{ config, lib, pkgs, ... }: {
    
    options.sysconfig.opts.virtualization.sandbox.enable = lib.mkOption {
        type = lib.types.bool;
        default = false;
    };

    config = lib.mkIf config.sysconfig.opts.virtualization.sandbox.enable {

        containers.sandbox = {

            autoStart = true;
            privateNetwork = true;
            hostAddress = "192.168.100.10";
            localAddress = "192.168.100.31";

            flake = "git+https://gitea.blunkall.us/Blunkall-Technologies/Olympus#sandbox-nathan";

            bindMounts = {
                "/dev/nvidia0" = {
                    hostPath = "/dev/nvidia0";
                    isReadOnly = false;
                };
                "/dev/nvidiactl" = {
                    hostPath = "/dev/nvidiactl";
                    isReadOnly = false;
                };
                "/dev/nvidia-uvm" = {
                    hostPath = "/dev/nvidia-uvm";
                    isReadOnly = false;
                };
                "/dev/nvidia-modeset" = {
                    hostPath = "/dev/nvidia-modeset";
                    isReadOnly = false;
                };
                "/dev/nvidia-uvm-tools" = {
                    hostPath = "/dev/nvidia-uvm-tools";
                    isReadOnly = false;
                };
            };

            allowedDevices = [
                {
                    node = "/dev/nvidia0";
                    modifier = "rw";
                }
                {
                    node = "/dev/nvidiactl";
                    modifier = "rw";
                }
                {
                    node = "/dev/nvidia-uvm";
                    modifier = "rw";
                }
                {
                    node = "/dev/nvidia-modeset";
                    modifier = "rw";
                }
                {
                    node = "/dev/nvidia-uvm-tools";
                    modifier = "rw";
                }
            ];


        };
    };
}