{ lib, ... }:
{
  virtualisation.docker = {
    enable = true;
    storageDriver = "overlay2";
    enableOnBoot = false;
    liveRestore = true;
    enableNvidia = lib.mkForce true;
    extraOptions = "--iptables=False";

    daemon.settings = {
      default-runtime = "nvidia";
      experimental = true;
    };

    autoPrune = {
      enable = false;
      dates = "daily";
    };

    rootless = {
      enable = false;
      setSocketVariable = true;

      daemon.settings = {
        default-runtime = "nvidia";
        experimental = true;
      };
    };
  };
}