diff --git a/system/profiles/homebox/default.nix b/system/profiles/homebox/default.nix
index 3e82570..4bd6ed4 100644
--- a/system/profiles/homebox/default.nix
+++ b/system/profiles/homebox/default.nix
@@ -76,6 +76,12 @@
                 steam.enable = false;
             };
 
+            docker = {
+                enable = true;
+
+                portainer.enable = true;
+            };
+
             virtualization = {
                 traefik.enable = true;
                 jellyfin.enable = true;
@@ -101,7 +107,7 @@
                 
                 rustdesk.enable = false; #broken
                 
-                pihole.enable = true; #broken
+                pihole.enable = false; #broken
                 
                 code-server.enable = false;
                 
@@ -109,7 +115,7 @@
                 
                 minecraft.enable = true;
 
-                #sandbox.enable = false;
+                sandbox.enable = false;
             };
         };
 
diff --git a/system/services/docker/default.nix b/system/services/docker/default.nix
new file mode 100644
index 0000000..8fcc881
--- /dev/null
+++ b/system/services/docker/default.nix
@@ -0,0 +1,37 @@
+{ config, lib, ... }: {
+
+    options.sysconfig.docker = {
+        enable = with lib; mkOption {
+            type = with types; bool;
+            default = false;
+        };
+
+        nvidia = with lib; mkOption {
+            type = with types; bool;
+            default = false;
+        };
+    };
+
+    imports = let 
+        dir = builtins.readDir ./.;
+    in builtins.map (x: ./${x}) (builtins.filter 
+        (file: (dir.${file} == "directory"))
+        (builtins.attrNames dir)
+    );
+
+    config = lib.mkIf config.sysconfig.docker.enable {
+
+        virtualisation = {
+            docker = {
+                enable = true;
+                storageDriver = "btrfs";
+            };
+
+            oci-containers = {
+                backend = "docker";
+            };
+        };
+
+        hardware.nvidia-container-toolkit.enable = config.sysconfig.docker.nvidia;
+    };
+}
diff --git a/system/services/docker/ollama/default.nix b/system/services/docker/ollama/default.nix
new file mode 100644
index 0000000..c157af7
--- /dev/null
+++ b/system/services/docker/ollama/default.nix
@@ -0,0 +1 @@
+{ ... }: {}
diff --git a/system/services/docker/pihole/default.nix b/system/services/docker/pihole/default.nix
new file mode 100644
index 0000000..c157af7
--- /dev/null
+++ b/system/services/docker/pihole/default.nix
@@ -0,0 +1 @@
+{ ... }: {}
diff --git a/system/services/docker/portainer/default.nix b/system/services/docker/portainer/default.nix
new file mode 100644
index 0000000..4260a0f
--- /dev/null
+++ b/system/services/docker/portainer/default.nix
@@ -0,0 +1,26 @@
+{ config, lib, ... }: lib.mkIf config.sysconfig.services.docker.enable {
+
+    options.sysconfig.docker.portainer.enable = with lib; mkOption {
+        type = with types; bool;
+        default = true;
+    };
+
+    config = lib.mkIf config.sysconfig.docker.portainer.enable {
+
+        virtualisation.oci-containers.contianers.portainer = {
+            image = "portainer/portainer-ce";
+
+            pull = "newer";
+
+            ports = [
+                "127.0.0.1:8000:8000"
+                "127.0.0.1:9000:9000"
+            ];
+
+            volumes = [
+                "vol_portainer:/data"
+                "/run/docker.sock:/var/run/docker.sock"
+            ];
+        };
+    };
+}