nixos-conf/modules/platform/impermanence.nix

{ config, lib, ... }:
let
  cfg = config.custom.platform.impermanence;
in
{
  options.custom.platform.impermanence.enable = lib.mkEnableOption "custom impermanence setup";

  config = lib.mkIf cfg.enable {
    # Default set of directories we always want to persist
    environment.persistence."/persist" = {
      enable = true;
      hideMounts = true;

      files = [
        "/etc/machine-id"
        "/etc/ssh/ssh_host_rsa_key"
        "/etc/ssh/ssh_host_ed25519_key"
      ];

      directories = [
        "/var/lib/nixos"
        "/var/lib/systemd"
        "/var/log/journal"
      ];
    };

    fileSystems."/persist".neededForBoot = true;
    sops.age.sshKeyPaths = [ "/persist/etc/ssh/ssh_host_ed25519_key" ];

    services = {
      fstrim.interval = "daily";
      zfs = {
        autoScrub.enable = true;
        autoSnapshot = {
          enable = true;
          flags = "-k -p --utc";
        };
        trim.interval = "daily";
      };
    };

    boot.initrd.postResumeCommands = lib.mkAfter ''
      zfs rollback -r zroot/root@blank
    '';
  };
}