diff --git a/bin/pdm-build b/bin/pdm-build
index d9a6539..cc11720 100755
--- a/bin/pdm-build
+++ b/bin/pdm-build
@@ -67,17 +67,25 @@ fi
 echo "Building image ..."
 podman build -f Containerfile -t tmp $buildopts || quit $?
 
-# start container
-echo "Creating container ..."
-podman create --name tmp-$epoch tmp || quit $?
-podman start tmp-$epoch || quit $?
 # Systemdfile is for commands that need systemd to execute
-echo "Running build steps that require systemd ..."
-podman exec tmp-$epoch bash -c "if [ -f /root/Systemdfile ]; then /root/Systemdfile; fi" || quit $?
+if [[ -f Systemdfile ]]; then
+        echo "Running build steps that require systemd ..."
+        echo "Creating container ..."
+        podman create --name tmp-$epoch tmp || quit $?
+        podman start tmp-$epoch || quit $?
+        echo "Copying script to container ..."
+        podman cp Systemdfile tmp-$epoch:/root/
+        echo "Running script ..."
+        podman exec tmp-$epoch bash -c "chmod +x /root/Systemdfile && /root/Systemdfile" || quit $?
+        echo "Committing container to image ..."
+        podman commit tmp-$epoch $name:$today || quit $?
+else
+        echo "Systemdfile not found, skipping container creation ..."
+        # tag image we already built with appropriate tag, and untag with tmp
+        podman tag tmp:latest $name:$today
+        podman rmi tmp:latest
+fi
 
-# commit finalized container state to image
-echo "Committing container to image ..."
-podman commit tmp-$epoch $name:$today || quit $?
 # tag with latest tag
 podman tag $name:$today $name:$FLAGS_tag
 echo "Done!"
diff --git a/install.sh b/install.sh
index e69de29..bfe5bd5 100644
--- a/install.sh
+++ b/install.sh
@@ -0,0 +1,13 @@
+#1/bin/bash
+
+# todo: actually install podman
+
+# copy bin files to /usr/local/bin
+rsync -vaSH bin/ /usr/local/bin/
+
+# copy shflags to /usr/local/bin as well
+rsync -vaSH lib/shflags /usr/local/bin/
+
+# install systemd startup service
+rsync -vaSH lib/containers-startup.service /etc/systemd/system/
+systemctl enable containers-startup.service
diff --git a/lib/containers-startup.service b/lib/containers-startup.service
new file mode 100644
index 0000000..f129fc7
--- /dev/null
+++ b/lib/containers-startup.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Containers startup script
+Wants=network.target
+After=network-online.target
+
+[Service]
+ExecStart=/etc/containers/startup.sh
+Type=forking
+
+[Install]
+WantedBy=default.target
diff --git a/bin/shflags b/lib/shflags
similarity index 100%
rename from bin/shflags
rename to lib/shflags
diff --git a/src/gitea/Containerfile b/src/gitea/Containerfile
index 9eed7e4..b52e28b 100644
--- a/src/gitea/Containerfile
+++ b/src/gitea/Containerfile
@@ -79,12 +79,6 @@ COPY resources/gitea.service /etc/systemd/system/
 COPY resources/crontab /root/
 RUN crontab -u gitea /root/crontab
 
-###
-### Systemdfile
-###
-COPY Systemdfile /root/
-RUN chmod +x /root/Systemdfile
-
 ###
 ### Bugfix
 ###
diff --git a/src/gitea/resources/app.ini.esh b/src/gitea/resources/app.ini.esh
index a9f22ce..0a731cb 100644
--- a/src/gitea/resources/app.ini.esh
+++ b/src/gitea/resources/app.ini.esh
@@ -57,7 +57,7 @@ DISABLE_GRAVATAR        = true
 ENABLE_FEDERATED_AVATAR = false
 
 [openid]
-ENABLE_OPENID_SIGNIN = true
+ENABLE_OPENID_SIGNIN = false
 ENABLE_OPENID_SIGNUP = false
 
 [session]
diff --git a/src/nextcloud/Containerfile b/src/nextcloud/Containerfile
index 4085abd..04148bd 100644
--- a/src/nextcloud/Containerfile
+++ b/src/nextcloud/Containerfile
@@ -106,12 +106,6 @@ COPY resources/crontab /root/
 # crontab for www-data
 RUN crontab -u www-data /root/crontab
 
-###
-### Systemdfile
-###
-COPY Systemdfile /root/
-RUN chmod +x /root/Systemdfile
-
 ###
 ### Bugfix
 ###
diff --git a/src/samba/Containerfile b/src/samba/Containerfile
new file mode 100644
index 0000000..ebbb848
--- /dev/null
+++ b/src/samba/Containerfile
@@ -0,0 +1,52 @@
+###
+### Build Variables
+###
+FROM localhost/debian:latest
+
+# deploy options
+# -p (port) and -v (volume) both go host:container
+LABEL deployopts="\
+-p 9045:445 \
+-v /tank/files/db/samba:/vol/db \
+-v /tank/files/media:/vol/media \
+-v /tank/files/user:/vol/user"
+# make sure mount directories exist
+RUN mkdir -p /vol/db /vol/media /vol/user
+
+# uid that the files owner user should have
+ARG FILESUID=5000
+
+###
+### General Setup
+###
+
+# install packages we want
+RUN apt update -y && apt install -y samba
+
+# create gitea user with file owner UID
+RUN addgroup --gid $FILESUID files && \
+    adduser files --ingroup files --uid $FILESUID --disabled-password --gecos "Files Owner" --shell /usr/sbin/nologin --no-create-home
+
+RUN chown -R files:files /vol
+
+# copy our custom scripts
+COPY resources/bin/ /usr/local/bin/
+
+RUN ls -A /home
+
+# replace home with symlink
+RUN cd / && rmdir home && ln -s /vol/user home
+
+###
+### NMBD
+###
+
+# disable NMBD
+RUN systemctl disable nmbd
+
+###
+### SMBD
+###
+
+# copy samba config
+COPY resources/smb.conf /etc/samba/smb.conf
diff --git a/src/samba/resources/bin/db-dump b/src/samba/resources/bin/db-dump
new file mode 100755
index 0000000..ac303c2
--- /dev/null
+++ b/src/samba/resources/bin/db-dump
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+pdbedit -L -w > $1
+chown files:files $1
diff --git a/src/samba/resources/bin/db-load b/src/samba/resources/bin/db-load
new file mode 100755
index 0000000..06c4148
--- /dev/null
+++ b/src/samba/resources/bin/db-load
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+while read line; do
+        user=$(echo "$line" | cut -d':' -f1)
+        # only create user if doesn't exist
+        if [[ -z $(getent passwd $user) ]]; then
+                adduser "$user" --disabled-password --gecos "" --no-create-home --shell /usr/sbin/nologin
+                usermod -a -G sambashare "$user"
+        fi
+done < $1
+
+# import passwords file
+pdbedit -i smbpasswd:$1
diff --git a/src/samba/resources/bin/smbadduser b/src/samba/resources/bin/smbadduser
new file mode 100755
index 0000000..7a996af
--- /dev/null
+++ b/src/samba/resources/bin/smbadduser
@@ -0,0 +1,6 @@
+#!/bin/sh
+if [[ -z $(getent passwd "$1") ]]; then
+        adduser "$1" --disabled-password --gecos "" --no-create-home --shell /usr/sbin/nologin
+        usermod -a -G sambashare "$1"
+fi
+smbpasswd -a "$1"
diff --git a/src/samba/resources/smb.conf b/src/samba/resources/smb.conf
new file mode 100644
index 0000000..a4909ad
--- /dev/null
+++ b/src/samba/resources/smb.conf
@@ -0,0 +1,51 @@
+#======================= Global Settings =======================
+[global]
+### General ###
+server string = medusa
+server role = standalone server
+disable netbios = yes
+smb ports = 445
+
+#### Logging ####
+log file = /var/log/samba/smb.log
+max log size = 1000
+
+####### Authentication #######
+passdb backend = tdbsam
+map to guest = bad user
+
+### Permissions ##
+# The following settings configure all shares to use the filesrv user on the backend
+force user = files
+force group = files
+create mask = 0644
+directory mask = 0755
+force create mode = 0644
+force directory mode = 0755
+unix extensions = yes
+map archive = no
+map system = no
+map hidden = no
+
+### Printing ###
+# Disable all printing
+load printers = no
+printing = bsd
+printcap name = /dev/null
+disable spoolss = yes
+
+#======================= Share Definitions =======================
+[media]
+comment = Shared media files
+path = /vol/media
+browsable = yes
+guest ok = yes
+read only = yes
+write list = @sambashare
+
+[homes]
+comment = User homes
+browsable = no
+guest ok = no
+read only = no
+valid users = %S