diff --git a/flake.nix b/flake.nix
index 88dbb1d..e673ecf 100644
--- a/flake.nix
+++ b/flake.nix
@@ -50,6 +50,7 @@
                     nix-serve-ng.nixosModules.default
 
                     ./nix/application/containers.nix
+                    ./nix/application/miniflux.nix
                     ./nix/application/nginx.nix
 
                     ./nix/monitoring/nginx.nix
diff --git a/nix/application/containers.nix b/nix/application/containers.nix
index 1b23cca..6559a84 100644
--- a/nix/application/containers.nix
+++ b/nix/application/containers.nix
@@ -53,22 +53,29 @@
       };
 
       purr = {
-        image = "docker.matri.cx/purr";
+        image = "docker.matri.cx/purr:4";
         ports = [ "5195:3000" ];
         volumes = [
-          "/home/sezycei/dev/purr/data/Purr.sqlite:/app/data/Purr.sqlite"
-          "/home/sezycei/dev/purr/config.dhall:/app/config.dhall"
+          "/home/sezycei/srv/containerdata/purr/data:/app/data"
         ];
-        environment = { };
+        environment = { 
+          ENVIRONMENT = "production";
+          APPLICATIONHOST = "localhost";
+          APPLICATIONPORT = "3000";
+          DATADIR = "/app/";
+          LINKLENGTH = "24";
+          ADMINEMAIL = "james@eversole.co";
+          PURRNOFILE = "true";
+        };
       };
 
       registry = {
         image = "registry:2.8.3";
         ports = [ "3001:5000" ];
         volumes = [
-          "/home/sezycei/srv/containerdata/registry/registry/data:/var/lib/registry"
-          "/home/sezycei/srv/containerdata/registry/registry/certs:/certs"
-          "/home/sezycei/srv/containerdata/registry/registry/auth:/auth"
+          "/home/sezycei/srv/containerdata/registry/data:/var/lib/registry"
+          "/home/sezycei/srv/containerdata/registry/certs:/certs"
+          "/home/sezycei/srv/containerdata/registry/auth:/auth"
         ];
         environment = { };
       };
diff --git a/nix/application/miniflux.nix b/nix/application/miniflux.nix
new file mode 100644
index 0000000..0095edf
--- /dev/null
+++ b/nix/application/miniflux.nix
@@ -0,0 +1,11 @@
+{ pkgs, config, ...}: {
+  services.miniflux = {
+    enable = true;
+    adminCredentialsFile = config.age.secrets.miniflux.path;
+    config = {
+      CLEANUP_FREQUENCY_HOURS = "72";
+      LISTEN_ADDR = "0.0.0.0:26343";
+      BASE_URL = "https://flux.matri.cx";
+    };
+  };
+}
diff --git a/nix/application/nginx.nix b/nix/application/nginx.nix
index 0aa5f71..dbe40f9 100644
--- a/nix/application/nginx.nix
+++ b/nix/application/nginx.nix
@@ -53,16 +53,18 @@
         "docker.matri.cx" = proxiedAuth {
           auth = config.age.secrets.htpasswd-dock.path;
           target = "http://127.0.0.1:3001";
+          extra = ''
+            client_max_body_size 0;
+          '';
         };
         "eversole.co" = static { dir = "/var/www/jame.su"; };
-        "food.eversole.co" = proxied {
-          target = "http://127.0.0.1:52230";
+        "flux.matri.cx" = proxied {
+          target = "http://127.0.0.1:26343";
         };
         "git.eversole.co" = {
           enableACME = true;
           forceSSL = true;
           locations."/" = { root = "/var/www/git.eversole.co"; tryFiles = "$uri $uri/ @git"; };
-          locations."/purr".return = "301 https://git.eversole.co";
           locations."@git" = { proxyPass = "http://127.0.0.1:23232"; priority = 600; };
         };
         "graf.matri.cx" = { root = "/var/www/graf.matri.cx"; }; # refer to /monitoring/nginx.nix
diff --git a/nix/system/age.nix b/nix/system/age.nix
index 73df3af..f5bff34 100644
--- a/nix/system/age.nix
+++ b/nix/system/age.nix
@@ -10,8 +10,14 @@
         owner = "grafana";
         group = "grafana";
       };
-      htpasswd-dock.file = ../../secrets/htpasswd-dock.age;
+      htpasswd-dock = {
+        file = ../../secrets/htpasswd-dock.age;
+        mode = "770";
+        owner = "nginx";
+        group = "nginx";
+      };
       keys.file = ../../secrets/keys.age;
+      miniflux.file = ../../secrets/miniflux.age;
       transmission-env.file = ../../secrets/transmission-env.age;
     };
     identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
diff --git a/nix/system/network.nix b/nix/system/network.nix
index ef9c21f..7fcddae 100644
--- a/nix/system/network.nix
+++ b/nix/system/network.nix
@@ -2,7 +2,7 @@
   networking = {
     hostName = "eve-psr-nix0";
     firewall = {
-      allowedTCPPorts = [ 22 80 443 7860 23231 23232 23233 9418 ];
+      allowedTCPPorts = [ 22 80 443 7860 23231 23232 23233 9418 3000 ];
       allowedUDPPorts = [ 53 1194 ];
       trustedInterfaces = [ "tun0" ];
     };
diff --git a/secrets.nix b/secrets.nix
index b834ad1..c7ff715 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -12,5 +12,6 @@ in
   "secrets/graf-email.age" = { publicKeys = all; };
   "secrets/htpasswd-dock.age" = { publicKeys = all; };
   "secrets/keys.age" = { publicKeys = all; };
+  "secrets/miniflux.age" = { publicKeys = all; };
   "secrets/transmission-env.age" = { publicKeys = all; };
 }
diff --git a/secrets/miniflux.age b/secrets/miniflux.age
new file mode 100644
index 0000000..5aa9fdc
Binary files /dev/null and b/secrets/miniflux.age differ