add impernance to hetzner

flake.nix

@@ -37,6 +37,7 @@
       inputs.nixpkgs.follows = "nixpkgs";
       inputs.nixpkgs-stable.follows = "nixpkgs";
     };
+    impermanence.url = "github:nix-community/impermanence";
 
     # Packages
     tela-icon-theme = {

home-modules/firefox/default.nix

@@ -1,4 +1,4 @@
-{ config, lib, pkgs, self, ... }:
+{ config, lib, pkgs, inputs, ... }:
 
 let cfg = config.jopejoe1.firefox;
 in {
@@ -193,7 +193,7 @@ in {
         };
         profiles = {
           default = {
-            extensions = with self.inputs.firefox-addons.packages.${pkgs.stdenv.hostPlatform.system}; [
+            extensions = with pkgs.firefox-addons; [
               ublock-origin
               privacy-badger
               bitwarden

systems/hetzner/default.nix

@@ -6,6 +6,7 @@
     self.inputs.srvos.nixosModules.server
     self.inputs.srvos.nixosModules.hardware-hetzner-online-amd
     self.inputs.srvos.nixosModules.mixins-nginx
+    self.inputs.impermanence.nixosModules.impermanence
   ];
 
   jopejoe1 = {
@@ -36,7 +37,92 @@
 
   services.openssh.ports = [ 22 ];
 
+  users.mutableUsers = false;
+  users.users.jopejoe1.hashedPassword = "$2b$05$Uk84TY/RHlH8DIigUlFYjeorjTlCMEY9wN2pAcw5BLaPoc7dKiSsC";
+  users.users.root.hashedPassword = "$2b$05$Uk84TY/RHlH8DIigUlFYjeorjTlCMEY9wN2pAcw5BLaPoc7dKiSsC";
+
+  home-manager.users = {
+    jopejoe1 = {
+      imports = [ self.inputs.impermanence.nixosModules.home-manager.impermanence ];
+      home.persistence."/nix/persistent/users/jopejoe1" = {
+        allowOther = false;
+        directories = [
+          "Downloads"
+          "Music"
+          "Pictures"
+          "Documents"
+          "Videos"
+          ".gnupg"
+          ".ssh"
+          ".nixops"
+          ".local/share/keyrings"
+          ".local/share/direnv"
+        ];
+        files = [
+          ".screenrc"
+        ];
+      };
+    };
+    root = {
+      imports = [ self.inputs.impermanence.nixosModules.home-manager.impermanence ];
+      home.persistence."/nix/persistent/users/root" = {
+        allowOther = false;
+        directories = [
+          "Downloads"
+          "Music"
+          "Pictures"
+          "Documents"
+          "Videos"
+          ".gnupg"
+          ".ssh"
+          ".nixops"
+          ".local/share/keyrings"
+          ".local/share/direnv"
+        ];
+        files = [
+          ".screenrc"
+        ];
+      };
+    };
+  };
+
+  environment.persistence."/nix/persistent/system" = {
+    hideMounts = true;
+    directories = [
+      "/var/log"
+      "/var/lib/bluetooth"
+      "/var/lib/nixos"
+      "/var/lib/systemd/coredump"
+      "/etc/NetworkManager/system-connections"
+      { directory = "/var/lib/colord"; user = "colord"; group = "colord"; mode = "u=rwx,g=rx,o="; }
+    ];
+    files = [
+      "/etc/machine-id"
+      { file = "/var/keys/secret_file"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
+      { file = "/etc/nix/id_rsa"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
+    ];
+  };
+
+  fileSystems = {
+    "/nix" = {
+      neededForBoot = true;
+    };
+    "/nix/persistent" = {
+      neededForBoot = true;
+    };
+  };
+
   disko.devices = {
+    nodev = {
+      "/" = {
+        fsType = "tmpfs";
+        mountOptions = [
+          "defaults"
+          "size=25%"
+          "mode=755"
+        ];
+      };
+    };
     disk = {
       vdb = {
         type = "disk";
@@ -89,9 +175,15 @@
             primary = {
               size = "100%";
               content = {
-                type = "filesystem";
-                format = "ext4";
-                mountpoint = "/";
+                type = "btrfs";
+                extraArgs = [ "-f" ];
+                subvolumes = {
+                  "/nix" = {
+                    mountOptions = [ "compress=zstd" "noatime" ];
+                    mountpoint = "/nix";
+                  };
+                  "/nix/persistent" = {};
+                };
               };
             };
           };