diff --git a/flake.nix b/flake.nix
index 057b94e..f2ecc7f 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,6 +1,6 @@
 # flake for blakes nixos config
 # define new devices in outputs
-# generation: 124 current  2025-10-08 20:35:43  25.05.20251006.20c4598  6.12.50                          *
+# generation: 125 current  2025-10-08 21:31:26  25.05.20251006.20c4598  6.12.50                          *
 {
   description = "blakes nix config";
   inputs = {
diff --git a/hosts/snowbelle/configuration.nix b/hosts/snowbelle/configuration.nix
index 5fcc6c7..26fa525 100644
--- a/hosts/snowbelle/configuration.nix
+++ b/hosts/snowbelle/configuration.nix
@@ -42,21 +42,24 @@
     };
   };
 
-  # enable users
+  # configure users & groups
   users = {
-    blake.enable = true;
-    groups.media = { gid = 700; };
+    blake.enable = true;            # main user, home manager
+    groups.media = { gid = 700; };  # user for share permissions with mediastack
+    defaultUserShell = pkgs.zsh;    # the goat
   };
 
-
-
-  # use the systemd-boot EFI boot loader.
+  # boot (systemd is going on me)
   boot.loader.systemd-boot.enable = true;   # systemd your pretty cool ya know
   boot.loader.efi.canTouchEfiVariables = true;
   boot.initrd.systemd.enable = true;  # better logging
 
   # setup hostname and networking stack
-  services.resolved.enable = true;
+  services.resolved = {
+    enable = true;
+    fallbackDns = [ "1.1.1.1" "9.9.9.9" ];
+    dnsovertls = "opportunistic";
+  };
   networking = {
     hostName = "snowbelle"; # hostname
     hostId = "3e6e7055";    # zfs wants this
@@ -70,20 +73,22 @@
 
   # define shell
   programs.zsh.enable = true;
-  users.defaultUserShell = pkgs.zsh;
+  users.
 
   # package install list
   environment.systemPackages = with pkgs; [
-    vim 
-    lf
+    git
+    age
     rsync
     wget
-    git
-    iptables
-    nettools
-    neofetch
+    curl
+    vim 
+    lf
     btop
-    age
+    neofetch
+    usbutils
+    inetutils
+    iptables
   ];
 
 
diff --git a/modules/system/tailscale.nix b/modules/system/tailscale.nix
index 16dfd2a..6701c1e 100644
--- a/modules/system/tailscale.nix
+++ b/modules/system/tailscale.nix
@@ -14,7 +14,12 @@ in
       enable = true;
       useRoutingFeatures = "both";
       authKeyFile = authkey_file;
+      extraUpFlags = [
+        "--accept-routes=false"   # true is equilivant to useRoutingFeatures = "client" (breaks shit)
+        "--accept-dns=true"       # explicitly allow resolved
+      ];
     };
+
     # declare authkey secrets
     sops.secrets = {
       "tailscale_authkey" = { 
diff --git a/users/blake/dotfiles/zsh/.zshrc b/users/blake/dotfiles/zsh/.zshrc
index c048867..79c0f0b 100644
--- a/users/blake/dotfiles/zsh/.zshrc
+++ b/users/blake/dotfiles/zsh/.zshrc
@@ -46,6 +46,7 @@ alias ds='du -hs'
 
 # shortcuts
 alias vswap='cd ~/.local/state/nvim/swap'
+alias rswap='rm ~/.local/state/nvim/swap/*'
 alias tn='lf ~/documents/holocron/notes/tech'
 alias nhc='lf ~/documents/holocron/work/nhc'
 alias diary='cd ~/documents/holocron/notes/journal/diary'