{ config, lib, ... }: let cfg = config.soispha.impermanence; networkmanager = if config.networking.networkmanager.enable then [ "/etc/NetworkManager" # store the networkmanager configs ] else []; secureboot = if config.boot.lanzaboote.enable then [ "/etc/secureboot" ] else []; directories = [ "/etc/nixos" "/var/log" # TODO the following entries need to be checked #"/var/lib/bluetooth" #"/var/lib/nixos" #"/var/lib/systemd/coredump" ] ++ networkmanager ++ secureboot; in { options.soispha.impermanence = { enable = lib.mkOption { type = lib.types.bool; default = true; description = lib.mdDoc "Disk setup with disko"; }; }; config = lib.mkIf cfg.enable { # needed for the hm impermanence config programs.fuse.userAllowOther = true; environment.persistence = { "/srv" = { hideMounts = true; inherit directories; files = [ "/etc/machine-id" ]; }; }; }; }