diff --git a/hosts/alyssum/default.nix b/hosts/alyssum/default.nix
index d471011..3eb7289 100644
--- a/hosts/alyssum/default.nix
+++ b/hosts/alyssum/default.nix
@@ -31,7 +31,6 @@
     ./filesystem.nix
     ./kernel.nix
     ./networking.nix
-    ./samba.nix
 
     ../../users/hana
   ];
diff --git a/hosts/alyssum/samba.nix b/hosts/alyssum/samba.nix
deleted file mode 100644
index 6be8e09..0000000
--- a/hosts/alyssum/samba.nix
+++ /dev/null
@@ -1,84 +0,0 @@
-{ config, ... }: {
-  networking.firewall.allowPing = true;
-
-  age.secrets.passwd_smbcilly.file = ../../secrets/passwd_smbcilly.age;
-  age.secrets.passwd_smbkujira.file = ../../secrets/passwd_smbkujira.age;
-
-  users.users.cilly = {
-    hashedPasswordFile = config.age.secrets.passwd.path;
-    isNormalUser = true;
-  };
-  users.users.kujira = {
-    hashedPasswordFile = config.age.secrets.passwd.path;
-    isNormalUser = true;
-  };
-  system.activationScripts = {
-    init_smbpasswd.text = ''
-      /run/current-system/sw/bin/printf "$(/run/current-system/sw/bin/cat ${config.age.secrets.passwd_smbcilly.path})\n$(/run/current-system/sw/bin/cat ${config.age.secrets.passwd_smbcilly.path})\n" | /run/current-system/sw/bin/smbpasswd -sa cilly
-
-      /run/current-system/sw/bin/printf "$(/run/current-system/sw/bin/cat ${config.age.secrets.passwd_smbkujira.path})\n$(/run/current-system/sw/bin/cat ${config.age.secrets.passwd_smbkujira.path})\n" | /run/current-system/sw/bin/smbpasswd -sa kujira
-    '';
-  };
-
-  services.samba = {
-    enable = true;
-    openFirewall = true;
-    settings = {
-      global = {
-        "workgroup" = "WORKGROUP";
-        "server string" = "smbnix";
-        "netbios name" = "smbnix";
-        "security" = "user";
-        "hosts allow" = "100.67.2.1 127.0.0.1 localhost";
-        "hosts deny" = "0.0.0.0/0";
-        "guest account" = "nobody";
-        "map to guest" = "bad user";
-      };
-      "public" = {
-        "path" = "/flower/smb/public";
-        "browseable" = "yes";
-        "read only" = "no";
-        "guest ok" = "yes";
-        "create mask" = "0644";
-        "directory mask" = "0755";
-        "force user" = "hana";
-        "force group" = "users";
-      };
-      "cilly" = {
-        "path" = "/flower/smb/cilly";
-        "browseable" = "yes";
-        "read only" = "no";
-        "guest ok" = "no";
-        "create mask" = "0644";
-        "directory mask" = "0755";
-        "force user" = "cilly";
-        "force group" = "users";
-        "valid users" = "cilly";
-      };
-      "kujira" = {
-        "path" = "/flower/smb/kujira";
-        "browseable" = "yes";
-        "read only" = "no";
-        "guest ok" = "no";
-        "create mask" = "0644";
-        "directory mask" = "0755";
-        "force user" = "kujira";
-        "force group" = "users";
-        "valid users" = "kujira";
-      };
-    };
-  };
-
-  services.samba-wsdd = {
-    enable = true;
-    openFirewall = true;
-  };
-
-  services.avahi = {
-    enable = true;
-    openFirewall = true;
-    nssmdns4 = true;
-    publish.enable = true;
-    publish.userServices = true;
-  };
-}
diff --git a/secrets.nix b/secrets.nix
index ec20648..d2dbc82 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -8,8 +8,6 @@ let
   rin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPru5eTBvHJ4ZmrrzPRHCGM09wQP/ZHSaKYalDuBVO15";
 in {
   "secrets/passwd.age".publicKeys = [ anemone blossom rin ];
-  "secrets/passwd_smbcilly.age".publicKeys = [ alyssum rin ];
-  "secrets/passwd_smbkujira.age".publicKeys = [ alyssum rin ];
   "secrets/wpa_conf.age".publicKeys = [ alyssum blossom rin ];
 
   "secrets/acme_dns.age".publicKeys = [ alyssum dandelion hazel rin ];
diff --git a/secrets/passwd_smbcilly.age b/secrets/passwd_smbcilly.age
deleted file mode 100644
index 41ad172..0000000
--- a/secrets/passwd_smbcilly.age
+++ /dev/null
@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 kOMSPw CQaXT9/nw3NGD2/H/ctSQGXIoacgjfKQ24wkpEieLSQ
-i4xEXgWGQ7xgQyaDQQIeDuiCLjA6Le23qSnv8C1cbcI
--> ssh-ed25519 U9FXlg GL4dCSCku/FA6ipb9XI1AxO4lhm2r/1lRAeqaGrB32o
-+pPgqwnoPi3wJLobTimVMj0rng+XRapRG6jTYFXSsDM
---- eVgn3ON19pqq+L832bqlbkHUQXdaTI+LfSL4bYfEdew
-Æ*Œl\ÈWç!J7E/´»îò"f@%\ìüÏ[¨òj8fÓ¶›ž
\ No newline at end of file
diff --git a/secrets/passwd_smbkujira.age b/secrets/passwd_smbkujira.age
deleted file mode 100644
index 71b6bb8..0000000
--- a/secrets/passwd_smbkujira.age
+++ /dev/null
@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 kOMSPw Kn+LPMoyOrVwI/nrGgnxgVA3D+tVY9Tccg/Yx/jL+E8
-IfWiSBh7KgNvgcHlcDzfdcB9nxm1zy12Ae7AGm39fdE
--> ssh-ed25519 U9FXlg 6eIIGEIYDo02FBsgBnwbuOeR8t4xB6jSmLfIL73UCDg
-QOc0ddunQQcVEVD20DKKpn3wZWUSveFJSUTBnv+xnNk
---- MjN2i0FNzbUpBGUDNgWGXrRsYl2gtsQX+JlzZV/fYdw
-TÎ <ç‘R#d�ĆÌŽlLkáN¦½º8´cÃ_N¬)±ŠT
\ No newline at end of file