server-config/impermanence.nix

{
  config,
  lib,
  pkgs,
  username,
  service_configs,
  ...
}:
{
  environment.persistence."/persistent" = {
    hideMounts = true;
    directories = [
      "/var/log"
      "/var/lib/systemd/coredump"
      "/var/lib/nixos"

      "/var/lib/systemd/timers"
    ];

    files = [
      # SSH host keys
      "/etc/ssh/ssh_host_ed25519_key"
      "/etc/ssh/ssh_host_ed25519_key.pub"
      "/etc/ssh/ssh_host_rsa_key"
      "/etc/ssh/ssh_host_rsa_key.pub"

      # Machine ID
      "/etc/machine-id"

      # ZFS cache
      "/etc/zfs/zpool.cache"
    ];

    users.${username} = {
      files = [
        ".local/share/fish/fish_history"
      ];
    };

    users.root = {
      home = "/root";

      files = [
        ".local/share/fish/fish_history"
      ];
    };
  };

  systemd.tmpfiles.rules = [
    "d /etc 755 root"
  ];
}