diff --git a/hosts/Rupert.nix b/hosts/Rupert.nix
index 9a42cc5..ff42c3e 100644
--- a/hosts/Rupert.nix
+++ b/hosts/Rupert.nix
@@ -73,10 +73,8 @@ in
     # Enable the OpenSSH daemon.
     services.openssh = {
         enable = true;
-        settings = {
-            # ForwardX11 = true;
-            PasswordAuthentication = false;
-        };
+        forwardX11 = true;
+        passwordAuthentication = false;
     };
 
     services.avahi.enable = true;
diff --git a/hosts/dyndns.nix b/hosts/dyndns.nix
index 3c05999..d98a60d 100644
--- a/hosts/dyndns.nix
+++ b/hosts/dyndns.nix
@@ -1,6 +1,9 @@
 { config, pkgs, lib, ... }:
 let
-    interface = "enp3s0";
+    definedInPersonalDotNix = lib.mkDefault (throw "Configuration option missing from personal.nix");
+    getipv6 = pkgs.writeText "getipv6.sh" ''
+      ${pkgs.nettools}/bin/ifconfig enp3s0 | sed -n -E 's/^\ *inet6 (2001(:[0-9a-f]+)+)\ .*$/\1/p'
+    '';
 in
 {
     networking.tempAddresses = "disabled";
@@ -12,7 +15,7 @@ in
             slaac hwaddr
             noipv4ll
 
-            interface ${interface}
+            interface enp3s0
                 static ip_address=192.168.178.43/24	
                 static routers=192.168.178.1
                 static domain_name_servers=192.168.178.1 8.8.8.8
@@ -21,9 +24,19 @@ in
         '';
     };
 
-    services.dyndns = {
+    services.ddclient = {
         enable = true;
-        interface = interface;
-        passwordFile = "/secrets/dyndns_password_${config.services.dyndns.username}.txt";
+        verbose = true;
+        use = "cmd, cmd='${pkgs.bash}/bin/bash ${getipv6}'";
+        domains = [
+            ((lib.toLower config.networking.hostName) + ".gvfr.de")
+        ];
+        ipv6 = true;
+        server = definedInPersonalDotNix;
+        username = definedInPersonalDotNix;
+        passwordFile = "/secrets/dyndns_password_${config.services.ddclient.username}.txt";
+        extraConfig = ''
+            wildcard=no
+        '';
     };
 }
diff --git a/hosts/nextcloud.nix b/hosts/nextcloud.nix
index fd907d5..0e57031 100644
--- a/hosts/nextcloud.nix
+++ b/hosts/nextcloud.nix
@@ -6,7 +6,7 @@ in
     services.nextcloud = {
         enable = true;
         https = true;
-        package = pkgs.nextcloud26;
+        package = pkgs.nextcloud25;
         hostName = hostName;
         datadir = "/data/nextcloud";
         config = {
diff --git a/options/default.nix b/options/default.nix
index 82c8b45..da40b85 100644
--- a/options/default.nix
+++ b/options/default.nix
@@ -6,6 +6,5 @@
         ./auto-upgrade.nix
         ./status-email.nix
         ./btrfs-scrub.nix
-        ./dyndns.nix
     ];
 }
diff --git a/options/dyndns.nix b/options/dyndns.nix
deleted file mode 100644
index 1c2151a..0000000
--- a/options/dyndns.nix
+++ /dev/null
@@ -1,95 +0,0 @@
-{ pkgs, lib, config, ... }:
-let
-    cfg = config.services.dyndns;
-in
-{
-    options.services.dyndns = {
-        enable = lib.mkEnableOption "Update DNS AAAA records via dyndns";
-
-        interface = lib.mkOption {
-            type = lib.types.str;
-            description = "Identifier of the network interface to use";
-        };
-
-        domain = lib.mkOption {
-            type = lib.types.str;
-            description = "Domain name to update";
-        };
-
-        server = lib.mkOption {
-            type = lib.types.str;
-            description = "DynDNS server name";
-        };
-
-        username = lib.mkOption {
-            type = lib.types.str;
-            description = "Username for DynDNS updates";
-        };
-
-        passwordFile = lib.mkOption {
-            type = lib.types.str;
-            description = "File containing the DynDNS password";
-        };
-    };
-
-    config = lib.mkIf cfg.enable {
-        systemd.services.dyndns = {
-            enable = true;
-            after = [ "network.target" ];
-            unitConfig = {
-                Description = "Update AAAA records for ${cfg.domain} via DynDNS";
-            };
-            serviceConfig = {
-                DynamicUser = true;
-                PrivateTmp = true;
-                PrivateDevices = true;
-                ProtectSystem = true;
-                ProtectHome = true;
-                NoNewPrivileges = true;
-            };
-            script = ''
-                #!${pkgs.bash}/bin/bash
-
-                set -eu
-
-                host="${cfg.domain}"
-                interface="${cfg.interface}"
-                dyndns_server="${cfg.server}"
-                dyndns_user="${cfg.username}"
-                dyndns_password="$(cat "${cfg.passwordFile}")"
-
-                new_ip=$(${pkgs.iproute}/bin/ip -6 a show scope global -temporary dev "$interface" | ${pkgs.gnused}/bin/sed -n -E 's/^\ *inet6\ (2001(:[0-9a-f]+)+).*$/\1/p' | head -1)
-
-                if [ -z "$new_ip" ] ; then
-                    echo "Could not determine IP address."
-                    exit 1
-                fi
-
-                current_ip=$(${pkgs.dig}/bin/dig aaaa +short "$host")
-
-                if [ -z "$current_ip" ] ; then
-                    echo "Could not determine current AAAA record."
-                    exit 1
-                fi
-
-                if [ "$current_ip" = "$new_ip" ] ; then
-                    echo "Current AAAA record is already $current_ip, no update needed."
-                    exit 0
-                fi
-
-                echo "Updating IP to $new_ip."
-                ${pkgs.curl}/bin/curl "https://$dyndns_user:$dyndns_password@$dyndns_server/?hostname=$host&myip=$new_ip"
-            '';
-        };
-
-        systemd.timers.dyndns = {
-            description = "Timer for triggering DynDNS updates";
-            wantedBy = [ "timers.target" ];
-            timerConfig = {
-                OnBootSec = "2min";
-                OnUnitActiveSec = "20min";
-                Unit = "dyndns.service";
-            };
-        };
-    };
-}