diff --git a/Justfile b/Justfile
index 3521e0b..414e736 100755
--- a/Justfile
+++ b/Justfile
@@ -222,7 +222,7 @@ install-config config root:
     sudo just run-with-channels nixos-install -I nixos-config={{ invocation_directory() }}/{{ config }} --root {{ root }} --no-root-passwd
 
 # Switch between gpg-card capable devices which have a copy of the same key
-switch-gpg-card:
+switch-gpg-card key-id="6EEFA706CB17E89B":
     #!/usr/bin/env bash
     #
     # Derived from https://github.com/drduh/YubiKey-Guide/issues/19.
@@ -230,7 +230,11 @@ switch-gpg-card:
     # Connect the new device and then run this script to make it known to gnupg.
     #
     set -xe
-    KEY_ID=$(gpg --card-status | rg sec | rg -o '[0-9A-Z]{16}')
+    if [[ -n "{{key-id}}" ]]; then
+        KEY_ID="{{key-id}}"
+    else
+        KEY_ID=$(gpg --card-status | rg sec | rg -o '[0-9A-Z]{16}')
+    fi
 
     # export pubkey and ownertrust
     gpg2 --output "${KEY_ID}".pubkey --export "${KEY_ID}"
diff --git a/nix/home-manager/configuration/graphical-fullblown.nix b/nix/home-manager/configuration/graphical-fullblown.nix
index d5b69c2..50bfbad 100644
--- a/nix/home-manager/configuration/graphical-fullblown.nix
+++ b/nix/home-manager/configuration/graphical-fullblown.nix
@@ -105,7 +105,7 @@ in
 
       # Password Management
       gnupg
-      # yubikey-manager
+      yubikey-manager
       yubikey-personalization
       yubikey-personalization-gui
 
@@ -244,7 +244,8 @@ in
       # libretro.snes9x2010
       # retroarchFull
 
-      pkgs.logseq-bin
+      # pkgs.logseq-bin
+      pkgs.logseq
       # (pkgs.callPackage "${repoFlake.inputs.nixpkgs-logseq}/pkgs/by-name/lo/logseq-bin/package.nix" { })
     ])
     ++ (with repoFlake.packages.${pkgs.system}; [ gimp ])
diff --git a/nix/home-manager/programs/gpg-agent.nix b/nix/home-manager/programs/gpg-agent.nix
index 41ab604..b81c150 100644
--- a/nix/home-manager/programs/gpg-agent.nix
+++ b/nix/home-manager/programs/gpg-agent.nix
@@ -1,11 +1,11 @@
-{ lib, pkgs, ... }:
+{ lib, pkgs, osConfig, ... }:
 {
   home.packages = [ pkgs.gcr ];
 
   programs.gpg.enable = true;
   services.gpg-agent = {
     enable = true;
-    enableScDaemon = true;
+    enableScDaemon = !osConfig.services.pcscd.enable;
     enableSshSupport = true;
     grabKeyboardAndMouse = true;
     pinentryPackage = lib.mkDefault pkgs.pinentry-gtk2;
diff --git a/nix/os/devices/steveej-x13s/configuration.nix b/nix/os/devices/steveej-x13s/configuration.nix
index 316dc8d..d5c9475 100644
--- a/nix/os/devices/steveej-x13s/configuration.nix
+++ b/nix/os/devices/steveej-x13s/configuration.nix
@@ -161,6 +161,11 @@
       ];
     }
 
+    {
+      # yubikey / smartcard. only set to `true` for `ykman piv` commands.
+      services.pcscd.enable = false;
+    }
+
     # TODO: create syncthing os snippet
     (
       let
diff --git a/nix/os/devices/steveej-x13s/flake.lock b/nix/os/devices/steveej-x13s/flake.lock
index b0fd80a..6b3ab4a 100644
--- a/nix/os/devices/steveej-x13s/flake.lock
+++ b/nix/os/devices/steveej-x13s/flake.lock
@@ -38,11 +38,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1741786315,
-        "narHash": "sha256-VT65AE2syHVj6v/DGB496bqBnu1PXrrzwlw07/Zpllc=",
+        "lastModified": 1743598667,
+        "narHash": "sha256-ViE7NoFWytYO2uJONTAX35eGsvTYXNHjWALeHAg8OQY=",
         "owner": "nix-community",
         "repo": "disko",
-        "rev": "0d8c6ad4a43906d14abd5c60e0ffe7b587b213de",
+        "rev": "329d3d7e8bc63dd30c39e14e6076db590a6eabe6",
         "type": "github"
       },
       "original": {
@@ -327,11 +327,11 @@
     },
     "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1742937945,
-        "narHash": "sha256-lWc+79eZRyvHp/SqMhHTMzZVhpxkRvthsP1Qx6UCq0E=",
+        "lastModified": 1743703532,
+        "narHash": "sha256-s1KLDALEeqy+ttrvqV3jx9mBZEvmthQErTVOAzbjHZs=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "d02d88f8de5b882ccdde0465d8fa2db3aa1169f7",
+        "rev": "bdb91860de2f719b57eef819b5617762f7120c70",
         "type": "github"
       },
       "original": {
@@ -343,16 +343,16 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1743251636,
-        "narHash": "sha256-ozpMykG34AT0xOYmst43eh1KTYba7QEaDzeCkPWzIP4=",
-        "owner": "steveej-forks",
+        "lastModified": 1743814133,
+        "narHash": "sha256-drDyYyUmjeYGiHmwB9eOPTQRjmrq3Yz26knwmMPLZFk=",
+        "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "2a75dc2e69a7c3e786ebe0663613a9a7ee1c108f",
+        "rev": "250b695f41e0e2f5afbf15c6b12480de1fe0001b",
         "type": "github"
       },
       "original": {
-        "owner": "steveej-forks",
-        "ref": "nixos-unstable",
+        "owner": "nixos",
+        "ref": "nixos-unstable-small",
         "repo": "nixpkgs",
         "type": "github"
       }
diff --git a/nix/os/devices/steveej-x13s/flake.nix b/nix/os/devices/steveej-x13s/flake.nix
index e82c81d..469cf92 100644
--- a/nix/os/devices/steveej-x13s/flake.nix
+++ b/nix/os/devices/steveej-x13s/flake.nix
@@ -2,7 +2,8 @@
   inputs = {
     nixpkgs.follows = "nixpkgs-unstable";
     nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.11";
-    nixpkgs-unstable.url = "github:steveej-forks/nixpkgs/nixos-unstable";
+    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
+    # nixpkgs-unstable.url = "github:steveej-forks/nixpkgs/nixos-unstable";
 
     get-flake.url = "github:ursi/get-flake";