{ config, lib, pkgs, inputs, ... }:

let
  cfg = config.nomarchy.system.impermanence;
in
{
  imports = [
    inputs.impermanence.nixosModules.impermanence
  ];

  options.nomarchy.system.impermanence = {
    enable = lib.mkEnableOption "Erase Your Darlings (Impermanence) root wipe on boot";

    # The disko layout names the main LUKS mapping `crypted` on single-disk
    # installs and `crypted_main` on multi-disk installs (see
    # installer/disko-config.nix: `mainLuksName`). The rollback hook must
    # mount the right device, otherwise initrd fails on every boot and the
    # @ → root-blank snapshot is never restored.
    mainLuksName = lib.mkOption {
      type = lib.types.str;
      default = "crypted";
      description = ''
        Name of the /dev/mapper entry holding the BTRFS root. Set to
        "crypted_main" on multi-disk installs to match the disko layout.
      '';
    };
  };

  config = lib.mkIf cfg.enable {
    # 1. The Rollback Script: Runs in initrd before filesystems are mounted
    boot.initrd.postDeviceCommands = lib.mkAfter ''
      mkdir -p /btrfs_tmp
      mount -o subvol=/ /dev/mapper/${cfg.mainLuksName} /btrfs_tmp
      
      if [[ -e /btrfs_tmp/@ ]]; then
          mkdir -p /btrfs_tmp/old_roots
          timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/@)" "+%Y-%m-%-d_%H:%M:%S")
          mv /btrfs_tmp/@ "/btrfs_tmp/old_roots/$timestamp"
      fi

      delete_subvolume_recursively() {
          IFS=$'\n'
          for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
              delete_subvolume_recursively "/btrfs_tmp/$i"
          done
          btrfs subvolume delete "$1"
      }

      for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
          delete_subvolume_recursively "$i"
      done

      btrfs subvolume snapshot /btrfs_tmp/root-blank /btrfs_tmp/@
      umount /btrfs_tmp
    '';

    # 2. Persistence Configuration: What survives the wipe
    environment.persistence."/persist" = {
      hideMounts = true;
      directories = [
        "/var/log"
        "/var/lib/nixos"
        "/var/lib/systemd/coredump"
        "/var/lib/NetworkManager"
        "/etc/NetworkManager/system-connections"
        "/var/lib/bluetooth"
        "/var/lib/fprint"
        "/etc/nixos"
        "/etc/ssh"
      ];
      files = [
        "/etc/machine-id"
        "/etc/supergfxd.conf"
      ];
      users.nomarchy = {
        directories = [
          ".ssh"
          ".gnupg"
          ".local/share/keyrings"
          "Documents"
          "Downloads"
          "Pictures"
          "Videos"
          "Projects"
        ];
      };
    };
  };
}