begin great docker migration

system/virtualization/docker/netbird/default.nix

@@ -0,0 +1,36 @@
+{ config, lib, pkgs, ... }: let
+
+    hostPort = 9006;
+
+    subdomain = "vpn";
+
+    name = "netbird";
+
+in {
+
+    options.sysconfig.docker.netbird.enable = with lib; mkOption {
+        type = with types; bool;
+        default = false;
+    };
+
+    config = lib.mkIf (config.sysconfig.docker.netbird.enable && config.sysconfig.docker.enable) {
+ 
+        networking.firewall.interfaces = {
+            "ve-traefik" = {
+                allowedTCPPorts = [ hostPort ];
+            };
+        };
+
+        sops.secrets = {
+            "netbird/pass" = {};
+            "netbird/secret_key" = {};
+        };
+
+        sops.templates."netbird.env" = {
+            content = ''
+                PG_PASS=${config.sops.placeholder."netbird/pass"}
+                SECRET_KEY=${config.sops.placeholder."netbird/secret_key"}
+            '';
+        };
+    };
+}