{
  pov,
  povSelf,
  hostConfig,
  config,
  lib,
  pkgs,
  ...
}:

let
  inherit (lib) types;
  cfgFilesystem = lib.getAttrFromPath pov config;
  cfg = lib.getAttrFromPath povSelf config;
  perms = {
    user = lib.mkOption {
      type = with types; nullOr str;
      default = null;
    };
    group = lib.mkOption {
      type = with types; nullOr str;
      default = null;
    };
    mode = lib.mkOption {
      type = with types; nullOr str;
      default = null;
    };
  };

in
{

  options = {
    home.enable = {
      type = types.bool;
      default = false;
    };
    system = {
      enable = {
        type = types.bool;
        default = false;
      };
      dirs = {
        default = [ ];
        type =
          with types;
          listOf (oneOf [
            str
            (submodule {
              options = {
                directory = lib.mkOption { type = types.str; };
              } // perms;
            })
          ]);
      };
      files = {
        default = [ ];
        type =
          with types;
          listOf (oneOf [
            str
            (submodule {
              options = {
                file = lib.mkOption { type = types.str; };
                parentDirectory = lib.mkOption {
                  type = with types; nullOr (submodule perms);
                  default = null;
                };
              } // perms;
            })
          ]);
      };

    };
  };

  config = lib.mkMerge [
    (lib.mkIf cfg.home.enable {
      assertions = [
        {
          assertion = config.modules.filesystem.rootDisk.type == "zfs";
          message = ''
            Impermanence is currently only available for ZFS.
          '';
        }
      ];

      modules.filesystem.rootDisk.parts.home = true;
    })
    (lib.mkIf cfg.system.enable {
      assertions = [
        {
          assertion = config.modules.filesystem.rootDisk.type == "zfs";
          message = ''
            Impermanence is currently only available for ZFS.
          '';
        }
      ];

      modules.filesystem.rootDisk.parts.system = true;
      boot.initrd.systemd.services = {
        defenestrate = {
          description = "Defenestrate old root";
          wantedBy = [ "initrd.target" ];
          after = [ "zfs-import.target" ];
          before = [ "sysroot.mount" ];
          onFailure = [ "emergency.target" ];
          unitConfig.DefaultDependencies = "no";
          serviceConfig.Type = "oneshot";
          script =
            let
              prefix = "${hostConfig.hostName}/os/nixos/root-";
            in
            ''
              # We keep root from the previous last 3 boots
              # Any command except create can fail in case the system has not
              # booted that often yet
              zfs destroy -r ${prefix}4 || true
              zfs rename ${prefix}3 ${prefix}4 || true
              zfs rename ${prefix}2 ${prefix}3 || true
              zfs rename ${prefix}1 ${prefix}2 || true
              zfs create -o devices=off -o exec=off -o mountpoint=legacy -o setuid=off ${prefix}1
            '';
        };
      };

      environment.persistence."/nix/persist/system" = {
        enable = true;
        hideMounts = true;
        directories = [
          "/etc/zfs"
          "/var/log"
          "/var/lib/nixos"
          "/var/lib/systemd/coredump"
        ] ++ cfg.system.dirs;
        files = [
          "/etc/machine-id"
        ] ++ cfg.system.files;
      };

      #zaphyra: hack to persist `/var/lib/private/<service>` (see https://github.com/nix-community/impermanence/issues/213)
      system.activationScripts = {
        "createPersistentStorageDirs".deps = [
          "var-lib-private-permissions"
          "users"
          "groups"
        ];
        "var-lib-private-permissions" = {
          deps = [ "specialfs" ];
          text = ''
            mkdir -p /nix/persist/system/var/lib/private
            chmod 0700 /nix/persist/system/var/lib/private
          '';
        };
      };
    })
  ];

}