diff --git a/wlin003_GamingPC/system/samba.nix b/wlin003_GamingPC/system/samba.nix
new file mode 100644
index 0000000..5e2b752
--- /dev/null
+++ b/wlin003_GamingPC/system/samba.nix
@@ -0,0 +1,116 @@
+{ config, pkgs, ... }:
+
+
+{
+services.samba = {
+  enable = true;
+#  securityType = "user";
+  openFirewall = true;
+  settings = {
+    global = {
+      "workgroup" = "WORKGROUP";
+      "server role" = "standalone server";
+      "server string" = "wlin003";
+      "netbios name" = "wlin003";
+      "global.security" = "user";
+      "min protocol" = "smb3_11";
+      "max protocol" = "smb3_11";
+      "wide links" = "no";
+      "follow symlinks" = "no";
+
+      #### Networking ####
+      "bind interfaces only" = "yes";
+      "interfaces" = "lo eth0";      
+      # note: localhost is the ipv6 localhost ::1
+      "hosts allow" = "192.168.10.0/24 127.0.0.1 localhost";
+      "hosts deny" = "0.0.0.0/0";
+
+      ### Browsing election options ###
+      "wins support" = "no";
+      "name resolve order" = "host bcast lmhosts";
+      "multicast dns register" = "yes";
+      "dns proxy" = "yes";
+      
+      ####### Authentication #######
+      "guest account" = "zulumann";
+      "map to guest" = "bad user";
+
+      ### Tuning ###
+      "socket options" = "TCP_NODELAY IPTOS_LOWDELAY IPTOS_THROUGHPUT SO_RCVBUF=131072 SO_SNDBUF=131072";
+      "use sendfile" = "yes";
+      "getwd cache" = "yes";
+      "stat cache" = "yes";
+      "min receivefile size" = "16384";
+      "write raw"  = "yes";
+      "read raw"  = "yes";
+      "max xmit"  = "32768";
+      "deadtime"  = "15";
+      "keepalive"  = "150";
+      "sync always" = "no";
+      "large readwrite" = "yes";
+      "strict sync" = "no";
+      "strict allocate" = "yes";
+      "strict locking" = "auto";
+      "server multi channel support" = "yes";
+      "aio write size" = "1";
+      "aio read size" = "1";
+      "idmap cache time" = "604";
+
+      #### Debugging  ####
+      "log level" = "1";
+      "log file" = "/var/log/samba/log.%m";
+      "max log size" = "1000";
+      "logging" = "file";
+      "panic action" = "/usr/share/samba/panic-action %d";
+      };
+
+
+     "Share" = {
+       "path"  = "/home/zulumann/Share-SMB";
+       "browseable"  = "yes";
+       "read only" = "no";
+       "guest ok" = "yes";
+       "public" = "yes";
+       "writable" = "yes";
+       "create mask" = "0644";
+       "directory mask" = "0755";
+     };
+
+    "Private" = {
+      "path" = "/home/zulumann/Share-Priv";
+      "browseable" = "yes";
+      "read only" = "no";
+      "guest ok" = "no";
+      "create mask" = "0644";
+      "directory mask" = "0755";
+      #"force user" = "zulumann";
+      #"force group" = "zulumann";
+    };
+
+  };
+};
+
+  services.samba-wsdd = {
+    enable = true;
+    openFirewall = true;
+  };
+
+  services.avahi.extraServiceFiles = {
+    smb = ''
+      <?xml version="1.0" standalone='no'?><!--*-nxml-*-->
+      <!DOCTYPE service-group SYSTEM "avahi-service.dtd">
+      <service-group>
+        <name replace-wildcards="yes">%h - SMB/CIFS</name>
+        <service>
+          <type>_smb._tcp</type>
+          <port>445</port>
+        </service>
+      </service-group>
+      '';
+  };
+
+}
+
+# User Authentication
+# For a user called my_userto be authenticated on the samba server, you must add their password using
+# sudo smbpasswd -a my_user