diff --git a/flake.lock b/flake.lock
index d9edbf2..9d84693 100644
--- a/flake.lock
+++ b/flake.lock
@@ -7,11 +7,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1758719930,
-        "narHash": "sha256-DgHe1026Ob49CPegPMiWj1HNtlMTGQzfSZQQVlHC950=",
+        "lastModified": 1755810213,
+        "narHash": "sha256-QdenO8f0PTg+tC6HuSvngKcbRZA5oZKmjUT+MXKOLQg=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "142acd7a7d9eb7f0bb647f053b4ddfd01fdfbf1d",
+        "rev": "6911d3e7f475f7b3558b4f5a6aba90fa86099baa",
         "type": "github"
       },
       "original": {
@@ -22,11 +22,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1758427187,
-        "narHash": "sha256-pHpxZ/IyCwoTQPtFIAG2QaxuSm8jWzrzBGjwQZIttJc=",
+        "lastModified": 1755615617,
+        "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "554be6495561ff07b6c724047bdd7e0716aa7b46",
+        "rev": "20075955deac2583bb12f07151c2df830ef346b4",
         "type": "github"
       },
       "original": {
diff --git a/hosts/default/configuration.nix b/hosts/default/configuration.nix
index 0686e82..28d673f 100644
--- a/hosts/default/configuration.nix
+++ b/hosts/default/configuration.nix
@@ -214,9 +214,8 @@ in
     logReversePathDrops = true;
     checkReversePath = "loose";
     extraCommands = ''
-      # Enable connections to openweb-ui for VPN users:
+      # Enable connections to Ollama for VPN users:
       iptables -t filter -I INPUT --protocol TCP --source 10.40.4.0/24 --destination 10.40.4.2 --dport 8080 -j ACCEPT
-      # Enable connections to ollama from the openweb-ui instance:
       iptables -t filter -I INPUT --protocol TCP --source 10.40.4.2/32 --destination 10.40.4.2 --dport 11434 -j ACCEPT
     '';
     # wireguard trips rpfilter up
@@ -235,11 +234,9 @@ in
   # List packages installed in system profile. To search, run:
   # $ nix search wget
   environment.systemPackages = with pkgs; [
-    ansible # automation/software-defined-configuration tool
     binutils # gnu bin utils
     # conda # python environment management
     uv # alternative for python env management...
-    lazydocker # docker[/compose] tui
     sqlite-interactive # sqlite cli
     duckdb # wanted mostly as cli for SQL on csv files
     neovim # next gen vim w/lua
@@ -307,7 +304,6 @@ in
     corectrl # provide hardware clock controls for AMDGPU
     gimp # GIMP image manipulation proggy
     zed-editor # the most hopeful replacement for vscode...if I never learn nvim
-    noisetorch # noise/background filter for mic
   ];
   programs.zsh.enable = true;
   programs.git = {
@@ -402,43 +398,9 @@ in
   services.ollama = {
     enable = true;
     acceleration = "rocm";
-    environmentVariables = {
-      HCC_AMDGPU_TARGET = "gfx1031"; # used to be necessary, but doesn't seem to anymore
-      OLLAMA_LOAD_TIMEOUT = "2"; # Reduce load timeout (from 5 min)...if it's that big, forget it.
-      # OK, so origins is more about setting up CORS than firewalling things. (and requires e.g. http[s]://IP|Host/* etc)
-      #OLLAMA_ORIGINS = "10.40.4.2"; # Only accept connections from locally.
-
-      # Default/mapped from config ENV vars:
-      #CUDA_VISIBLE_DEVICES: 
-      #GPU_DEVICE_ORDINAL: 
-      #HIP_VISIBLE_DEVICES: 
-      #HSA_OVERRIDE_GFX_VERSION:10.3.0 
-      #HTTPS_PROXY: 
-      #HTTP_PROXY: 
-      #NO_PROXY: 
-      #OLLAMA_CONTEXT_LENGTH:4096 
-      #OLLAMA_DEBUG:INFO 
-      #OLLAMA_FLASH_ATTENTION:false 
-      #OLLAMA_GPU_OVERHEAD:0 
-      #OLLAMA_HOST:http://10.40.4.2:11434 
-      #OLLAMA_INTEL_GPU:false 
-      #OLLAMA_KEEP_ALIVE:5m0s 
-      #OLLAMA_KV_CACHE_TYPE: 
-      #OLLAMA_LLM_LIBRARY: 
-      #OLLAMA_LOAD_TIMEOUT:2s 
-      #OLLAMA_MAX_LOADED_MODELS:0 
-      #OLLAMA_MAX_QUEUE:512 
-      #OLLAMA_MODELS:/var/lib/ollama/models 
-      #OLLAMA_MULTIUSER_CACHE:false 
-      #OLLAMA_NEW_ENGINE:false 
-      #OLLAMA_NEW_ESTIMATES:false 
-      #OLLAMA_NOHISTORY:false 
-      #OLLAMA_NOPRUNE:false 
-      #OLLAMA_NUM_PARALLEL:1 
-      #OLLAMA_ORIGINS:[http://localhost https://localhost http://localhost:* https://localhost:* http://127.0.0.1 https://127.0.0.1 http://127.0.0.1:* https://127.0.0.1:* http://0.0.0.0 https://0.0.0.0 http://0.0.0.0 https://0.0.0.0 http://0.0.0.0:* https://0.0.0.0:* app://* file://* tauri://* vscode-webview://* vscode-file://*] 
-      #OLLAMA_SCHED_SPREAD:false 
-      #ROCR_VISIBLE_DEVICES: http_proxy: https_proxy: no_proxy:
-    };
+    #environmentVariables = {
+    #  HCC_AMDGPU_TARGET = "gfx1031"; # used to be necessary, but doesn't seem to anymore
+    #};
     host = "10.40.4.2"; # See also ip46tables update in firewall extracommands
     rocmOverrideGfx = "10.3.0";
   };
@@ -452,7 +414,6 @@ in
     docker.enable = true;
     podman.enable = false;
     docker.storageDriver = "btrfs"; # Only when using BTRFS! (wolcen approved!)
-    #docker.logDriver = "local"; # Default journald
     oci-containers = {
       backend = "docker";
       containers = {