diff --git a/home/apps.nix b/home/apps.nix
index 4029147..3aea90b 100644
--- a/home/apps.nix
+++ b/home/apps.nix
@@ -35,6 +35,8 @@
     pkgs.spotify # Proprietary
 
     # Documents
+    pkgs.kdePackages.kimageformats
+    pkgs.kdePackages.kdegraphics-thumbnailers
 
     # emily suggested I try these (albiet via their web thing), so keeping them commented
     #pkgs.typst # TeX alternative
@@ -50,6 +52,7 @@
     #pkgs.zed-editor
 
     pkgs.obsidian
+    pkgs.anki
     pkgs.quickemu
   ];
 
diff --git a/nixos/smb-usernames.map b/nixos/smb-usernames.map
new file mode 100644
index 0000000..b2239fe
--- /dev/null
+++ b/nixos/smb-usernames.map
@@ -0,0 +1 @@
+evar = microsoft@evar.dev
\ No newline at end of file
diff --git a/nixos/vm.nix b/nixos/vm.nix
index f4b0cd4..044bdfb 100644
--- a/nixos/vm.nix
+++ b/nixos/vm.nix
@@ -105,13 +105,8 @@ in {
       useDHCP = false;
       ipv4 = { 
         addresses = [
-          { address = "10.0.5.1"; prefixLength = 24; }
+          { address = "10.0.5.1"; prefixLength = 32; }
         ];
-        routes = [{ 
-          address = "10.0.5.1"; 
-          prefixLength = 24;
-          options = { scope = "link"; metric = "900"; }; 
-        }];
       };
     };
 
@@ -201,6 +196,9 @@ in {
 
     # Samba share. Primarily intended to be used via the
     # bridged network adapter for speed
+    #
+    # TODO: https://www.samba.org/samba/docs/current/man-html/vfs_btrfs.8.html
+    # to take advantage of btrfs stuff
     services.samba = {
       enable = true;
       openFirewall = true;
@@ -211,6 +209,8 @@ in {
           "netbios name" = "Atreus";
           "security" = "user";
 
+          "username map" = "${./smb-usernames.map}";
+
           # don't show shares to people who aren't valid to see them
           "access based share enum" = "yes";
 
@@ -226,17 +226,44 @@ in {
           # "hosts deny" = "0.0.0.0/0";
           "guest account" = "nobody";
           "map to guest" = "bad user";
+
+          # Stuff for MacOS
+          # see https://wiki.samba.org/index.php/Configure_Samba_to_Work_Better_with_Mac_OS_X
+          # for additional settings - see manpage for vfs_fruit
+          "vfs objects" = "fruit streams_xattr"; # load in modules, enable APPL extensions - order is critical
+          "fruit:metadata" = "stream"; # stores osx medatadata
+          "fruit:model" = "MacSamba"; # server icon in finder
+          "fruit:veto_appledouble" = "no"; # following stuff generally cleans up files
+          "fruit:zero_file_id" = "yes";
+          "fruit:wipe_intentionally_left_blank_rfork" = "yes";
+          "fruit:delete_empty_adfiles" = "yes";
+          "fruit:posix_rename" = "yes";
+          "fruit:nfs_aces" = "no"; # prevents macOS clients from motifying the UNIX mode of directories that use NFS ACEs
+        };
+
+        "TimeMachineBackup" = {
+          "fruit:time machine" = "yes";
+          # "fruit:time machine max size" = "SIZE";
         };
 
         "Virtio Shared" = {
+          # macos spotlight indexing backend
+          # see smb.conf for other elasticsearch params
+          "spotlight backend" = "elasticsearch";
+
           "path" = "/home/evar/Virtio Shared";
           "comment" = "Virtio shared directory";
 
           "valid users" = "evar";
+          "force user" = "evar";
 
           # POSIX ACE entry maps to Full Control ACL in windows
           "acl map full control" = "yes";
 
+          # allow users with write access to also change perms
+          "dos filemode" = "yes";
+
+          # files created by a samba client have posix ace
           "force create mode" = 0777;
 
           "read only" = "no";