moved impermanence config for var lib private into impermanence module

modules/nixos-modules/impermanence.nix

@@ -25,6 +25,18 @@
           }
         ];
 
+        # fixes issues with /var/lib/private not having the correct permissions https://github.com/nix-community/impermanence/issues/254
+        system.activationScripts."createPersistentStorageDirs".deps = ["var-lib-private-permissions" "users" "groups"];
+        system.activationScripts = {
+          "var-lib-private-permissions" = {
+            deps = ["specialfs"];
+            text = ''
+              mkdir -p /persist/system/root/var/lib/private
+              chmod 0700 /persist/system/root/var/lib/private
+            '';
+          };
+        };
+
         programs.fuse.userAllowOther = true;
 
         boot.initrd.postResumeCommands = lib.mkAfter ''

modules/nixos-modules/ollama.nix

@@ -28,10 +28,6 @@
         };
       }))
       (lib.mkIf config.host.impermanence.enable {
-        # TODO: move this somewhere common
-        systemd.tmpfiles.rules = [
-          "d /var/lib/private 0700 root root"
-        ];
         environment.persistence."/persist/system/root" = {
           enable = true;
           hideMounts = true;