dotfiles/system/impermanence.nix

{
  config,
  lib,
  username,
  ...
}:
{
  environment.persistence."/persistent" = {
    hideMounts = true;
    directories = [
      "/var/log"
      "/var/lib/systemd/coredump"
      "/var/lib/nixos"
      "/var/lib/systemd/timers"
    ];

    files = [
      "/etc/ssh/ssh_host_ed25519_key"
      "/etc/ssh/ssh_host_ed25519_key.pub"
      "/etc/ssh/ssh_host_rsa_key"
      "/etc/ssh/ssh_host_rsa_key.pub"
      "/etc/machine-id"
    ];

    users.${username} = {
      directories = [
        "."
      ];
    };
  };

  systemd.tmpfiles.rules = [
    "d /etc 755 root"
  ];
}