diff --git a/home/features/cli/default.nix b/home/features/cli/default.nix
index c8c624b..0cee4d2 100644
--- a/home/features/cli/default.nix
+++ b/home/features/cli/default.nix
@@ -67,7 +67,6 @@
     comma
     coreutils
     devenv
-    fabric-ai
     fd
     gcc
     go
@@ -79,7 +78,7 @@
     llm
     lf
     nix-index
-    procs
+    nushellPlugins.skim
     progress
     ripgrep
     rocmPackages.rocm-smi
diff --git a/home/m3tam3re/m3-atlas.nix b/home/m3tam3re/m3-atlas.nix
index 0f6c41d..cfb6428 100644
--- a/home/m3tam3re/m3-atlas.nix
+++ b/home/m3tam3re/m3-atlas.nix
@@ -7,8 +7,8 @@
 
   features = {
     cli = {
-      fish.enable = true;
-      fzf.enable = true;
+      nushell.enable = true;
+      skim.enable = true;
       nitch.enable = true;
       secrets.enable = false;
       starship.enable = true;
diff --git a/home/m3tam3re/m3-kratos.nix b/home/m3tam3re/m3-kratos.nix
index 008bca2..c906d28 100644
--- a/home/m3tam3re/m3-kratos.nix
+++ b/home/m3tam3re/m3-kratos.nix
@@ -48,8 +48,8 @@ in {
       };
       features = {
         cli = {
-          fish.enable = true;
-          fzf.enable = true;
+          nushell.enable = true;
+          skim.enable = true;
           nitch.enable = true;
           secrets.enable = true;
           starship.enable = true;
diff --git a/hosts/common/extraServices/ollama.nix b/hosts/common/extraServices/ollama.nix
index 436cf5f..6552f23 100644
--- a/hosts/common/extraServices/ollama.nix
+++ b/hosts/common/extraServices/ollama.nix
@@ -12,10 +12,6 @@ in {
   config = mkIf cfg.enable {
     services.ollama = {
       enable = true;
-      package =
-        if config.services.xserver.videoDrivers == ["amdgpu"] # rocblas-6.0.2 broken
-        then pkgs.pinned.ollama
-        else pkgs.ollama;
       acceleration =
         if config.services.xserver.videoDrivers == ["amdgpu"]
         then "rocm"
diff --git a/hosts/m3-atlas/secrets.nix b/hosts/m3-atlas/secrets.nix
index d607c11..e37bac0 100644
--- a/hosts/m3-atlas/secrets.nix
+++ b/hosts/m3-atlas/secrets.nix
@@ -22,6 +22,9 @@
       searx = {
         file = ../../secrets/searx.age;
       };
+      tailscale-key = {
+        file = ../../secrets/tailscale-key.age;
+      };
       traefik = {
         file = ../../secrets/traefik.age;
         owner = "traefik";
diff --git a/hosts/m3-atlas/services/tailscale.nix b/hosts/m3-atlas/services/tailscale.nix
index c170f1d..a8ef6d0 100644
--- a/hosts/m3-atlas/services/tailscale.nix
+++ b/hosts/m3-atlas/services/tailscale.nix
@@ -1,23 +1,26 @@
-{pkgs, ...}: {
+{
+  config,
+  pkgs,
+  ...
+}: {
   services.tailscale = {
     enable = true;
     useRoutingFeatures = "both";
+    authKeyFile = config.age.secrets.tailscale-key.path;
     extraUpFlags = [
-      "--login-server https://va.m3tam3re.com"
+      "--login-server=${config.services.headscale.settings.server_url}"
       "--advertise-exit-node"
       "--accept-routes"
     ];
   };
 
-  # Persistent systemd service for network settings
-  systemd.services.configure-network-offload = {
-    description = "Configure network offload settings";
-    after = ["network.target"];
-    wantedBy = ["multi-user.target"];
-    serviceConfig = {
-      Type = "oneshot";
-      RemainAfterExit = true;
-      ExecStart = "${pkgs.ethtool}/bin/ethtool -K ens3 rx-udp-gro-forwarding on rx-gro-list off";
+  services.networkd-dispatcher = {
+    enable = true;
+    rules."50-tailscale" = {
+      onState = ["routable"];
+      script = ''
+        "${pkgs.ethtool} NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ") | -K $NETDEV rx-udp-gro-forwarding on rx-gro-list off
+      '';
     };
   };
 
@@ -37,5 +40,6 @@
   environment.systemPackages = with pkgs; [
     ethtool
     tailscale
+    networkd-dispatcher
   ];
 }
diff --git a/secrets/tailscale-key.age b/secrets/tailscale-key.age
index cd6764c..0f1b32a 100644
Binary files a/secrets/tailscale-key.age and b/secrets/tailscale-key.age differ