{ lib, config, impermanence, ... }: with lib; let persistUser = user: { inherit (user) name; value = { directories = [ ".config/home-manager" ".local/state" { directory = ".gnupg"; mode = "0700"; } { directory = ".ssh"; mode = "0700"; } ]; }; }; in { imports = [ impermanence.nixosModules.impermanence ]; } // mkIf (elem "impermanence" config.machine.services) { environment.persistence."/persist" = { hideMounts = true; directories = [ "/etc/nixos" # Stores auto assigned user/group ids "/var/lib/nixos" "/var/log" # User directories ] ++ optional config.services.ollama.enable "/var/lib/private/ollama" ++ optional config.programs.virt-manager.enable "/var/lib/libvirt" ++ optional config.networking.networkmanager.enable "/etc/NetworkManager/system-connections" ++ optional config.services.radicale.enable config.services.radicale.settings.storage.filesystem_folder ++ optionals config.virtualisation.podman.enable [ "/var/lib/containers/storage" "/run/containers/storage" ]; files = [ "/etc/machine-id" ] # remember last user and user sessions ++ optional config.programs.regreet.enable "/var/lib/regreet/state.toml" ++ optional config.services.printing.enable "/etc/staticcups/printers.conf" ++ optionals config.services.openssh.enable [ "/etc/ssh/ssh_host_ed25519_key" "/etc/ssh/ssh_host_ed25519_key.pub" "/etc/ssh/ssh_host_rsa_key" "/etc/ssh/ssh_host_rsa_key.pub" ]; users = listToAttrs (map persistUser config.machine.administrators); }; # link current home manager profile if it exists # impermanence mounts come after system activation during boot # we check the persistent location and link to the expected mount point system.activationScripts.profile-init.text = concatStrings ( map ( user: with user; # bash '' if [[ -d /persist/home/${name}/.local/state/nix/profiles/profile ]]; then ln -sfn /home/${name}/.local/state/nix/profiles/profile /home/${name}/.nix-profile fi '' ) config.machine.administrators ); }