post(nixos): discourage nix-env

source/_posts/caddy-nixos-part-1.md

@@ -109,7 +109,7 @@ nixos-generate-config --root /mnt
    # This is much less memory-intensive than `nix-env -i package`
    # wormhole-william is Go-implementation of magic-wormhole
    # Available in 20.09+
-    nix-env -f '<nixpkgs>' -iA google-authenticator p7zip usbguard wormhole-william
+   nix-shell -p google-authenticator p7zip usbguard wormhole-william
 
    cd /tmp
    wormhole-william receive configuration.7z

source/_posts/caddy-nixos-part-2.md

@@ -29,10 +29,10 @@ Following diagram shows the architecture behind this website.
 
 ## Prerequisites
 
-Before proceeding to the rest of this guide, there are some system packages that you need to install.
+Before proceeding to the rest of this guide, there are some packages that you need to install.
 
 ```
-$ nix-env -f '<nixpkgs>' -iA google-authenticator p7zip usbguard wormhole-william
+$ nix-shell -p google-authenticator p7zip usbguard wormhole-william
 ```
 
 ## Disable mutableUsers

source/_posts/caddy-nixos-part-3.md

@@ -53,7 +53,7 @@ A package is installed in `/nix/store/<hash>/` folder and that hash is what make
 
 1. Locate the binary in "/nix/store" by checking `$ systemctl status caddy`. This is only available when caddy service is enabled in "configuration.nix". Disabling the service will remove the package.
 2. Install it as a system package using `environment.systemPackages`.
-3. Install it as a user package using `$ nix-env -f '<nixpkgs>' -iA caddy`.
+3. Install it as a user package using Home Manager (recommended), [ad-hoc shell](https://nix.dev/tutorials/first-steps/ad-hoc-shell-environments.html) or `$ nix-env -iA nixpkgs.caddy` ([discouraged](https://stop-using-nix-env.privatevoid.net/)).
 
 caddy.nix grants `CAP_NET_BIND_SERVICE` capability which is not needed in my use case because I'm not binding caddy to port < 1024.
 
@@ -186,7 +186,7 @@ If you followed my {% post_link caddy-nixos-part-2 'Part 2' %} guide, you should
 
 ### Initial setup
 
-Set up Caddy to listen on apex domain and www.* on port 4430
+Set up Caddy to listen on apex domain and www.\* on port 4430
 
 ```plain Caddyfile
 mdleom.com:4430 www.mdleom.com:4430 {
@@ -270,18 +270,19 @@ In Caddyfile, the config can be expressed as:
 To make sure Caddy sends the correct `Host:` header to the upstream/backend locations, I use `header_up` option,
 
 {% codeblock mark:5,13,18 %}
-  handle /img/* {
+handle /img/\* {
 reverse_proxy https://cdn.statically.io {
 header_up Host cdn.statically.io
 }
 }
 
-  handle_path /screenshot/* {
+handle*path /screenshot/* {
-    rewrite * /screenshot/mdleom.com{path}
+rewrite \_ /screenshot/mdleom.com{path}
 
     reverse_proxy https://cdn.statically.io {
       header_up Host cdn.statically.io
     }
+
 }
 
 reverse_proxy https://curben.netlify.app {