{ config, ... }:

{
  architect.networks.docker = {
    interface = "docker0";
    net = "172.17.0.0/16";
  };

  virtualisation = {
    oci-containers.backend = "docker";

    docker = {
      enable = true;
      extraOptions = ''
        --dns 127.0.0.1 --dns ${config.architect.networks.lan.devices.architect.address} --data-root /docker
      '';
      enableOnBoot = false;
      daemon.settings.iptables = false;
    };
  };

  users.users.giulio.extraGroups = [ "docker" ];
}