{ config, lib, ... }:

{
  # A setup which would clean root subvolume between boots remove automatically removed roots that
  # are older than one day:
  # 
  # Source: https://github.com/nix-community/impermanence
  boot.initrd.postDeviceCommands = lib.mkAfter ''
    mkdir /btrfs_tmp
    mount /dev/mapper/luksroot /btrfs_tmp
    if [[ -e /btrfs_tmp/root ]]; then
        mkdir -p /btrfs_tmp/old_roots
        timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
        mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
    fi

    delete_subvolume_recursively() {
        IFS=$'\n'
        for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
            delete_subvolume_recursively "/btrfs_tmp/$i"
        done
        btrfs subvolume delete "$1"
    }

    for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +1); do
        delete_subvolume_recursively "$i"
    done

    echo 1 | tee /btrfs_tmp/root/sys/class/leds/asus\:\:kbd_backlight/brightness

    btrfs subvolume create /btrfs_tmp/root
    umount /btrfs_tmp
    rm -r /btrfs_tmp
  '';

  age.identityPaths = map (v: "/persistent/system/etc/ssh/${v}") [
    "ssh_host_rsa_key"
    "ssh_host_ed25519_key"
  ];

  environment.persistence = {
    "/persistent/system" = {
      hideMounts = true;
      directories = [
        "/var/lib/bluetooth"
        "/var/lib/nixos"
        "/var/lib/systemd/coredump"
        "/etc/NetworkManager/system-connections"
      ];
      files = [
        "/etc/machine-id"
        "/etc/ssh/ssh_host_rsa_key"
        "/etc/ssh/ssh_host_rsa_key.pub"
        "/etc/ssh/ssh_host_ed25519_key"
        "/etc/ssh/ssh_host_ed25519_key.pub"
      ];
    };
    "/persistent/docker" = lib.mkIf config.virtualisation.docker.enable {
      hideMounts = true;
      directories = map (v: "/var/lib/docker/${v}") [
        "containers"
        "volumes"
        "image"
        "overlay2"
        "network"
      ];
      files = [ "/var/lib/docker/engine-id" ];
    };
  };
}