{
  config,
  lib,
  pkgs,
  ...
}:

{
  imports = [ ];

  options.me = {
    docker.enable = lib.mkOption {
      type = lib.types.bool;
      default = false;
      example = true;
      description = "Whether we want to install docker.";
    };
  };

  config = lib.mkIf config.me.docker.enable (
    lib.mkMerge [
      {
        virtualisation.docker.enable = true;
        # Use docker activation
        virtualisation.docker.enableOnBoot = false;
        # Rootless docker breaks access to ssh for buildkit.
        # virtualisation.docker.rootless = {
        #   enable = true;
        #   setSocketVariable = true;
        # };
        # Give docker access to ssh for fetching repos with buildkit.
        virtualisation.docker.extraPackages = [ pkgs.openssh ];
        environment.systemPackages = with pkgs; [
          docker-buildx
        ];

        environment.persistence."/state" = lib.mkIf (!config.me.buildingIso) {
          hideMounts = true;
          directories = [
            {
              directory = "/var/lib/docker";
              user = "root";
              group = "root";
              mode = "0740";
            }
          ];
          # users.talexander = {
          #   directories = [
          #     {
          #       directory = ".local/share/docker";
          #       user = "talexander";
          #       group = "talexander";
          #       mode = "0740";
          #     }
          #   ];
          # };
        };

        # Needed for non-rootless docker
        users.users.talexander.extraGroups = [ "docker" ];
      }
    ]
  );
}