From 2ee563f5d9987e76b25dc7a7e08df964e27e8834 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicolas=20=E2=80=9CNiols=E2=80=9D=20Jeannerod?=
 <nicolas.jeannerod@moduscreate.com>
Date: Sat, 15 Feb 2025 11:22:55 +0100
Subject: [PATCH] Fix Pixelfed

---
 services/fediversity/pixelfed/default.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/services/fediversity/pixelfed/default.nix b/services/fediversity/pixelfed/default.nix
index 2c3c2b7c..7df53527 100644
--- a/services/fediversity/pixelfed/default.nix
+++ b/services/fediversity/pixelfed/default.nix
@@ -51,6 +51,14 @@ in
     )
 
     (mkIf config.fediversity.pixelfed.enable {
+      ## NOTE: Pixelfed as packaged in nixpkgs has a permission issue that prevents Nginx
+      ## from being able to serving the images. We fix it here, but this should be
+      ## upstreamed. See https://github.com/NixOS/nixpkgs/issues/235147
+      services.pixelfed.package = pkgs.pixelfed.overrideAttrs (old: {
+        patches = (old.patches or [ ]) ++ [ ./group-permissions.patch ];
+      });
+      users.users.nginx.extraGroups = [ "pixelfed" ];
+
       services.pixelfed = {
         enable = true;
         domain = config.fediversity.pixelfed.domain;