diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix
index fe683e3..ebe3c33 100644
--- a/modules/services/nextcloud.nix
+++ b/modules/services/nextcloud.nix
@@ -219,12 +219,14 @@ helper.mkPodmanService {
       onFailure = [ "service-failure-notify@%n.service" ];
       startLimitBurst = 5;
       startLimitIntervalSec = 600;
-      path = [ pkgs.coreutils pkgs.sudo pkgs.podman pkgs.systemd pkgs.jq ];
+      path = [ pkgs.coreutils pkgs.sudo pkgs.podman pkgs.systemd ];
       serviceConfig = {
         Type = "oneshot";
         RemainAfterExit = true;
       };
       script = ''
+        OCC="sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ"
+
         [[ ! -e /var/lib/numbus-server/${name}/.env ]] && systemctl start ${name}-secrets.service
         until [[ -e /var/lib/numbus-server/${name}/.env ]]; do
           echo "Waiting for secrets generation..."
@@ -232,55 +234,46 @@ helper.mkPodmanService {
         done
         source /var/lib/numbus-server/${name}/.env
 
-        until sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ status >/dev/null 2>&1; do
+        until $OCC status >/dev/null 2>&1; do
           echo "Waiting for Nextcloud to be up and running..."
           sleep 10
         done
 
-        sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ db:add-missing-indices
-        sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ maintenance:repair --include-expensive
+        $OCC db:add-missing-indices
+        $OCC maintenance:repair --include-expensive
 
         INSTALL_APPS_LIST=( "calendar" "contacts" "mail" "notes" "onlyoffice" "cookbook" "whiteboard" )
         REMOVE_APPS_LIST=( "activity" "federation" "webhook_listeners" "photos" "recommendations" "sharebymail" "teams" "support" "richdocumentscode" )
 
-        OCC="sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ"
-        APPS_STATE=$($OCC app:list --output=json)
-
         for app in ''${INSTALL_APPS_LIST[@]}; do
-          if ! echo "$APPS_STATE" | jq -e ".enabled[\"$app\"] or .disabled[\"$app\"]" > /dev/null; then
+          if ! $OCC --no-warnings app:list | grep -iq "$app:"; then
             $OCC --no-warnings app:install "$app"
-            APPS_STATE=$($OCC app:list --output=json)
-          fi
-          if ! echo "$APPS_STATE" | jq -e ".enabled[\"$app\"]" > /dev/null; then
+          if $OCC --no-warnings app:list --disabled | grep -iq "$app:"; then
             $OCC --no-warnings app:enable "$app"
-            APPS_STATE=$($OCC app:list --output=json)
           fi
         done
         for app in ''${REMOVE_APPS_LIST[@]}; do
-          if echo "$APPS_STATE" | jq -e ".enabled[\"$app\"]" > /dev/null; then
+          if $OCC --no-warnings app:list --enabled | grep -iq "$app:"; then
             $OCC --no-warnings app:disable "$app"
-            APPS_STATE=$($OCC app:list --output=json)
-          fi
-          if echo "$APPS_STATE" | jq -e ".enabled[\"$app\"] or .disabled[\"$app\"]" > /dev/null; then
+          if $OCC --no-warnings app:list | grep -iq "$app:"; then
             $OCC --no-warnings app:remove "$app"
-            APPS_STATE=$($OCC app:list --output=json)
           fi
         done
-        sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ --no-warnings config:system:set onlyoffice DocumentServerInternalUrl --value="https://onlyoffice.${config.numbus.services.domain}/"
-        sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ --no-warnings config:system:set onlyoffice DocumentServerUrl --value="https://onlyoffice.${config.numbus.services.domain}/"
-        sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ --no-warnings config:system:set onlyoffice jwt_secret --value="$ONLYOFFICE_PASSWORD"
-        sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ --no-warnings config:app:set whiteboard collabBackendUrl --value="https://whiteboard.${config.numbus.services.domain}"
-        sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ --no-warnings config:app:set whiteboard jwt_secret_key --value="$WHITEBOARD_PASSWORD"
+        $OCC --no-warnings config:system:set onlyoffice DocumentServerInternalUrl --value="https://onlyoffice.${config.numbus.services.domain}/"
+        $OCC --no-warnings config:system:set onlyoffice DocumentServerUrl --value="https://onlyoffice.${config.numbus.services.domain}/"
+        $OCC --no-warnings config:system:set onlyoffice jwt_secret --value="$ONLYOFFICE_PASSWORD"
+        $OCC --no-warnings config:app:set whiteboard collabBackendUrl --value="https://whiteboard.${config.numbus.services.domain}"
+        $OCC --no-warnings config:app:set whiteboard jwt_secret_key --value="$WHITEBOARD_PASSWORD"
 
         if [[ ! -f /var/lib/numbus-server/${name}/croned.true ]]; then
-          sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ background:cron
+          $OCC background:cron
           sudo -u numbus-admin podman exec --user www-data nextcloud-server php -f /var/www/html/cron.php
           touch /var/lib/numbus-server/${name}/croned.true
         fi
 
         if [[ ! -f /var/lib/numbus-server/${name}/scanned.true ]]; then
-          sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ files:scan --all
-          sudo -u numbus-admin podman exec --user www-data nextcloud-server php occ files:repair-tree
+          $OCC files:scan --all
+          $OCC files:repair-tree
           touch /var/lib/numbus-server/${name}/scanned.true
         fi
       '';