{
  user ? throw "user argument is required",
  home ? throw "home argument is required",
  rootless ? true,
}:
{
  config,
  lib,
  pkgs,
  ...
}:
lib.mkMerge [
  {
    virtualisation.docker.rootless = {
      enable = rootless;
      setSocketVariable = true;
      enableOnBoot = false;
      storageDriver = "btrfs";

      daemon.settings = {
        experimental = true;
        ipv6 = true;
        fixed-cidr-v6 = "fd00::/80";
      };

      autoPrune = {
        enable = true;
        flags = [ "--all" ];
      };
    };

    home-manager.users.${user} = {
      home = {
        packages = with pkgs; [ docker-compose ];
        sessionVariables.DOCKER_CONFIG = "${home}/.config/docker";
      };
    };
  }
  (lib.mkIf rootless {
    environment.persistence."/persist/state"."${home}/.local/share/docker" = { };

    systemd.user = {
      services.docker.after = [
        config.environment.persistence."/persist/state"."${home}/.local/share/docker".mount
      ];
      sockets.docker.after = [
        config.environment.persistence."/persist/state"."${home}/.local/share/docker".mount
      ];
    };
  })
  (lib.mkIf (!rootless) { users.users.${user}.extraGroups = [ "docker" ]; })
]