{ pkgs, ... }: {
  # Need to increase this because the number of 
  # containers I have drive the defaults over the max
  boot.kernel.sysctl = { 
    "fs.inotify.max_user_watches" = 10485760;
    "fs.inotify.max_user_instances" = 1024;
  };

  # Allow Podman containers to access Tailscale network
  networking.firewall = {
    trustedInterfaces = [ "tailscale0" ];
    allowedUDPPorts = [ 41641 ]; # Tailscale port
  };

  virtualisation.podman = {
    enable = true;
    dockerSocket.enable = true;
    dockerCompat = true;
    autoPrune = {
      enable = true;
      dates = "weekly";
      flags = [ "--all" ];
    };
    defaultNetwork.settings = {
      dns_enabled = true;
    };
  };

  environment.systemPackages = with pkgs; [ 
    podman-compose 
    podman-tui
  ]; 

  # Add the docker telegraf listener
  services.telegraf.extraConfig.inputs.docker = {
    endpoint = "unix://run/podman/podman.sock";
  };
  users.users.telegraf.extraGroups = [ "podman" ];
}