diff --git a/.modules/base/tmpfs.nix b/.modules/base/tmpfs.nix
new file mode 100644
index 0000000..ccea92d
--- /dev/null
+++ b/.modules/base/tmpfs.nix
@@ -0,0 +1,35 @@
+{config}:
+{
+    # Don't allow mutation of users outside of the config.
+    users.mutableUsers = false;
+
+  # Set a root password, consider using initialHashedPassword instead.
+  #
+  # To generate a hash to put in initialHashedPassword
+  # you can do this:
+  # $ nix-shell --run 'mkpasswd -m SHA-512 -s' -p mkpasswd
+  users.users.root.initialPassword = "hunter2";
+
+  # machine-id is used by systemd for the journal, if you don't
+  # persist this file you won't be able to easily use journalctl to
+  # look at journals for previous boots.
+  environment.etc."machine-id".source
+    = "/nix/persist/etc/machine-id";
+
+
+  # if you want to run an openssh daemon, you may want to store the
+  # host keys across reboots.
+  #
+  # For this to work you will need to create the directory yourself:
+  # $ mkdir /nix/persist/etc/ssh
+  environment.etc."ssh/ssh_host_rsa_key".source
+    = "/nix/persist/etc/ssh/ssh_host_rsa_key";
+  environment.etc."ssh/ssh_host_rsa_key.pub".source
+    = "/nix/persist/etc/ssh/ssh_host_rsa_key.pub";
+  environment.etc."ssh/ssh_host_ed25519_key".source
+    = "/nix/persist/etc/ssh/ssh_host_ed25519_key";
+  environment.etc."ssh/ssh_host_ed25519_key.pub".source
+    = "/nix/persist/etc/ssh/ssh_host_ed25519_key.pub";
+
+
+}
\ No newline at end of file