diff --git a/machines/moritz-desktop/configuration.nix b/machines/moritz-desktop/configuration.nix
index af41755..d7cb2b0 100644
--- a/machines/moritz-desktop/configuration.nix
+++ b/machines/moritz-desktop/configuration.nix
@@ -7,6 +7,7 @@
     ./hardware-configuration.nix
     ./disko.nix
     ../../modules/moritz/default.nix
+    ../../modules/moritz/shared.nix
     ../../modules/shared.nix
   ];
 
diff --git a/machines/moritz-laptop/configuration.nix b/machines/moritz-laptop/configuration.nix
index 635238f..89903b2 100644
--- a/machines/moritz-laptop/configuration.nix
+++ b/machines/moritz-laptop/configuration.nix
@@ -9,6 +9,7 @@
   imports = [
     ./disko.nix
     ../../modules/moritz/default.nix
+    ../../modules/moritz/shared.nix
     ../../modules/shared.nix
   ];
 
diff --git a/machines/moritz-server/configuration.nix b/machines/moritz-server/configuration.nix
index fb7a507..b4b3136 100644
--- a/machines/moritz-server/configuration.nix
+++ b/machines/moritz-server/configuration.nix
@@ -2,6 +2,7 @@
   imports = [
     ../../modules/zfs_unencrypted.nix
     ../../modules/shared.nix
+    ../../modules/moritz/shared.nix
   ];
 
   time.timeZone = "Europe/Berlin";
diff --git a/modules/moritz/shared.nix b/modules/moritz/shared.nix
new file mode 100644
index 0000000..0a32285
--- /dev/null
+++ b/modules/moritz/shared.nix
@@ -0,0 +1,27 @@
+{
+  config,
+  clan-core,
+  ...
+}: {
+  imports = [
+    clan-core.clanModules.user-password
+    clan-core.clanModules.root-password
+    clan-core.clanModules.user-password
+  ];
+
+  # generate a random password for our user below
+  # can be read using `clan secrets get <machine-name>-user-password` command
+  clan.user-password.user = "moritz";
+
+  users.users.moritz = {
+    isNormalUser = true;
+    extraGroups = [
+      "wheel"
+      "networkmanager"
+      "video"
+      "input"
+    ];
+    uid = 1000;
+    openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
+  };
+}
diff --git a/modules/shared.nix b/modules/shared.nix
index 7ffaba8..a91f462 100644
--- a/modules/shared.nix
+++ b/modules/shared.nix
@@ -1,12 +1,6 @@
-{
-  config,
-  clan-core,
-  ...
-}: {
+{clan-core, ...}: {
   imports = [
     clan-core.clanModules.sshd
-    clan-core.clanModules.root-password
-    clan-core.clanModules.user-password
     clan-core.clanModules.state-version
     clan-core.clanModules.static-hosts
     clan-core.clanModules.machine-id
@@ -16,20 +10,4 @@
 
   # Locale service discovery and mDNS
   services.avahi.enable = true;
-
-  # generate a random password for our user below
-  # can be read using `clan secrets get <machine-name>-user-password` command
-  clan.user-password.user = "moritz";
-
-  users.users.moritz = {
-    isNormalUser = true;
-    extraGroups = [
-      "wheel"
-      "networkmanager"
-      "video"
-      "input"
-    ];
-    uid = 1000;
-    openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
-  };
 }