{ pkgs, lib, ... }:
let
  port = 2375;
in
{
  environment.systemPackages = with pkgs; [
    docker-credential-helpers
  ];

  virtualisation.oci-containers.backend = "docker";

  virtualisation.docker = {
    enable = lib.mkDefault true;
    storageDriver = lib.mkDefault "btrfs";
    extraOptions = lib.mkDefault "";
    extraPackages = with pkgs; [
      docker-credential-helpers
      docker-buildx
    ];
    daemon.settings = {
      "registry-mirrors" = [
        "https://mirror.gcr.io"
        "https://daocloud.io"
        "https://c.163.com"
        "https://registry.docker-cn.com"
      ];
      "dns" = [
        "192.168.1.1"
        "8.8.8.8"
        "10.100.10.100"
      ];
    };
  };

  systemd.sockets.docker.listenStreams = [
    ("0.0.0.0:" + builtins.toString (port))
  ];

  networking.firewall.allowedTCPPorts = [
    port
  ];

}