diff --git a/flake.nix b/flake.nix
index 04919d3..86b419c 100755
--- a/flake.nix
+++ b/flake.nix
@@ -40,7 +40,7 @@
             ./modules/options.nix
             ./modules/base.nix
             ./modules/sops.nix
-            ./modules/ldap.nix
+            ./modules/ldap
             # ./modules/keycloak.nix replaced by portunus
             ./modules/mail.nix
             ./modules/mailman.nix
@@ -67,7 +67,7 @@
             ./hosts/quitte/configuration.nix
             ./modules/options.nix
             ./modules/base.nix
-            ./modules/ldap.nix
+            ./modules/ldap
             # ./modules/keycloak.nix replaced by portunus
             ./modules/nginx.nix
             ./modules/mail.nix
diff --git a/modules/ldap/0001-update-user-validation-regex.patch b/modules/ldap/0001-update-user-validation-regex.patch
new file mode 100644
index 0000000..6ae40f9
--- /dev/null
+++ b/modules/ldap/0001-update-user-validation-regex.patch
@@ -0,0 +1,25 @@
+From f5c68898be345fb0dca5ab7b596b9cbe674f5dfb Mon Sep 17 00:00:00 2001
+From: Rouven Seifert <rouven@rfive.de>
+Date: Tue, 4 Jul 2023 15:14:00 +0200
+Subject: [PATCH] update user validation regex
+
+---
+ internal/core/validation.go | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/internal/core/validation.go b/internal/core/validation.go
+index 3e168b5..10dfc0a 100644
+--- a/internal/core/validation.go
++++ b/internal/core/validation.go
+@@ -30,7 +30,7 @@ import (
+ )
+ 
+ //this regexp copied from useradd(8) manpage
+-const posixAccountNamePattern = `[a-z_][a-z0-9_-]*\$?`
++const posixAccountNamePattern = `[a-z_][a-z0-9._-]*\$?`
+ 
+ var (
+ 	errIsMissing      = errors.New("is missing")
+-- 
+2.41.0
+
diff --git a/modules/ldap.nix b/modules/ldap/default.nix
similarity index 86%
rename from modules/ldap.nix
rename to modules/ldap/default.nix
index 66bf2e9..d62c963 100644
--- a/modules/ldap.nix
+++ b/modules/ldap/default.nix
@@ -48,6 +48,9 @@ in
 
   services.portunus = {
     enable = true;
+    package = pkgs.portunus.overrideAttrs (old: {
+      patches = [ ./0001-update-user-validation-regex.patch ];
+    });
     user = "${portunusUser}";
     group = "${portunusGroup}";
     domain = "${domain}";
@@ -65,7 +68,7 @@ in
       #tls = true;
     };
 
-    seedPath = ../config/portunus_seeds.json;
+    seedPath = ../../config/portunus_seeds.json;
   };
 
   #users.ldap = {
@@ -123,18 +126,4 @@ in
       };
     };
   };
-
-  # nixpkgs.overlays = [
-  #   (self: super:
-  #     {
-  #       portunus = super.portunus.overrideAttrs (old: {
-  #         src = super.fetchFromGitHub {
-  #           owner = "revol-xut";
-  #           repo = "portunus";
-  #           rev = "4dc29febacb11c613785bc95352fa00e0ca9b14a";
-  #           sha256 = "sha256-6O2392aHXhgvgZf6ftDY5Bh6hG3OzzCnlriig/Vkkz8=";
-  #         };
-  #       });
-  #     })
-  # ];
 }