diff --git a/systems/ceres/config/filesystem.nix b/systems/ceres/config/filesystem.nix
index dadfee1..713407d 100755
--- a/systems/ceres/config/filesystem.nix
+++ b/systems/ceres/config/filesystem.nix
@@ -12,35 +12,24 @@ in
     "/" = {
       device = "/dev/disk/by-label/root";
       fsType = "btrfs";
-      options = [
-        "subvol=@"
-        "compress=zstd"
-        "noatime"
-      ];
+      options = [ "subvol=root" ];
     };
-
     "/nix" = {
       device = "/dev/disk/by-label/root";
       fsType = "btrfs";
-      options = [
-        "subvol=@nix"
-      ];
+      options = [ "subvol=nix" ];
     };
-
     "/persistent" = {
       device = "/dev/disk/by-label/root";
       fsType = "btrfs";
       neededForBoot = true;
-      options = [
-        "subvol=@persistent"
-      ];
+      options = [ "subvol=persistent" ];
     };
-
     "/boot" = {
       device = "/dev/disk/by-label/BOOT";
       fsType = "vfat";
+      options = [ "umask=0077" ];
     };
-
     "/mnt/storage" = {
       device = "/dev/disk/by-label/storage";
       fsType = "ext4";
@@ -49,12 +38,12 @@ in
 
   boot.initrd.postResumeCommands = lib.mkAfter ''
     mkdir -p /btrfs_tmp
-    mount -o subvol=/ /dev/disk/by-label/root /btrfs_tmp
+    mount -o subvolid=5 /dev/disk/by-label/root /btrfs_tmp
 
-    if [[ -e /btrfs_tmp/@ ]]; then
-        mkdir -p /btrfs_tmp/@old_roots
-        timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/@)" "+%Y-%m-%d_%H:%M:%S")
-        mv /btrfs_tmp/@ "/btrfs_tmp/@old_roots/$timestamp"
+    if [[ -e /btrfs_tmp/root ]]; then
+        mkdir -p /btrfs_tmp/old_roots
+        timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%d_%H:%M:%S")
+        mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
     fi
 
     delete_subvolume_recursively() {
@@ -65,29 +54,35 @@ in
         btrfs subvolume delete "$1"
     }
 
-    for i in $(find /btrfs_tmp/@old_roots/ -maxdepth 1 -mtime +30); do
+    for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
         delete_subvolume_recursively "$i"
     done
 
-    btrfs subvolume create /btrfs_tmp/@
+    btrfs subvolume create /btrfs_tmp/root
     umount /btrfs_tmp
   '';
 
   environment.persistence."/persistent" = {
-    hideMounts = true;
     directories = [
-      "/var/log"
-      "/var/lib/nixos"
-      "/var/lib/systemd/coredump"
       "/var/cache"
-      "/etc/ssh"
-    ];
-    files = [
-      "/etc/machine-id"
+      "/var/lib"
+      {
+        directory = "/etc/ssh";
+        mode = "u=rwx,g=rx,o=rx";
+        user = "root";
+      }
     ];
+    hideMounts = true;
     users.${user0} = {
       directories = [
-        ".ssh"
+        ".cache"
+        ".config"
+        ".local/share/direnv"
+        ".local/state/nix"
+        {
+          directory = ".ssh";
+          mode = "u=rwx,g=,o=";
+        }
       ];
     };
   };