caddy: update to unstable

The default config for automatic ACME no longer works in Caddy <2.8.0.
This is due to changes with ZeroSSL's auth. Update to unstable Caddy
which is new enough to renew certs again.

Context: https://github.com/caddyserver/caddy/releases/tag/v2.8.0

Add `pkgs.unstable` as an overlay as recommended on the NixOS wiki. This
is needed here as Caddy must be runnable on all architectures.

flake.nix

@@ -27,6 +27,7 @@
         fqdns = builtins.attrNames (builtins.readDir ./hosts);
         getSystemOverlays = system: nixpkgsConfig: [
           (final: prev: {
+             unstable = nixpkgs-unstable.legacyPackages.${prev.system};
             "storj" = final.callPackage ./pkgs/storj.nix { };
           })
         ];

hosts/sodium.pop.ts.hillion.co.uk/default.nix

@@ -1,4 +1,4 @@
-{ config, pkgs, nixpkgs-unstable, lib, nixos-hardware, ... }:
+{ config, pkgs, lib, nixos-hardware, ... }:
 
 {
   imports = [

modules/resilio.nix

@@ -1,4 +1,4 @@
-{ pkgs, lib, config, nixpkgs-unstable, ... }:
+{ pkgs, lib, config, ... }:
 
 let
   cfg = config.custom.resilio;

modules/services/gitea/gitea.nix

@@ -1,4 +1,4 @@
-{ config, pkgs, lib, nixpkgs-unstable, ... }:
+{ config, pkgs, lib, ... }:
 
 let
   cfg = config.custom.services.gitea;
@@ -55,7 +55,7 @@ in
 
     services.gitea = {
       enable = true;
-      package = nixpkgs-unstable.legacyPackages.x86_64-linux.gitea;
+      package = pkgs.unstable.gitea;
       mailerPasswordFile = config.age.secrets."gitea/mailer_password".path;
 
       appName = "Hillion Gitea";

modules/www/global.nix

@@ -33,6 +33,7 @@ in
 
     services.caddy = {
       enable = true;
+      package = pkgs.unstable.caddy;
 
       virtualHosts = {
         "hillion.co.uk".extraConfig = ''