diff --git a/deployment/check/basic/nixosTest.nix b/deployment/check/basic/nixosTest.nix
index 600baefb..9aa099f2 100644
--- a/deployment/check/basic/nixosTest.nix
+++ b/deployment/check/basic/nixosTest.nix
@@ -10,6 +10,11 @@
         inputs.nixops4.packages.${pkgs.system}.default
       ];
 
+      system.extraDependencies = with pkgs; [
+        jq
+        jq.inputDerivation
+      ];
+
       system.extraDependenciesFromModule =
         { pkgs, ... }:
         {
diff --git a/flake.lock b/flake.lock
index 4eff9508..b3792fc5 100644
--- a/flake.lock
+++ b/flake.lock
@@ -598,17 +598,17 @@
     },
     "nixpkgs_4": {
       "locked": {
-        "lastModified": 1740463929,
-        "narHash": "sha256-4Xhu/3aUdCKeLfdteEHMegx5ooKQvwPHNkOgNCXQrvc=",
+        "lastModified": 1744215327,
+        "narHash": "sha256-sjnFt1xZFp9dAQCBRlUTqkclr/4fKNurZrctYHWozaw=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "5d7db4668d7a0c6cc5fc8cf6ef33b008b2b1ed8b",
+        "rev": "f33a4d26226c05d501b9d4d3e5e60a3a59991921",
         "type": "github"
       },
       "original": {
         "owner": "nixos",
-        "ref": "nixos-24.11",
         "repo": "nixpkgs",
+        "rev": "f33a4d26226c05d501b9d4d3e5e60a3a59991921",
         "type": "github"
       }
     },
diff --git a/flake.nix b/flake.nix
index 6dd3d3df..6e97183b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,6 +1,6 @@
 {
   inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; # consumed by flake-parts
+    nixpkgs.url = "github:nixos/nixpkgs/f33a4d26226c05d501b9d4d3e5e60a3a59991921"; # consumed by flake-parts
     flake-parts.url = "github:hercules-ci/flake-parts";
     git-hooks.url = "github:cachix/git-hooks.nix";
     nixops4.follows = "nixops4-nixos/nixops4";
diff --git a/services/fediversity/pixelfed/default.nix b/services/fediversity/pixelfed/default.nix
index d6328e3b..9080e6ba 100644
--- a/services/fediversity/pixelfed/default.nix
+++ b/services/fediversity/pixelfed/default.nix
@@ -56,12 +56,6 @@ in
     )
 
     (mkIf config.fediversity.pixelfed.enable {
-      ## NOTE: Pixelfed as packaged in nixpkgs has a permission issue that prevents Nginx
-      ## from being able to serving the images. We fix it here, but this should be
-      ## upstreamed. See https://github.com/NixOS/nixpkgs/issues/235147
-      services.pixelfed.package = pkgs.pixelfed.overrideAttrs (old: {
-        patches = (old.patches or [ ]) ++ [ ./group-permissions.patch ];
-      });
       users.users.nginx.extraGroups = [ "pixelfed" ];
 
       services.pixelfed = {
diff --git a/services/fediversity/pixelfed/group-permissions.patch b/services/fediversity/pixelfed/group-permissions.patch
deleted file mode 100644
index d7dd442d..00000000
--- a/services/fediversity/pixelfed/group-permissions.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-diff --git a/config/filesystems.php b/config/filesystems.php
-index 00254e93..fc1a58f3 100644
---- a/config/filesystems.php
-+++ b/config/filesystems.php
-@@ -49,11 +49,11 @@ return [
-             'permissions' => [
-                 'file' => [
-                     'public' => 0644,
--                    'private' => 0600,
-+                    'private' => 0640,
-                 ],
-                 'dir' => [
-                     'public' => 0755,
--                    'private' => 0700,
-+                    'private' => 0750,
-                 ],
-             ],
-         ],