{ lib, config, ... }: with lib; let
	cfg = config.container;
in {
	options = {
		container = {
			enable = mkEnableOption "Containers!!";

			autoStart = mkOption {
				default = false;
				type    = types.bool;
			};

			host = mkOption {
				default = "0.0.0.0";
				type    = types.str;
			};

			localAccess = mkOption {
				default = "0.0.0.0";
				type    = types.str;
			};

			storage = mkOption {
				default = "/tmp/container";
				type    = types.str;
			};

			domain = mkOption {
				default = "local";
				type    = types.str;
			};

			interface = mkOption {
				default = "lo";
				type    = types.str;
			};

			media = mkOption {
				default = {};
				type    = types.attrs;
			};
		};
	};

	config = mkIf cfg.enable {
		# This is the network for all the containers.
		# They are not available to the external interface by default,
		# instead they all expose specific ports in their configuration.
		networking = {
			nat = {
				enable = true;
				internalInterfaces = [ "ve-+" ];
				externalInterface = config.container.interface;
			};
			networkmanager.unmanaged = [ "interface-name:ve-*" ];
		};
	};
}