diff --git a/makefu/1systems/wbob.nix b/makefu/1systems/wbob.nix
index 45b935af0..e8e0b091f 100644
--- a/makefu/1systems/wbob.nix
+++ b/makefu/1systems/wbob.nix
@@ -1,5 +1,7 @@
 { config, pkgs, ... }:
-{
+let rootdisk = "/dev/disk/by-id/ata-TS256GMTS800_C613840115";
+in {
+
   makefu.awesome = {
     modkey = "Mod1";
     #TODO: integrate kiosk config into full config by templating the autostart
@@ -9,19 +11,19 @@
     [ # Include the results of the hardware scan.
       ../.
       ../2configs/main-laptop.nix
+      ../2configs/virtualization.nix
+      ../2configs/tinc/retiolum.nix
     ];
   krebs = {
       enable = true;
-      retiolum.enable = true;
       build.host = config.krebs.hosts.wbob;
   };
   networking.firewall.allowedUDPPorts = [ 1655 ];
-  networking.firewall.allowedTCPPorts = [ 1655 ];
+  networking.firewall.allowedTCPPorts = [ 1655 49152 ];
   services.tinc.networks.siem = {
     name = "display";
     extraConfig = ''
       ConnectTo = sjump
-      Port = 1655
     '';
   };
 
@@ -35,12 +37,12 @@
 
 
   # nuc hardware
-  boot.loader.grub.device = "/dev/sda";
+  boot.loader.grub.device = rootdisk;
   hardware.cpu.intel.updateMicrocode = true;
   boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
   boot.kernelModules = [ "kvm-intel" ];
   fileSystems."/" = {
-      device = "/dev/sda1";
+      device = rootdisk + "-part1";
       fsType = "ext4";
   };
 
diff --git a/makefu/2configs/temp/share-samba.nix b/makefu/2configs/temp/share-samba.nix
new file mode 100644
index 000000000..c021e66c6
--- /dev/null
+++ b/makefu/2configs/temp/share-samba.nix
@@ -0,0 +1,36 @@
+{config, ... }:{
+  users.users.smbguest = {
+    name = "smbguest";
+    uid = config.ids.uids.smbguest;
+    description = "smb guest user";
+    home = "/var/empty";
+  };
+
+  networking.firewall.allowedTCPPorts = [
+    139 445 # samba
+  ];
+
+  networking.firewall.allowedUDPPorts = [
+    137 138
+  ];
+  services.samba = {
+    enable = true;
+    shares = {
+      share-home = {
+        path = "/home/share/";
+        "read only" = "no";
+        browseable = "yes";
+        "guest ok" = "yes";
+      };
+    };
+    extraConfig = ''
+      guest account = smbguest
+      map to guest = bad user
+      # disable printing
+      load printers = no
+      printing = bsd
+      printcap name = /dev/null
+      disable spoolss = yes
+    '';
+  };
+}