diff --git a/services/impermanence.nix b/services/impermanence.nix
new file mode 100644
index 0000000..2d33846
--- /dev/null
+++ b/services/impermanence.nix
@@ -0,0 +1,67 @@
+{
+  lib,
+  config,
+  impermanence,
+  ...
+}:
+
+with lib;
+let
+  persistUser = user: {
+    inherit (user) name;
+    value = {
+      directories = [
+        ".config/home-manager"
+        ".local/state"
+        {
+          directory = ".gnupg";
+          mode = "0700";
+        }
+        {
+          directory = ".ssh";
+          mode = "0700";
+        }
+      ];
+    };
+  };
+in
+{
+  imports = [
+    impermanence.nixosModules.impermanence
+  ];
+}
+// mkIf (elem "impermanence" config.machine.services) {
+  environment.persistence."/persist" = {
+    hideMounts = true;
+    directories =
+      [
+        "/etc/nixos"
+        # Stores auto assigned user/group ids
+        "/var/lib/nixos"
+        "/var/log"
+        # User directories
+      ]
+      ++ optional config.services.ollama.enable "/var/lib/private/ollama"
+      ++ optional config.programs.virt-manager.enable "/var/lib/libvirt"
+      ++ optional config.networking.networkmanager.enable "/etc/NetworkManager/system-connections"
+      ++ optionals config.virtualisation.podman.enable [
+        "/var/lib/containers/storage"
+        "/run/containers/storage"
+      ];
+
+    files =
+      [
+        "/etc/machine-id"
+      ]
+      # remember last user and user sessions
+      ++ optional config.programs.regreet.enable "/var/cache/regreet/cache.toml"
+      ++ optional config.services.printing.enable "/etc/staticcups/printers.conf"
+      ++ optionals config.services.openssh.enable [
+        "/etc/ssh/ssh_host_ed25519_key"
+        "/etc/ssh/ssh_host_ed25519_key.pub"
+        "/etc/ssh/ssh_host_rsa_key"
+        "/etc/ssh/ssh_host_rsa_key.pub"
+      ];
+    users = listToAttrs (map persistUser config.machine.administrators);
+  };
+}