os/modules/persistence/default.nix

{ lib, config, ... }:
{
  environment.persistence."/persist" = {
    hideMounts = true;
    directories = [
      "/var/log"
      "/var/lib/bluetooth"
      "/var/lib/nixos"
      "/var/lib/systemd/coredump"
      "/etc/NetworkManager/system-connections"
    ];

    files = [
      "/etc/machine-id"
    ];
  };

  fileSystems."/etc/nixos" = {
    device = "/home/${config.pub-solar.user.name}/Workspace/os";
    options = [ "bind" ];
  };

  systemd.tmpfiles.rules = [
    "d /persist/etc/ssh 0400 root root"
  ];

  services.openssh = {
    enable = true;
    hostKeys = [
      {
        path = "/persist/etc/ssh/ssh_host_ed25519_key";
        type = "ed25519";
      }
      {
        path = "/persist/etc/ssh/ssh_host_rsa_key";
        type = "rsa";
        bits = 4096;
      }
    ];
  };
}