diff --git a/hosts/by-name/servo/services/lemmy.nix b/hosts/by-name/servo/services/lemmy.nix
index dcf24eee..3d096de7 100644
--- a/hosts/by-name/servo/services/lemmy.nix
+++ b/hosts/by-name/servo/services/lemmy.nix
@@ -1,3 +1,8 @@
+# docs:
+# - <repo:LemmyNet/lemmy:docker/federation/nginx.conf>
+# - <repo:LemmyNet/lemmy:docker/nginx.conf>
+# - <repo:LemmyNet/lemmy-ansible:templates/nginx.conf>
+
 { config, lib, ... }:
 let
   inherit (builtins) toString;
@@ -15,6 +20,7 @@ in {
     settings.port = backendPort;
     ui.port = uiPort;
     database.createLocally = true;
+    nginx.enable = true;
   };
 
   systemd.services.lemmy.serviceConfig = {
@@ -46,53 +52,6 @@ in {
   services.nginx.virtualHosts."lemmy.uninsane.org" = {
     forceSSL = true;
     enableACME = true;
-    locations = let
-      ui = "http://127.0.0.1:${toString uiPort}";
-      backend = "http://127.0.0.1:${toString backendPort}";
-    in {
-      # see <LemmyNet/lemmy:docker/federation/nginx.conf>
-      # see <LemmyNet/lemmy:docker/nginx.conf>
-      # see <LemmyNet/lemmy-ansible:templates/nginx.conf>
-      "/" = {
-        # "frontend general requests"
-        proxyPass = "$proxpass";
-        extraConfig = ''
-          set $proxpass "${ui}";
-          if ($http_accept = "application/activity+json") {
-            set $proxpass "${backend}";
-          }
-          if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {
-            set $proxpass "${backend}";
-          }
-
-          # XXX: lemmy-ansible nginx uses this maximally broad redirection
-          # if ($http_accept ~ "^application/.*$") {
-          #   set $proxpass "${backend}";
-          # }
-          # XXX: POST redirection occurs in lemmy-ansible and docker/nginx.conf but not docker/federation/nginx.conf
-          if ($request_method = POST) {
-            set $proxpass "${backend}";
-          }
-
-          # Cuts off the trailing slash on URLs to make them valid
-          rewrite ^(.+)/+$ $1 permanent;
-
-          proxy_set_header X-Real-IP $remote_addr;
-          proxy_set_header Host $host;
-          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        '';
-      };
-      "~ ^/(api|pictrs|feeds|nodeinfo|.well-known)" = {
-        # "backend"
-        proxyPass = backend;
-        proxyWebsockets = true;
-        extraConfig = ''
-          proxy_set_header X-Real-IP $remote_addr;
-          proxy_set_header Host $host;
-          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        '';
-      };
-    };
   };
 
   sane.services.trust-dns.zones."uninsane.org".inet.CNAME."lemmy" = "native";
diff --git a/nixpatches/list.nix b/nixpatches/list.nix
index 8949477a..f5e5eebd 100644
--- a/nixpatches/list.nix
+++ b/nixpatches/list.nix
@@ -75,6 +75,12 @@ in [
     hash = "sha256-Tqr8Ri8X2dDljDmWmjAQDRJGNenSFhrY/wr24h2JAh0=";
   })
 
+  (fetchpatch' {
+    # nixos/lemmy: support nginx
+    saneCommit = "4c86db6dcb78795ac9bb514d9c779fd591070b23";
+    hash = "sha256-G7jGhSPUp9BMxh2yTzo0KUUVabMJeZ28YTA+0iPldRI=";
+  })
+
   (fetchpatch' {
     # feedbackd: 0.1.0 -> 0.2.0
     saneCommit = "a0186a5782708a640cd6eaad6e9742b9cccebe9d";