diff --git a/README.md b/README.md
index df75859..d2fab3e 100644
--- a/README.md
+++ b/README.md
@@ -24,11 +24,6 @@ example:
             # httpPort = 8080;
             # httpsPort = null;
 
-            bun2nix = {
-              enable = true;
-              outputFile = "bun.nix";
-            };
-
             environment = {
               DOMAIN_NAME = "wafrn.example.com";
               CACHE_DOMAIN = "cache.wafrn.example.com";
diff --git a/flake.lock b/flake.lock
index 2ad145d..dd9771a 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,62 +1,5 @@
 {
   "nodes": {
-    "bun2nix": {
-      "inputs": {
-        "flake-parts": "flake-parts",
-        "import-tree": "import-tree",
-        "nixpkgs": [
-          "nixpkgs"
-        ],
-        "systems": "systems",
-        "treefmt-nix": "treefmt-nix"
-      },
-      "locked": {
-        "lastModified": 1770895533,
-        "narHash": "sha256-v3QaK9ugy9bN9RXDnjw0i2OifKmz2NnKM82agtqm/UY=",
-        "owner": "nix-community",
-        "repo": "bun2nix",
-        "rev": "c843f477b15f51151f8c6bcc886954699440a6e1",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "bun2nix",
-        "type": "github"
-      }
-    },
-    "flake-parts": {
-      "inputs": {
-        "nixpkgs-lib": "nixpkgs-lib"
-      },
-      "locked": {
-        "lastModified": 1769996383,
-        "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=",
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "rev": "57928607ea566b5db3ad13af0e57e921e6b12381",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "type": "github"
-      }
-    },
-    "import-tree": {
-      "locked": {
-        "lastModified": 1763762820,
-        "narHash": "sha256-ZvYKbFib3AEwiNMLsejb/CWs/OL/srFQ8AogkebEPF0=",
-        "owner": "vic",
-        "repo": "import-tree",
-        "rev": "3c23749d8013ec6daa1d7255057590e9ca726646",
-        "type": "github"
-      },
-      "original": {
-        "owner": "vic",
-        "repo": "import-tree",
-        "type": "github"
-      }
-    },
     "nixpkgs": {
       "locked": {
         "lastModified": 1771419570,
@@ -73,62 +16,10 @@
         "type": "github"
       }
     },
-    "nixpkgs-lib": {
-      "locked": {
-        "lastModified": 1769909678,
-        "narHash": "sha256-cBEymOf4/o3FD5AZnzC3J9hLbiZ+QDT/KDuyHXVJOpM=",
-        "owner": "nix-community",
-        "repo": "nixpkgs.lib",
-        "rev": "72716169fe93074c333e8d0173151350670b824c",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nixpkgs.lib",
-        "type": "github"
-      }
-    },
     "root": {
       "inputs": {
-        "bun2nix": "bun2nix",
         "nixpkgs": "nixpkgs"
       }
-    },
-    "systems": {
-      "locked": {
-        "lastModified": 1681028828,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
-        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-systems",
-        "repo": "default",
-        "type": "github"
-      }
-    },
-    "treefmt-nix": {
-      "inputs": {
-        "nixpkgs": [
-          "bun2nix",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1770228511,
-        "narHash": "sha256-wQ6NJSuFqAEmIg2VMnLdCnUc0b7vslUohqqGGD+Fyxk=",
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "rev": "337a4fe074be1042a35086f15481d763b8ddc0e7",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "type": "github"
-      }
     }
   },
   "root": "root",
diff --git a/flake.nix b/flake.nix
index ba58a24..d5b85c5 100644
--- a/flake.nix
+++ b/flake.nix
@@ -3,16 +3,11 @@
 
   inputs = {
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
-    bun2nix.url = "github:nix-community/bun2nix";
-    bun2nix.inputs.nixpkgs.follows = "nixpkgs";
   };
 
-  outputs = { self, bun2nix, ... }: {
+  outputs = { self, ... }: {
     nixosModules = {
-      wafrn = { ... }: {
-        imports = [ ./modules/wafrn.nix ];
-        _module.args.bun2nixFlake = bun2nix;
-      };
+      wafrn = import ./modules/wafrn.nix;
       default = self.nixosModules.wafrn;
     };
   };
diff --git a/modules/wafrn.nix b/modules/wafrn.nix
index 87e4b67..91a41c9 100644
--- a/modules/wafrn.nix
+++ b/modules/wafrn.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, bun2nixFlake ? null, ... }:
+{ config, lib, pkgs, ... }:
 let
   inherit (lib)
     concatStringsSep
@@ -105,14 +105,15 @@ let
 
   serviceEnvFile = "${cfg.stateDir}/.env";
   composeFile = "${cfg.stateDir}/docker-compose.yml";
-  bunNixFile = "${cfg.stateDir}/${cfg.bun2nix.outputFile}";
   sourcePath = cfg.source;
 
-  bun2nixCli =
-    if bun2nixFlake != null then
-      "${bun2nixFlake.packages.${pkgs.system}.default}/bin/bun2nix"
-    else
-      "${pkgs.bun}/bin/bunx bun2nix";
+  publishedPorts =
+    lib.optionals (cfg.httpPort != null) [ "${toString cfg.httpPort}:80" ]
+    ++ lib.optionals (cfg.httpsPort != null) [ "${toString cfg.httpsPort}:443" ];
+
+  firewallPorts =
+    lib.optionals (cfg.httpPort != null) [ cfg.httpPort ]
+    ++ lib.optionals (cfg.httpsPort != null) [ cfg.httpsPort ];
 
   serviceCommon = {
     restart = "unless-stopped";
@@ -315,32 +316,6 @@ in
       description = "Enable Adminer container.";
     };
 
-    bun2nix = {
-      enable = mkOption {
-        type = types.bool;
-        default = true;
-        description = "Generate a bun2nix expression from the Wafrn bun lock file before starting.";
-      };
-
-      lockFile = mkOption {
-        type = types.str;
-        default = "bun.lock";
-        description = "Lock file path relative to services.wafrn.source.";
-      };
-
-      outputFile = mkOption {
-        type = types.str;
-        default = "bun.nix";
-        description = "Generated bun2nix expression filename under services.wafrn.stateDir.";
-      };
-
-      copyPrefix = mkOption {
-        type = types.str;
-        default = "./";
-        description = "Value passed to bun2nix --copy-prefix for workspace/file dependencies.";
-      };
-    };
-
     bluesky = {
       enable = mkOption {
         type = types.bool;
@@ -372,10 +347,6 @@ in
         assertion = cfg.httpPort != null || cfg.httpsPort != null;
         message = "services.wafrn requires at least one published port (httpPort or httpsPort).";
       }
-      {
-        assertion = (!cfg.bun2nix.enable) || (bun2nixFlake != null);
-        message = "services.wafrn.bun2nix.enable requires using this module from the flake output so bun2nix is available.";
-      }
     ];
 
     systemd.tmpfiles.rules = [
@@ -402,17 +373,6 @@ in
         RemainAfterExit = true;
       };
       script = ''
-        ${optionalString cfg.bun2nix.enable ''
-          if [ ! -f "${cfg.source}/${cfg.bun2nix.lockFile}" ]; then
-            echo "missing lockfile: ${cfg.source}/${cfg.bun2nix.lockFile}" >&2
-            exit 1
-          fi
-          ${bun2nixCli} \
-            --lock-file "${cfg.source}/${cfg.bun2nix.lockFile}" \
-            --output-file "${bunNixFile}" \
-            --copy-prefix "${cfg.bun2nix.copyPrefix}"
-        ''}
-
         install -m 0600 ${envTemplate} ${serviceEnvFile}
         ${optionalString (cfg.secretsFile != null) ''
           cat "${cfg.secretsFile}" >> ${serviceEnvFile}
@@ -448,10 +408,3 @@ in
     };
   };
 }
-  publishedPorts =
-    lib.optionals (cfg.httpPort != null) [ "${toString cfg.httpPort}:80" ]
-    ++ lib.optionals (cfg.httpsPort != null) [ "${toString cfg.httpsPort}:443" ];
-
-  firewallPorts =
-    lib.optionals (cfg.httpPort != null) [ cfg.httpPort ]
-    ++ lib.optionals (cfg.httpsPort != null) [ cfg.httpsPort ];