{ config, lib, pkgs, ... }:

let
  inherit (lib) mkIf;

  cfg = config.pepe.core.docker;
in
{
  options.pepe.core.docker = with lib; {
    enable = mkEnableOption "Enable Docker";
    nvidia = mkEnableOption "Enable NVIDIA Container Toolkit";
    dataRoot = mkOption {
      type = types.str;
      default = "/var/lib/docker";
      description = "Docker data root directory";
    };
    extraOptions = mkOption {
      type = types.str;
      default = "";
      description = "Extra options for Docker daemon";
    };
    enableOnBoot = mkOption {
      type = types.bool;
      default = false;
      description = "Start Docker on boot";
    };
    iptables = mkOption {
      type = types.bool;
      default = false;
      description = "Whether Docker should manipulate iptables";
    };
    users = mkOption {
      type = types.listOf types.str;
      default = [];
      description = "Users to add to the docker group";
    };
  };

  config = mkIf cfg.enable {
    hardware.nvidia-container-toolkit.enable = cfg.nvidia;
    
    virtualisation = {
      oci-containers.backend = "docker";

      docker = {
        enable = true;
        extraOptions = cfg.extraOptions;
        enableOnBoot = cfg.enableOnBoot;
        daemon.settings = {
          iptables = cfg.iptables;
          data-root = cfg.dataRoot;
        };
      };
    };

    users.users = lib.genAttrs cfg.users (user: {
      extraGroups = [ "docker" ];
    });
  };
}