`/` on tmpfs, wipe root on reboot

[rvolosatovs]

The proposal is to completely wipe the machines on reboot except for the things that have to persist (e.g. the services, secrets and host SSH keys)
We can use https://github.com/nix-community/impermanence to specify paths should should persist on reboot, everything else will be wiped out.

Good reading material https://grahamc.com/blog/erase-your-darlings

Some guidance https://elis.nu/blog/2020/05/nixos-tmpfs-as-root/

See also https://xeiaso.net/blog/paranoid-nixos-2021-07-18