diff --git a/flake.lock b/flake.lock
index 2ad8261..2a7be87 100644
--- a/flake.lock
+++ b/flake.lock
@@ -33,6 +33,21 @@
         "type": "indirect"
       }
     },
+    "impermanence": {
+      "locked": {
+        "lastModified": 1694622745,
+        "narHash": "sha256-z397+eDhKx9c2qNafL1xv75lC0Q4nOaFlhaU1TINqb8=",
+        "owner": "nix-community",
+        "repo": "impermanence",
+        "rev": "e9643d08d0d193a2e074a19d4d90c67a874d932e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "impermanence",
+        "type": "github"
+      }
+    },
     "nixos-mailserver": {
       "inputs": {
         "blobs": "blobs",
@@ -139,6 +154,7 @@
     "root": {
       "inputs": {
         "flake-parts": "flake-parts",
+        "impermanence": "impermanence",
         "nixos-mailserver": "nixos-mailserver",
         "nixpkgs": "nixpkgs",
         "sops-nix": "sops-nix"
diff --git a/flake.nix b/flake.nix
index 727dd91..0c61327 100644
--- a/flake.nix
+++ b/flake.nix
@@ -14,6 +14,9 @@
       url = "github:Mic92/sops-nix";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    impermanence = {
+      url = "github:nix-community/impermanence";
+    };
   };
 
   outputs = inputs@{ flake-parts, ... }:
diff --git a/nixos/flake-module.nix b/nixos/flake-module.nix
index d82fbd4..a995aff 100644
--- a/nixos/flake-module.nix
+++ b/nixos/flake-module.nix
@@ -21,6 +21,7 @@
           imports = [
             (import (./. + "/machines/${name}/configuration.nix") inputs)
             inputs.sops-nix.nixosModules.sops
+            inputs.impermanence.nixosModules.impermanence
           ];
         };
     in lib.genAttrs machines makeSystem);
diff --git a/nixos/machines/nyarlathotep/configuration.nix b/nixos/machines/nyarlathotep/configuration.nix
index 05616fa..38f5dc3 100644
--- a/nixos/machines/nyarlathotep/configuration.nix
+++ b/nixos/machines/nyarlathotep/configuration.nix
@@ -11,5 +11,6 @@ imports = [
 
 # System configuration here
 
+  networking.hostName = "nyarlathotep";
   system.stateVersion = "23.11";
 }
diff --git a/nixos/machines/nyarlathotep/hardware-configuration.nix b/nixos/machines/nyarlathotep/hardware-configuration.nix
index d75ae28..f9bd476 100644
--- a/nixos/machines/nyarlathotep/hardware-configuration.nix
+++ b/nixos/machines/nyarlathotep/hardware-configuration.nix
@@ -2,9 +2,25 @@
   imports = [ ];
 
   fileSystems."/" = {
+    device = "nya-root";
+    fsType = "tmpfs";
+    options = [ "size=1G" "mode=755" ];
+  };
+  fileSystems."/persist" = {
     device = "/dev/disk/by-uuid/a72da670-f631-49b1-bcb3-6d378cc1f2d0";
+    fsType = "btrfs";
+    options = [ "subvol=persist" ];
+    neededForBoot = true;
+  };
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/75b01f48-e159-4d72-b049-54b7af072076";
     fsType = "ext4";
   };
+  fileSystems."/nix" = {
+    device = "/dev/disk/by-uuid/a72da670-f631-49b1-bcb3-6d378cc1f2d0";
+    fsType = "btrfs";
+    options = [ "subvol=nix" ];
+  };
   fileSystems."/var/vmail" = {
     device = "/dev/disk/by-uuid/23c44c93-5035-4e29-9e46-75c1c08f4cea";
     fsType = "ext4";
diff --git a/nixos/modules/impermanence.nix b/nixos/modules/impermanence.nix
new file mode 100644
index 0000000..267c9d1
--- /dev/null
+++ b/nixos/modules/impermanence.nix
@@ -0,0 +1,47 @@
+{lib, config, ...} :
+
+let 
+  inherit (lib)
+    mkEnableOption
+    mkIf
+    mkOption
+    types
+    ;
+  cfg = config.impermanence;
+in
+
+{
+imports = [ ];
+
+options.impermanence = {
+  enable = mkEnableOption "impermanence";
+  storagePath = mkOption {
+    type = types.path;
+    default = "/persist";
+    description = "The path where persistent data is stored";
+  };
+  name = mkOption {
+    type = types.str;
+    default = "persist";
+    description = "the name of the persistent data store";
+  };
+};
+
+config = mkIf cfg.enable {
+  environment.persistence.${cfg.name} = {
+    persistentStoragePath = cfg.storagePath;
+    directories = [
+      "/var/log"
+      "/var/lib/nixos"
+    ];
+    files = [
+      "/etc/ssh/ssh_host_ed25519_key"
+      "/etc/ssh/ssh_host_ed25519_key.pub"
+      "/etc/ssh/ssh_host_rsa_key"
+      "/etc/ssh/ssh_host_rsa_key.pub"
+    ];
+  };
+  environment.etc.machine-id.source = "${cfg.storagePath}/machine-id";
+};
+
+}
diff --git a/nixos/roles/default.nix b/nixos/roles/default.nix
index de4eb17..874016a 100644
--- a/nixos/roles/default.nix
+++ b/nixos/roles/default.nix
@@ -3,6 +3,7 @@
 imports = [
   ./admins.nix
   ./nix_keys.nix
+  ../modules/impermanence.nix
   ];
 nix = {
   extraOptions = ''
@@ -23,8 +24,11 @@ networking = {
 
 users = {
   mutableUsers = false;
+  users.root.hashedPassword = "!";
 };
 
+impermanence.enable = true;
+
 sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
 
 environment = {