3 changed files with 32 additions and 41 deletions
--- a/flake.lock
+++ b/flake.lock
@ -7,11 +7,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1748737919,
+        "lastModified": 1746413188,
-        "narHash": "sha256-5kvBbLYdp+n7Ftanjcs6Nv+UO6sBhelp6MIGJ9nWmjQ=",
+        "narHash": "sha256-i6BoiQP0PasExESQHszC0reQHfO6D4aI2GzOwZMOI20=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "5675a9686851d9626560052a032c4e14e533c1fa",
+        "rev": "8a318641ac13d3bc0a53651feaee9560f9b2d89a",
        "type": "github"
      },
      "original": {
@ -22,11 +22,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1748460289,
+        "lastModified": 1746328495,
-        "narHash": "sha256-7doLyJBzCllvqX4gszYtmZUToxKvMUrg45EUWaUYmBg=",
+        "narHash": "sha256-uKCfuDs7ZM3QpCE/jnfubTg459CnKnJG/LwqEVEdEiw=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "96ec055edbe5ee227f28cdbc3f1ddf1df5965102",
+        "rev": "979daf34c8cacebcd917d540070b52a3c2b9b16e",
        "type": "github"
      },
      "original": {
--- a/hosts/default/configuration.nix
+++ b/hosts/default/configuration.nix
@ -55,7 +55,7 @@
  # Temporarily pin to 6.12 to fix llvm/rocm build
  # https://github.com/NixOS/nixpkgs/issues/368672#issuecomment-2608697421
  # boot.kernelPackages = pkgs.linuxPackages_6_12;
-  # boot.kernelPackages = pkgs.linuxPackages_zen;
+  boot.kernelPackages = pkgs.linuxPackages_zen;
  # nct6775 - for monitoring functions on ASUS ROG STRIX B550-F GAMING WIFI II
  # kvm-amd - AMD virtualization support
  boot.kernelModules = [ "kvm-amd" "nct6775" ];
@ -195,11 +195,6 @@
    # if packets are still dropped, they will show up in dmesg
    logReversePathDrops = true;
    checkReversePath = "loose";
    extraCommands = ''
      # Enable connections to Ollama for VPN users:
      iptables -t filter -I INPUT --protocol TCP --source 10.40.4.2/32 --destination 10.40.4.2 --dport 11434 -j ACCEPT
      iptables -t filter -I INPUT --protocol TCP --source 10.0.7.0/24 --destination 10.40.4.2 --dport 11434 -j ACCEPT
    '';
    # wireguard trips rpfilter up
    #extraCommands = ''
    #  ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN
@ -262,7 +257,7 @@
    pigz # muti-treaded replacement for gzip
    unzip # old standard zip handler
    rpi-imager # rasbperry pi os burner util
-    # screenkey # broadcast key presses
+    screenkey # broadcast key presses 
    superfile # cli file manager
    mpv # movie player
    #obs-studio # open broadcast studio
@ -346,7 +341,7 @@
  services.openssh.settings.LogLevel = "VERBOSE"; # required for fail2ban to work properly
  services.fail2ban.enable = true; # by default, the SSH jail enabled
  # Enable mobile shell (for roaming, intermittent connectivity, etc)
-  # programs.mosh.enable = true;
+  programs.mosh.enable = true;
  # Enable remote desktop access via rustdesk
  #services.rustdesk-server.enable = false;
  #services.rustdesk-server.openFirewall = false;
@ -380,7 +375,6 @@
    #environmentVariables = {
    #  HCC_AMDGPU_TARGET = "gfx1031"; # used to be necessary, but doesn't seem to anymore
    #};
    host = "10.40.4.2"; # See also ip46tables update in firewall extracommands
    rocmOverrideGfx = "10.3.0";
  };
  system.activationScripts = {
@ -401,8 +395,8 @@
            environment = {
              "TZ" = "America/New York";
-              "OLLAMA_API_BASE_URL" = "http://10.40.4.2:11434/api";
+              "OLLAMA_API_BASE_URL" = "http://127.0.0.1:11434/api";
-              "OLLAMA_BASE_URL" = "http://10.40.4.2:11434";
+              "OLLAMA_BASE_URL" = "http://127.0.0.1:11434";
              "WEBUI_URL" = "http://127.0.0.1:8080/";
            };
--- a/hosts/default/main-user.nix
+++ b/hosts/default/main-user.nix
@ -28,38 +28,35 @@ in
      packages = with pkgs; [
        #kdePackages.kate # ... why did I add this?
        mkcert
        prismlauncher # minecraft launcher/manager
        thunderbird # email client
        keepassxc # passwords!
        macchina # like *fetch - display basics
        z-lua # jump around directories (be careful with same-named ones!)
        logseq # logs in sequence note keeping
        signal-desktop-bin # messaging
-        ddev # local docker dev awesomeness
+        ddev # local docker dev awesome
        vscodium # vs code editor, but free
        #yubikey-manager-qt # yubi key mgmgt - more needed
        yubioath-flutter # replacement manager for deprecated manager-qt
        #pavucontrol # pulse audio vol control
        # go to 2.17 when no more servers w/python issues (elizabeth)
-        # ansible_2_16 # deployment/automation - removed, use docker!
+        ansible_2_16 # deployment/automation
        #python311Full # troubleshooting ansible things.
        #python311Packages.ansible
        # php added for ansible composer build temporarily
        # switch to an ansible build environment instead.
-
+        php81
-        # compose didn't work anyway...shut it down!
+        php81Packages.composer
-        # php81
+        php81Extensions.zip
-        # php81Packages.composer
+        php81Extensions.xml
-        # php81Extensions.zip
+        php81Extensions.dom
-        # php81Extensions.xml
+        php81Extensions.bz2
-        # php81Extensions.dom
+        #php81Extensions.yaml
-        # php81Extensions.bz2
+        php81Extensions.zlib
-        # #php81Extensions.yaml
+        php81Extensions.zstd
-        # php81Extensions.zlib
+        php81Extensions.intl
-        # php81Extensions.zstd
+        php81Extensions.curl
-        # php81Extensions.intl
+        php81Extensions.posix
        # php81Extensions.curl
        # php81Extensions.posix
      ];
      shell = pkgs.zsh;
    };