flake: split mediaserver onto nixos-25.11, keep desktops on unstable

The mediaserver kept hard-freezing on local builds (gnupg, openldap,
deno/rusty-v8) whenever a fresh unstable revision outran Hydra's
binary cache. It doesn't need bleeding-edge packages — every service
it runs is mature enough that 6-month-old versions are fine — so move
it onto the stable channel where the cache is essentially always
warm. Gaming and Macbook stay on unstable for fresh GPU/kernel work.

Implementation: add nixpkgs-stable + home-manager-stable inputs,
parameterise mkHost to accept a (nixpkgs, home-manager) pair.

Drive-by:
- Switch homepage.nix from environmentFiles (plural, unstable-only)
  to environmentFile (singular, present on both channels).
- Gate the openldap-skip-tests overlay to non-mediaserver hosts so
  it doesn't force a local rebuild on stable, where openldap is
  always cached.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

common.nix

@@ -85,11 +85,11 @@
   # Allow unfree packages
   nixpkgs.config.allowUnfree = true;
 
-  # openldap 2.6.13's test017-syncreplication-refresh is timing-flaky and
-  # fails reliably on local builds when the binary cache hasn't yet served
-  # the upstream-built artifact. Skip its test phase. Remove this overlay
-  # once Hydra's substituter has populated openldap for the pinned nixpkgs.
-  nixpkgs.overlays = [
+  # openldap 2.6.13's test017-syncreplication-refresh is timing-flaky on
+  # unstable's freshly-bumped revisions before Hydra has cached them. The
+  # mediaserver runs on the stable channel where openldap is always cached,
+  # so don't change its hash there — that would force a local rebuild.
+  nixpkgs.overlays = lib.optionals (config.networking.hostName != "FredOS-Mediaserver") [
     (final: prev: {
       openldap = prev.openldap.overrideAttrs (_: { doCheck = false; });
     })