proxied any;
+
+    # Not for silly ie
+    gzip_disable  "MSIE [1-6]\.";
+    gzip_http_version 1.0;
+    gzip_types text/plain text/xml text/css
+               text/comma-separated-values
+               text/javascript application/x-javascript
+               application/atom+xml;
diff --git a/files/nginx-header-https b/files/nginx-header-https
new file mode 100644
index 0000000..1ae4fbc
--- /dev/null
+++ b/files/nginx-header-https
@@ -0,0 +1,6 @@
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    ssl_certificate         /etc/nginx/ssl.crt;
+    ssl_certificate_key     /etc/nginx/ssl.key;
+
diff --git a/files/nginx-header-https-letsencrypt b/files/nginx-header-https-letsencrypt
new file mode 100644
index 0000000..20bc934
--- /dev/null
+++ b/files/nginx-header-https-letsencrypt
@@ -0,0 +1,25 @@
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    ssl_certificate         /etc/nginx/ssl.crt;
+    ssl_certificate_key     /etc/nginx/ssl.key;
+    ssl_dhparam             /etc/nginx/dhparam.pem;
+
+    # OCSP 
+    ssl_stapling on;
+    ssl_stapling_verify on;
+    ssl_trusted_certificate /etc/nginx/chain.pem;
+
+    # Chipers    
+    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
+    ssl_ciphers EECDH+AESGCM:EDH+AESGCM:EECDH:EDH:!MD5:!RC4:!LOW:!MEDIUM:!CAMELLIA:!ECDSA:!DES:!DSS:!3DES:!NULL; 
+    ssl_prefer_server_ciphers on;
+    ssl_ecdh_curve secp384r1;
+    
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
+    
+    # Session resumption
+    ssl_session_timeout 10m;
+    ssl_session_cache off;
+    ssl_session_tickets on;
+    ssl_session_ticket_key /etc/nginx/nginx-ticketkey;
diff --git a/files/nginx-header-server_name b/files/nginx-header-server_name
new file mode 100644
index 0000000..e69de29
diff --git a/gencode-remote b/gencode-remote
index 3bcf822..918dc2e 100755
--- a/gencode-remote
+++ b/gencode-remote
@@ -1,22 +1,49 @@
 #!/bin/sh
 
 os=$(cat "$__global/explorer/os")
-if [ ! "$os" = "debian" ]
-then
+os_version=$(cat "$__global/explorer/os_version")
+
+# remove this check, if there is support for othere OS
+if [ ! "$os" = "debian" ]; then
     echo "OS $os is currently not supported." >&2
     exit 1
 fi
-os_version=$(cat "$__global/explorer/os_version")
-case "$os_version" in
-    8*)
-        :
+
+case "$os" in
+    centos)
+        restart="/etc/init.d/nginx reload"
     ;;
-    *)
-        echo "Unsupported version $os_version of $os." >&2
+    debian)
+        case "$os_version" in
+            [1-7]*)
+                restart="/etc/init.d/nginx restart"
+                echo "Unsupported version $os_version of $os." >&2
+                exit 1
+            ;;
+            8*)
+                restart="systemctl restart nginx"
+            ;;
+            *)  
+                restart="systemctl restart nginx"
+                echo "Unsupported version $os_version of $os." >&2
+                exit 1
+            ;;
+        esac
+    ;;
+    devuan)
+        restart="/etc/init.d/nginx restart"
+    ;;
+    *)  
+        echo "Unsupported OS: $os" >&2
         exit 1
     ;;
 esac
 
+# maybe we dont need this
+if grep -E -q "^(__file|__link)/etc/nginx" "$__messages_in"; then
+    echo $restart
+fi
+
 nextcloud_uri="$(cat "$__object/parameter/uri")-$(cat "$__object/parameter/version").tar.bz2"
 db_name=$(cat "$__object/parameter/db-name")
 db_user=$(cat "$__object/parameter/db-user")
@@ -27,13 +54,14 @@ domain=$(cat "$__object/parameter/domain")
 
 # TODO check shasum of tar ball 
 cat <<eof
-curl -s -L ${nextcloud_uri} -o /tmp/nextcloud.tar.bz2 
-tar -C /var/www -xvjf /tmp/nextcloud.tar.bz2 
-rm -f /tmp/nextcloud.tar.bz2 
-chown -R www-data:www-data /var/www/nextcloud 
-cd /var/www/nextcloud
-sudo -u www-data php occ maintenance:install --database \
-"pgsql" --database-name "$db_name"  --database-user "$db_user" --database-pass \
-"$db_pass" --admin-user "$admin_user" --admin-pass "$admin_pass"
-sudo -u www-data php occ config:system:set trusted_domains 2 --value="$domain" 
+INSTALL_STATE=\$([ -d /var/www/nextcloud ] && cd /var/www/nextcloud && sudo -u www-data php occ status| grep -o true)
+if [ "\$INSTALL_STATE" != "true" ]; then
+    curl -s -L ${nextcloud_uri} -o /tmp/nextcloud.tar.bz2 
+    tar -C /var/www -xvjf /tmp/nextcloud.tar.bz2 
+    rm -f /tmp/nextcloud.tar.bz2 
+    chown -R www-data:www-data /var/www/nextcloud 
+    cd /var/www/nextcloud
+    sudo -u www-data php occ maintenance:install --database "pgsql" --database-name "$db_name" --database-user "$db_user" --database-pass "$db_pass" --admin-user "$admin_user" --admin-pass "$admin_pass"
+    sudo -u www-data php occ config:system:set trusted_domains 2 --value="$domain"
+fi
 eof
diff --git a/man.rst b/man.rst
new file mode 100644
index 0000000..e675a22
--- /dev/null
+++ b/man.rst
@@ -0,0 +1,117 @@
+cdist-type__ungleich_nextcloud(7)
+=======================================
+This type installs Nextcloud.
+
+ungleich GmbH <cdist--@--ungleich.ch>
+
+
+DESCRIPTION
+-----------
+We suggest to use our type 
+__ungleich_nginx_app_proxy for the nginx configuration.
+Keep in mind, that you have to install the certificates with 
+another type or nginx doesn't start.
+
+
+REQUIRED PARAMETERS
+-------------------
+domain
+    where Nextcloud runs
+
+
+DEFAULT PARAMETERS
+-------------------
+admin-pass  
+    Nextcloud default admin passwort: nextcloud
+
+admin-user
+    Nextcloud default admin user: nextcloud  
+
+db-name
+    Nextcloud default database name: nextcloud     
+
+db-pass     
+    Nextcloud default password: nextcloud
+
+db-user 
+    Nextcloud default database user: nextcloud    
+
+uri
+    Nextcloud default Uniform Resource Identifier (URI): https://download.nextcloud.com/server/releases/nextcloud
+         
+version
+    Nextcloud default version: 11.0.1
+
+
+OPTIONAL PARAMETERS
+-------------------
+admin-pass
+    Nextcloud admin password
+
+admin-user
+    Nextcloud user password
+
+db-name
+    Nextcloud database name
+
+db-pass
+    Nextcloud password
+
+db-user
+     Nextcloud database user
+
+ssl-cert
+    Define the path where the ssl-cert is on the $host
+
+ssl-key
+    Define the path where the ssl-key is on the $host
+
+uri
+     Nextcloud Uniform Resource Identifier (URI)
+
+version
+    Nextcloud version
+
+If not set the type uses the default parameters.   
+
+BOOLEAN PARAMETERS
+------------------
+ssl
+    Enable if you want to use SSL
+
+ssl-no-redirect
+    Enable if you don't want a redirect to https
+
+custom-config-from-stdin
+    Insert this configuration from stdin after the generic part
+
+
+EXAMPLES
+--------
+
+.. code-block:: sh
+
+    # only required
+     __ungleich_nextcloud --domain test.example.org
+
+    # set a different admin-user and db-user; ssl is needed
+    __ungleich_nextcloud --ssl --admin-user ungleich --db-user ungleich --domain test.example.org 
+
+    # custom config
+    __ungleich_nextcloud --domain test.example.org --custom-config-from-stdin << eof
+
+        # some aditional nginx config
+
+    eof
+
+
+SEE ALSO
+--------
+- `cdist-type(7) <cdist-type.html>`_
+
+
+COPYING
+-------
+Copyright \(C) 2017 ungleich GmbH (www.ungleich.ch). 
+Free use of this software is granted under the terms 
+of the GNU General Public License version 3 (GPLv3).
diff --git a/manifest b/manifest
index 8d24c7d..c3de33e 100755
--- a/manifest
+++ b/manifest
@@ -38,8 +38,10 @@ esac
 db_pass=$(cat "$__object/parameter/db-pass")
 db_user=$(cat "$__object/parameter/db-user")
 db_name=$(cat "$__object/parameter/db-name")
+db_name=$(cat "$__object/parameter/domain")
 
-
+# Hostname
+__hostname --name "$domain"
 
 # Install packages
 for package in php7.0-common php7.0-gd php7.0-json php7.0-pgsql php7.0-curl \
@@ -53,7 +55,7 @@ __package postgresql --state=present
 __package curl --state=present
 
 # Configure packages 
-## Php 7 
+## PHP 7 
 __apt_key_uri dotdeb --uri https://www.dotdeb.org/dotdeb.gpg
 require="__apt_key_uri/dotdeb" __apt_source dotdeb --uri http://packages.dotdeb.org \
                                                    --distribution jessie \
@@ -64,12 +66,6 @@ require="__apt_source/dotdeb" __apt_update_index
 require="__package/php7.0-fpm" __file /etc/php/7.0/fpm/pool.d/www.conf \
     --owner root --group root --mode 644 --source "$__type/files/fpm.conf"
 
-
-
-## Nginx
-require="__package/nginx" __file /etc/nginx/sites-enabled/nextcloud --owner www-data \
-    --group www-data --mode 755 --source "$__type/files/nextcloud.nginx"
-
 ## Postgres
 require="__package/postgresql" __postgres_role "${db_user}" --password "${db_pass}"\
                                                             --login --createdb 
@@ -77,7 +73,6 @@ require="__package/postgresql" __postgres_role "${db_user}" --password "${db_pas
 require="__package/postgresql __postgres_role/${db_user}" __postgres_database "${db_name}"\
                                                           --owner "${db_user}" --state present
 
-
 # Start on boot 
 require="__package/postgresql" __start_on_boot postgresql
 require="__package/nginx" __start_on_boot nginx
diff --git a/parameter/boolean b/parameter/boolean
new file mode 100644
index 0000000..24e0cde
--- /dev/null
+++ b/parameter/boolean
@@ -0,0 +1,3 @@
+ssl
+ssl-no-redirect
+custom-config-from-stdin
diff --git a/parameter/default/domain b/parameter/default/domain
deleted file mode 100644
index 3bb24a8..0000000
--- a/parameter/default/domain
+++ /dev/null
@@ -1 +0,0 @@
-cloud.ungleich.ch
diff --git a/parameter/optional b/parameter/optional
index 419e014..455151a 100644
--- a/parameter/optional
+++ b/parameter/optional
@@ -5,4 +5,5 @@ admin-user
 admin-pass
 uri
 version
-domain
+ssl-cert
+ssl-key
diff --git a/parameter/required b/parameter/required
new file mode 100644
index 0000000..d23ab7a
--- /dev/null
+++ b/parameter/required
@@ -0,0 +1 @@
+domain