diff --git a/configuration/default.nix b/configuration/default.nix
index 6f93440..3b580eb 100644
--- a/configuration/default.nix
+++ b/configuration/default.nix
@@ -131,7 +131,10 @@
     sudo.execWheelOnly = true;
 
     pam = {
-      enableSSHAgentAuth = true;
+      sshAgentAuth = {
+        enable = true;
+        authorizedKeysFiles = ["/etc/ssh/authorized_keys.d/%u"];
+      };
       services.sudo.sshAgentAuth = true;
     };
   };
diff --git a/configuration/services/nextcloud.nix b/configuration/services/nextcloud.nix
index bd36041..2c7fe4f 100644
--- a/configuration/services/nextcloud.nix
+++ b/configuration/services/nextcloud.nix
@@ -3,6 +3,9 @@
   config,
   ...
 }: let
+  # Update pending on rewrite of nextcloud news, though there is an
+  # alpha to switch to if it becomes necessary:
+  # https://github.com/nextcloud/news/issues/2610
   nextcloud = pkgs.nextcloud27;
   hostName = "nextcloud.${config.services.nginx.domain}";
 in {
@@ -17,15 +20,16 @@ in {
     configureRedis = true;
 
     config = {
-      overwriteProtocol = "https";
-
       dbtype = "pgsql";
       dbhost = "/run/postgresql";
 
       adminuser = "tlater";
       adminpassFile = config.sops.secrets."nextcloud/tlater".path;
+    };
 
-      defaultPhoneRegion = "AT";
+    settings = {
+      default_phone_region = "AT";
+      overwriteprotocol = "https";
     };
 
     phpOptions = {
@@ -37,8 +41,6 @@ in {
     };
   };
 
-  services.redis.vmOverCommit = true;
-
   # Ensure that this service doesn't start before postgres is ready
   systemd.services.nextcloud-setup.after = ["postgresql.service"];
 
diff --git a/flake.lock b/flake.lock
index dce5748..3f8dcb9 100644
--- a/flake.lock
+++ b/flake.lock
@@ -242,16 +242,16 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1714272655,
-        "narHash": "sha256-3/ghIWCve93ngkx5eNPdHIKJP/pMzSr5Wc4rNKE1wOc=",
+        "lastModified": 1718208800,
+        "narHash": "sha256-US1tAChvPxT52RV8GksWZS415tTS7PV42KTc2PNDBmc=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "12430e43bd9b81a6b4e79e64f87c624ade701eaf",
+        "rev": "cc54fb41d13736e92229c21627ea4f22199fee6b",
         "type": "github"
       },
       "original": {
         "owner": "nixos",
-        "ref": "nixos-23.11",
+        "ref": "nixos-24.05",
         "repo": "nixpkgs",
         "type": "github"
       }
diff --git a/flake.nix b/flake.nix
index ae22b2e..09a74ac 100644
--- a/flake.nix
+++ b/flake.nix
@@ -2,7 +2,7 @@
   description = "tlater.net host configuration";
 
   inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
     nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
     disko = {
       url = "github:nix-community/disko";