diff --git a/README.md b/README.md
index 6e54d1a0..9f654d9d 100644
--- a/README.md
+++ b/README.md
@@ -9,3 +9,17 @@ This is using flakes for reproducibility and home manager for setting up user-sp
 Workstations are set up by running ` sudo nixos-rebuild switch --flake '.#'` and servers are by `nixos-rebuild switch --flake '.#servername' --target-host root@hostname`.
 I don't use home manager the program, everything is referenced from the top flake.
 
+
+## infra setup
+
+```mermaid
+sequenceDiagram
+Alice ->> Bob: Hello Bob, how are you?
+Bob-->>John: How about you John?
+Bob--x Alice: I am good thanks!
+Bob-x John: I am good thanks!
+Note right of John: Bob thinks a long<br/>long time, so long<br/>that the text does<br/>not fit on a row.
+
+Bob-->Alice: Checking with John...
+Alice->John: Yes... John, how are you?
+```
diff --git a/nixos/boxes/mb1/default.nix b/nixos/boxes/mb1/default.nix
index f5284981..ef9457ee 100644
--- a/nixos/boxes/mb1/default.nix
+++ b/nixos/boxes/mb1/default.nix
@@ -6,7 +6,6 @@
     ./atuin.nix
   ];
   networking.hostName = "mb1";
-  environment.systemPackages = with pkgs; [ ];
 
   boot.loader.grub = {
     devices = [ "/dev/vda" ];
diff --git a/nixos/boxes/vpsfree1/gitea.nix b/nixos/boxes/vpsfree1/gitea.nix
index f1bb70bb..33375b4e 100644
--- a/nixos/boxes/vpsfree1/gitea.nix
+++ b/nixos/boxes/vpsfree1/gitea.nix
@@ -1,11 +1,5 @@
-{
-  config,
-  pkgs,
-  inputs,
-  lib,
-  system,
-  ...
-}: let
+{ config, pkgs, inputs, lib, system, ... }:
+let
   httpPort = 8083;
   sshPort = 22;
   domain = "git.cyplo.dev";
@@ -27,18 +21,18 @@
     };
     groups."${systemGroupName}" = {
       inherit gid;
-      members = ["${systemUserName}" "nginx"];
+      members = [ "${systemUserName}" "nginx" ];
     };
   };
 in {
-  imports = [../nginx.nix];
+  imports = [ ../nginx.nix ];
 
   inherit users;
 
-  boot.kernel.sysctl = {"net.ipv4.ip_unprivileged_port_start" = 0;};
+  boot.kernel.sysctl = { "net.ipv4.ip_unprivileged_port_start" = 0; };
   systemd.services.systemd-sysctl.enable = lib.mkForce true;
 
-  networking.firewall.allowedTCPPorts = [sshPort];
+  networking.firewall.allowedTCPPorts = [ sshPort ];
   services.nginx = {
     virtualHosts = {
       "${domain}" = {
@@ -80,19 +74,12 @@ in {
         isReadOnly = true;
       };
     };
-    config = {
-      config,
-      pkgs,
-      lib,
-      ...
-    }: {
+    config = { config, pkgs, lib, ... }: {
       system.stateVersion = "22.11";
-      users =
-        users
-        // {
-          mutableUsers = false;
-          allowNoPasswordLogin = true;
-        };
+      users = users // {
+        mutableUsers = false;
+        allowNoPasswordLogin = true;
+      };
       services.gitea = {
         inherit domain httpPort;
         enable = true;
@@ -103,6 +90,13 @@ in {
         package = inputs.nixpkgs-master.legacyPackages.${system}.forgejo;
         settings = {
           service.DISABLE_REGISTRATION = true;
+          "markup.mermaid" = {
+            ENABLED = true;
+            FILE_EXTENSIONS = ".md";
+            RENDER_COMMAND =
+              "${pkgs.asciidoc-full}/bin/asciidoc --out-file=- -";
+            IS_INPUT_FILE = false;
+          };
           server = {
             START_SSH_SERVER = true;
             SSH_PORT = sshPort;