diff --git a/machines/gerd/services/authelia/authelia.nix b/machines/gerd/services/authelia/authelia.nix
index 2ecf884..fff4ecb 100644
--- a/machines/gerd/services/authelia/authelia.nix
+++ b/machines/gerd/services/authelia/authelia.nix
@@ -1,7 +1,7 @@
 { config, ... }:
 
 let
-  svc_domain = "auth.${config.mine.settings.domain}";
+  svc_domain = "auth.${config.mine.shared.settings.domain}";
 
   autheliaStateDir = "/var/lib/authelia-main";
 in {
@@ -17,7 +17,7 @@ in {
     };
 
     settings = {
-      session.domain = config.mine.settings.domain;
+      session.domain = config.mine.shared.settings.domain;
 
       # totp - disable for now, as it requires email server
       access_control.default_policy = "one_factor";
@@ -41,19 +41,19 @@ in {
           timeout = "5s";
           start_tls = false;
 
-          base_dn = config.mine.settings.ldap.dc;
-          additional_users_dn = "ou=${config.mine.settings.ldap.ou.users}";
-          additional_groups_dn = "ou=${config.mine.settings.ldap.ou.groups}";
+          base_dn = config.mine.shared.settings.ldap.dc;
+          additional_users_dn = "ou=${config.mine.shared.settings.ldap.ou.users}";
+          additional_groups_dn = "ou=${config.mine.shared.settings.ldap.ou.groups}";
           users_filter = "(&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person))";
           groups_filter = "(member={dn})";
 
 
-          display_name_attribute = config.mine.settings.ldap.attr.firstname;
-          username_attribute = config.mine.settings.ldap.attr.uid;
-          group_name_attribute = config.mine.settings.ldap.attr.groupname;
-          mail_attribute = config.mine.settings.ldap.attr.email;
+          display_name_attribute = config.mine.shared.settings.ldap.attr.firstname;
+          username_attribute = config.mine.shared.settings.ldap.attr.uid;
+          group_name_attribute = config.mine.shared.settings.ldap.attr.groupname;
+          mail_attribute = config.mine.shared.settings.ldap.attr.email;
 
-          user = config.mine.settings.ldap.bind_dn;
+          user = config.mine.shared.settings.ldap.bind_dn;
         };
       };
     };
@@ -81,5 +81,5 @@ in {
   users.groups."${config.age.secrets.lldap-bind-user-pass.group}".members = [ config.users.users.authelia-main.name ];
 
   # settings
-  mine.settings.authelia.domain = svc_domain;
+  mine.shared.settings.authelia.domain = svc_domain;
 }
diff --git a/machines/gerd/services/forgejo/auth_sources.nix b/machines/gerd/services/forgejo/auth_sources.nix
index 231837b..380ca95 100644
--- a/machines/gerd/services/forgejo/auth_sources.nix
+++ b/machines/gerd/services/forgejo/auth_sources.nix
@@ -31,19 +31,19 @@ let
       --active \
       --security-protocol unencrypted \
       --skip-tls-verify \
-      --host ${config.mine.settings.ldap.host} \
-      --port ${builtins.toString config.mine.settings.ldap.port} \
-      --bind-dn "${config.mine.settings.ldap.bind_dn}" \
+      --host ${config.mine.shared.settings.ldap.host} \
+      --port ${builtins.toString config.mine.shared.settings.ldap.port} \
+      --bind-dn "${config.mine.shared.settings.ldap.bind_dn}" \
       --bind-password "$BIND_USERPASS" \
-      --user-filter '(&${config.mine.settings.ldap.user_filter}(|(${config.mine.settings.ldap.attr.uid}=%[1]s)(${config.mine.settings.ldap.attr.email}=%[1]s)))' \
-      --admin-filter '${config.mine.settings.ldap.admin_filter}' \
-      --username-attribute ${config.mine.settings.ldap.attr.uid} \
-      --firstname-attribute ${config.mine.settings.ldap.attr.firstname}  \
-      --surname-attribute ${config.mine.settings.ldap.attr.lastname} \
-      --email-attribute ${config.mine.settings.ldap.attr.email} \
-      --avatar-attribute ${config.mine.settings.ldap.attr.avatar} \
+      --user-filter '(&${config.mine.shared.settings.ldap.user_filter}(|(${config.mine.shared.settings.ldap.attr.uid}=%[1]s)(${config.mine.shared.settings.ldap.attr.email}=%[1]s)))' \
+      --admin-filter '${config.mine.shared.settings.ldap.admin_filter}' \
+      --username-attribute ${config.mine.shared.settings.ldap.attr.uid} \
+      --firstname-attribute ${config.mine.shared.settings.ldap.attr.firstname}  \
+      --surname-attribute ${config.mine.shared.settings.ldap.attr.lastname} \
+      --email-attribute ${config.mine.shared.settings.ldap.attr.email} \
+      --avatar-attribute ${config.mine.shared.settings.ldap.attr.avatar} \
       --synchronize-users \
-      --user-search-base '${config.mine.settings.ldap.search_base}' \
+      --user-search-base '${config.mine.shared.settings.ldap.search_base}' \
 
     echo "PRERUN-LDAP: Finished adding/updating..."
   '';
@@ -77,7 +77,7 @@ let
       --provider openidConnect \
       --key forgejo \
       --secret "$SECRET" \
-      --auto-discover-url "https://${config.mine.settings.authelia.domain}/.well-known/openid-configuration" \
+      --auto-discover-url "https://${config.mine.shared.settings.authelia.domain}/.well-known/openid-configuration" \
       --skip-local-2fa true \
       --scopes "email" \
       --scopes "profile" \
@@ -107,7 +107,7 @@ in {
 
     public = false;
     authorization_policy = "one_factor";
-    redirect_uris = [ "https://${config.mine.settings.forgejo.domain}/user/oauth2/${AUTHELIA_AUTH_NAME}/callback" ];
+    redirect_uris = [ "https://${config.mine.shared.settings.forgejo.domain}/user/oauth2/${AUTHELIA_AUTH_NAME}/callback" ];
     scopes = [
       "openid"
       "email"
diff --git a/machines/gerd/services/forgejo/forgejo.nix b/machines/gerd/services/forgejo/forgejo.nix
index 3cb78f1..1ea2383 100644
--- a/machines/gerd/services/forgejo/forgejo.nix
+++ b/machines/gerd/services/forgejo/forgejo.nix
@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  svc_domain = "git.${config.mine.settings.domain}";
+  svc_domain = "git.${config.mine.shared.settings.domain}";
 
 in {
   services.forgejo = {
@@ -49,5 +49,5 @@ in {
   };
 
   # settings
-  mine.settings.forgejo.domain = svc_domain;
+  mine.shared.settings.forgejo.domain = svc_domain;
 }
diff --git a/machines/gerd/services/fricloud-website.nix b/machines/gerd/services/fricloud-website.nix
index 2efde48..626639c 100644
--- a/machines/gerd/services/fricloud-website.nix
+++ b/machines/gerd/services/fricloud-website.nix
@@ -1,7 +1,7 @@
 { config, pkgs, ... }:
 
 let
-  svc_domain = config.mine.settings.domain;
+  svc_domain = config.mine.shared.settings.domain;
 in {
   services.nginx.virtualHosts."${svc_domain}" = {
     forceSSL = true;
diff --git a/machines/gerd/services/hedgedoc.nix b/machines/gerd/services/hedgedoc.nix
index 09a4a45..038a166 100644
--- a/machines/gerd/services/hedgedoc.nix
+++ b/machines/gerd/services/hedgedoc.nix
@@ -1,7 +1,7 @@
 { config, ... }:
 
 let
-  svc_domain = "hedgedoc.${config.mine.settings.domain}";
+  svc_domain = "hedgedoc.${config.mine.shared.settings.domain}";
 
   stateDir = config.mine.zfsMounts."rpool/safe/svcs/hedgedoc";
 in {
@@ -29,11 +29,11 @@ in {
       # setup ldap
       # https://github.com/lldap/lldap/blob/main/example_configs/hedgedoc.md
       ldap = {
-        url = config.mine.settings.ldap.url;
-        bindDn = config.mine.settings.ldap.bind_dn;
-        searchBase = config.mine.settings.ldap.search_base;
-        searchFilter = "(&${config.mine.settings.ldap.user_filter}(|(${config.mine.settings.ldap.attr.uid}={{username}})(${config.mine.settings.ldap.attr.email}={{username}})))";
-        useridField = config.mine.settings.ldap.attr.uid;
+        url = config.mine.shared.settings.ldap.url;
+        bindDn = config.mine.shared.settings.ldap.bind_dn;
+        searchBase = config.mine.shared.settings.ldap.search_base;
+        searchFilter = "(&${config.mine.shared.settings.ldap.user_filter}(|(${config.mine.shared.settings.ldap.attr.uid}={{username}})(${config.mine.shared.settings.ldap.attr.email}={{username}})))";
+        useridField = config.mine.shared.settings.ldap.attr.uid;
       };
     };
   };
diff --git a/machines/gerd/services/lldap.nix b/machines/gerd/services/lldap.nix
index cc3a458..3f203fd 100644
--- a/machines/gerd/services/lldap.nix
+++ b/machines/gerd/services/lldap.nix
@@ -1,7 +1,7 @@
 { config, ... }:
 
 let
-  svc_domain = "ldap.${config.mine.settings.domain}";
+  svc_domain = "ldap.${config.mine.shared.settings.domain}";
 in {
   services.lldap = {
     enable = true;
@@ -9,7 +9,7 @@ in {
     settings = {
       verbose = true;
       ldap_user_email = "fricloudlldap.grief462@simplelogin.com";
-      ldap_base_dn = config.mine.settings.ldap.dc;
+      ldap_base_dn = config.mine.shared.settings.ldap.dc;
     };
 
     environment = {
@@ -48,12 +48,12 @@ in {
   # The users are all located in ou=people, + the base DN, so by default user bob is at cn=bob,ou=people,dc=example,dc=com.
   # Similarly, the groups are located in ou=groups, so the group family will be at cn=family,ou=groups,dc=example,dc=com.
   # Testing group membership through memberOf is supported, so you can have a filter like: (memberOf=cn=admins,ou=groups,dc=example,dc=com).
-  mine.settings.ldap = rec {
+  mine.shared.settings.ldap = rec {
     host = "localhost";
     port = 3890;
     url = "ldap://${host}:${builtins.toString port}";
 
-    dc = "dc=${config.mine.settings.domain_sld},dc=${config.mine.settings.domain_tld}";
+    dc = "dc=${config.mine.shared.settings.domain_sld},dc=${config.mine.shared.settings.domain_tld}";
     bind_dn = "uid=${users.bind},ou=${ou.users},${dc}";
     search_base = "ou=${ou.users},${dc}";
     user_filter = "(memberof=cn=${groups.member},ou=${ou.groups},${dc})";
diff --git a/machines/gerd/services/murmur.nix b/machines/gerd/services/murmur.nix
index 21811de..33921c3 100644
--- a/machines/gerd/services/murmur.nix
+++ b/machines/gerd/services/murmur.nix
@@ -1,7 +1,7 @@
 { config, lib, ... }:
 
 let
-  svc_domain = config.mine.settings.domain;
+  svc_domain = config.mine.shared.settings.domain;
 in {
   services.murmur = let
     certLocation = config.security.acme.certs."${svc_domain}".directory;
diff --git a/machines/gerd/services/teeworlds.nix b/machines/gerd/services/teeworlds.nix
index aafcf8b..f39b94a 100644
--- a/machines/gerd/services/teeworlds.nix
+++ b/machines/gerd/services/teeworlds.nix
@@ -5,6 +5,6 @@
       enable = true;
       openPorts = true;
 
-      motd = "Welcome to ${config.mine.settings.domain}'s Teeworld server!";
+      motd = "Welcome to ${config.mine.shared.settings.domain}'s Teeworld server!";
   };
 }
diff --git a/shared/default.nix b/shared/default.nix
index bcb3334..ffbfcee 100644
--- a/shared/default.nix
+++ b/shared/default.nix
@@ -14,8 +14,8 @@ in {
   ];
 
   # TODO(eyJhb): why is the commented line a infinite recurssion
-  mine.settings.domain_tld = "dk";
-  mine.settings.domain_sld = "fricloud";
-  # mine.settings.domain = "${config.mine.settings.domain_sld}.${config.mine.settings.domain_tld}";
-  mine.settings.domain = "fricloud.dk";
+  mine.shared.settings.domain_tld = "dk";
+  mine.shared.settings.domain_sld = "fricloud";
+  # mine.shared.settings.domain = "${config.mine.shared.settings.domain_sld}.${config.mine.shared.settings.domain_tld}";
+  mine.shared.settings.domain = "fricloud.dk";
 }
diff --git a/shared/modules/default.nix b/shared/modules/default.nix
index 879c16c..8006789 100644
--- a/shared/modules/default.nix
+++ b/shared/modules/default.nix
@@ -1,6 +1,6 @@
 {
   imports = [
-    ./settings.nix
+    ./shared.nix
 
     ./zrepl.nix
     ./disko.nix
diff --git a/shared/modules/settings.nix b/shared/modules/shared.nix
similarity index 65%
rename from shared/modules/settings.nix
rename to shared/modules/shared.nix
index 3365fdc..990e77e 100644
--- a/shared/modules/settings.nix
+++ b/shared/modules/shared.nix
@@ -1,7 +1,7 @@
 { lib, ... }:
 
 {
-  options.mine.settings = lib.mkOption {
+  options.mine.shared.settings = lib.mkOption {
     type = lib.types.attrsOf lib.types.anything;
     default = {};
   };