{ pkgs, ... }: { boot.kernel.sysctl = { "fs.inotify.max_user_watches" = 10485760; "fs.inotify.max_user_instances" = 1024; }; virtualisation.docker = { enable = true; enableOnBoot = true; autoPrune.enable = true; autoPrune.dates = "weekly"; storageDriver = "btrfs"; liveRestore = true; }; environment.systemPackages = with pkgs; [ docker-compose ]; networking.firewall.allowedUDPPorts = [ 3478 # Headscale DERP UDP 10000 # Jitsi ]; networking.firewall.allowedTCPPorts = [ 80 # HTTP 443 # HTTPS 25 # Mail 465 # Mail 587 # Mail 143 # Mail 993 # Mail 4190 # Mail 42420 # Vintage Story 25565 # Minecraft 1443 # Headscale DERP 4443 # Jitsi ]; }