Olympus/system/services/docker/default.nix

{ config, lib, pkgs, ... }: {

    options.sysconfig.docker = {
        enable = with lib; mkOption {
            type = with types; bool;
            default = false;
        };

        nvidia = with lib; mkOption {
            type = with types; bool;
            default = false;
        };
    };

    imports = let 
        dir = builtins.readDir ./.;
    in builtins.map (x: ./${x}) (builtins.filter 
        (file: (dir.${file} == "directory"))
        (builtins.attrNames dir)
    );

    config = lib.mkIf config.sysconfig.docker.enable {

        networking.nat.internalInterfaces = [ "docker0" "docker-main" ];

        virtualisation = {
            docker = {
                enable = true;
                storageDriver = "btrfs";
            };

            oci-containers = {
                backend = "docker";
            };
        };

        hardware.nvidia-container-toolkit.enable = config.sysconfig.docker.nvidia;

        system.activationScripts.setupDockerNet = ''
            ${pkgs.docker}/bin/docker network ls | grep docker-main ||
            ${pkgs.docker}/bin/docker network create -d bridge docker-main \
            --attachable --subnet 192.168.101.0/24 --ip-range 192.168.101.0/24 \
            --gateway 192.168.101.1 \
            -o "com.docker.network.bridge.name"="docker-main" \
            -o "com.docker.network.bridge.trusted_host_interfaces"="wt0:ve-netbird:ve-traefik"
        '';
    };
}