{ config, lib, ... }:
{
  boot.initrd.postDeviceCommands =
    let
      device = config.disko.devices.disk.virt.content.partitions.linux.device;
    in
    lib.mkAfter ''
      mkdir /mnt
      mount -t btrfs "${device}" /mnt
      btrfs subvolume list -o /mnt/root | cut -f9 -d' ' |  while read subvolume; do
        btrfs subvolume delete "/mnt/$subvolume"
      done
      btrfs subvolume delete /mnt/root
      btrfs subvolume snapshot /mnt/root-blank /mnt/root
    '';

  services.openssh = {
    hostKeys = lib.mkForce [{
      path = "/persist/etc/ssh/ssh_host_ed25519_key";
      type = "ed25519";
    }];
  };

  services.forgejo.stateDir = "/persist/var/lib/forgejo";
  services.postgresql.dataDir = "/persist/var/lib/postgresql/${config.services.postgresql.package.psqlSchema}";

  fileSystems."/persist".neededForBoot = true;
  environment.persistence."/persist" = {
    hideMounts = true;
    directories = [
      "/var/lib/acme"
      "/var/lib/hedgedoc"
      "/var/lib/nixos"
      "/var/lib/private/ntfy-sh"
    ];
  };
}