diff --git a/nixos/common/users/sajenim/samba/default.nix b/nixos/common/users/sajenim/samba/default.nix
index f02461d..1b554d9 100644
--- a/nixos/common/users/sajenim/samba/default.nix
+++ b/nixos/common/users/sajenim/samba/default.nix
@@ -1,14 +1,18 @@
-{ config, ... }:
+{ pkgs, config, ... }:
 
 {
   age.secrets.smb-secrets = {
     rekeyFile = ./smb-secrets.age;
   };
 
+  # For mount.cifs, required unless domain name resolution is not needed.
+  environment.systemPackages = [ pkgs.cifs-utils ];
+
   fileSystems."/home/sajenim/.backup" = {
-    device = "//192.168.1.102/sajenim";
+    device = "//192.168.20.4/sajenim";
     fsType = "cifs";
     options = let
+      # this line prevents hanging on network split
       automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
 
       in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"];
diff --git a/nixos/common/users/sajenim/samba/smb-secrets.age b/nixos/common/users/sajenim/samba/smb-secrets.age
index f9ae86a..549f514 100644
--- a/nixos/common/users/sajenim/samba/smb-secrets.age
+++ b/nixos/common/users/sajenim/samba/smb-secrets.age
@@ -1,7 +1,7 @@
 age-encryption.org/v1
--> piv-p256 hdSnGw AuXEhgAyxDSAP0HbRE1g0HOaEp9x76AD+681RMOReayb
-0fpWaqClsG3wrak0hnU+nB6Dpmdv11CgCl81P5CuwcQ
--> q]sfNw0}-grease {sq
-V6m76C8Jvng8SPHoPvyocYo
---- SaJq9U29eLJm6aM9OfiMlINa9rhZ1wy0ZtYU/U1D6BM
-y
Y��_;2&C5>�jF�jl^i��p��=�h@(.�0�A�]�Zd�,�!Im�6����˾=��a
f
\ No newline at end of file
+-> piv-p256 hdSnGw A6SOTJ6Ak8MPRXl4DdNVX/RGn4DztXFsvLRTEL5lzpta
+/hIBzwMLsahaAJMLMKt616Kj8xtNlH/CXc0O+Z++7fA
+-> #$R.$IT-grease 8.YJD9ko W_{@`a? b ]CR=z$I
+IZxSo1rx5e9HQFKq6fkswSjLkE2jpiCOVNAh9HqKa4WXc8GIgEOFAV8ULnIeP2I
+--- V8lROz32xt5D85UxUSkh3FMAm25cGIuA+Un0TTL6v90
+Y�� �^��{�t�I�vmq�4��n֢��t�9U`�#�Ƨ��w�8�d�����[�z���a2�9P5�Ӷ`Ei�,5��b�PNޒ����Y���'���
\ No newline at end of file
diff --git a/nixos/viridian/configuration.nix b/nixos/viridian/configuration.nix
index 02ca7a9..b30eedc 100644
--- a/nixos/viridian/configuration.nix
+++ b/nixos/viridian/configuration.nix
@@ -31,6 +31,7 @@
     networkmanager.enable = true;
     firewall = {
       enable = true;
+      allowPing = true;
       allowedTCPPorts = [
         53    # adguardhome (DNS)
         80    # traefik     (HTTP)
diff --git a/nixos/viridian/services/samba.nix b/nixos/viridian/services/samba.nix
index b0b3db9..0486522 100644
--- a/nixos/viridian/services/samba.nix
+++ b/nixos/viridian/services/samba.nix
@@ -13,7 +13,7 @@
       #use sendfile = yes
       #max protocol = smb2
       # note: localhost is the ipv6 localhost ::1
-      hosts allow = 192.168.1.101 192.168.1.108 127.0.0.1 localhost
+      hosts allow = 192.168.20.5 127.0.0.1 localhost
       hosts deny = 0.0.0.0/0
       guest account = nobody
       map to guest = bad user
@@ -47,6 +47,5 @@
     openFirewall = true;
   };
 
-  networking.firewall.enable = true;
-  networking.firewall.allowPing = true;
+  environment.persistence."/persist".directories = [ "/var/lib/samba" ];
 }