diff --git a/nix/modules/machine/root/ephemeral.nix b/nix/modules/machine/root/ephemeral.nix
index 8ccb62b..04bc67c 100644
--- a/nix/modules/machine/root/ephemeral.nix
+++ b/nix/modules/machine/root/ephemeral.nix
@@ -18,18 +18,12 @@ in
             fi
           '';
           persistFiles = [
-            #TODO: move to system config
-            "/etc/machine-id"
             #TODO: move to ssh config
             "/etc/ssh/ssh_host_ed25519_key"
             "/etc/ssh/ssh_host_ed25519_key.pub"
             "/etc/ssh/ssh_host_rsa_key"
             "/etc/ssh/ssh_host_rsa_key.pub"
           ];
-          persistDirs = [
-            "/var/lib/systemd"
-            "/var/lib/nixos"
-          ];
         })
       ];
     };
diff --git a/nix/modules/system.nix b/nix/modules/system.nix
index c2af5c0..2989756 100644
--- a/nix/modules/system.nix
+++ b/nix/modules/system.nix
@@ -1,5 +1,7 @@
 {
   flake.modules.nixos.default = {
+    persistFiles = [ "/etc/machine-id" ];
+    persistDirs = [ "/var/lib/systemd" ];
     system.stateVersion = "25.11";
   };
   flake.modules.homeManager.default =
diff --git a/nix/modules/users.nix b/nix/modules/users.nix
index de640b3..c6e74e6 100644
--- a/nix/modules/users.nix
+++ b/nix/modules/users.nix
@@ -13,6 +13,8 @@ in
       # nix.settings.trusted-users = [ "@wheel" ];
       #TODO: move ssh key settings elsewhere
       # users.users.root.openssh.authorizedKeys.keys = [ owner.pubkey ];
+      # persist uids and gids
+      persistDirs = [ "/var/lib/nixos" ];
       users = {
         mutableUsers = false;
         groups.users.gid = 100;