container: proper rename and option update

container-config.nix

@@ -0,0 +1,77 @@
+{
+  pkgs,
+  inputs,
+  ...
+}: let
+  get-host-ip = "$(ip route | grep default | cut -d' ' -f3)";
+in {
+  boot.isContainer = true;
+
+  environment = {
+    shellInit = "export DISPLAY=${get-host-ip}:0";
+    systemPackages = builtins.concatLists (builtins.attrValues (import ./packages.nix {inherit pkgs inputs;}));
+  };
+
+  networking = {
+    nat = {
+      enable = true;
+      internalInterfaces = ["ve-rednix"];
+      externalInterface = "eth0";
+    };
+    useDHCP = false;
+    hostName = "RedNix";
+    firewall = {
+      enable = true;
+      allowPing = true;
+      allowedTCPPorts = [];
+    };
+  };
+
+  # nix config
+  nix = {
+    package = pkgs.nixUnstable;
+    settings.extra-experimental-features = [
+      "nix-command"
+      "flakes"
+    ];
+  };
+
+  # nixpkgs config
+  nixpkgs.config = {
+    allowUnfree = true;
+    allowInsecurePredicate = p: true;
+  };
+
+  # services
+  services = {
+    getty.autologinUser = "rednix";
+
+    openssh = {
+      enable = true;
+      settings.X11Forwarding = true;
+    };
+
+    avahi = {
+      enable = true;
+      browseDomains = [];
+      wideArea = false;
+      nssmdns = true;
+    };
+
+    unbound = {
+      enable = true;
+      settings.server = {};
+    };
+  };
+
+  system.stateVersion = "23.11";
+
+  # users
+  users.users.rednix = {
+    isNormalUser = true;
+    uid = 1000;
+    description = "RedNix container user";
+    password = "rednix";
+    extraGroups = ["wheel"];
+  };
+}

container.nix

@@ -1,87 +1,27 @@
-{
-  config,
-  pkgs,
-  lib,
-  inputs,
-  ...
-}: let
-  get-host-ip = "$(ip route | grep default | cut -d' ' -f3)";
-in {
-  boot = {
-    isContainer = true;
-  };
-
-  environment = {
-    shellInit = "export DISPLAY=${get-host-ip}:0";
-  };
-
-  environment.systemPackages = builtins.concatLists (builtins.attrValues (import ./packages.nix { inherit pkgs inputs; }));
-
-  networking = {
-    nat = {
-      enable = true;
-      internalInterfaces = ["ve-rednix"];
-      externalInterface = "eth0";
-    };
-    useDHCP = false;
-    hostName = "RedNix";
-    firewall = {
-      enable = true;
-      allowPing = true;
-      allowedTCPPorts = [];
+args: {
+  containers.rednix = {
+    privateNetwork = true;
+    hostAddress = "192.168.100.2";
+    localAddress = "192.168.100.11";
+
+    forwardPorts = [
+      {
+        containerPort = 22;
+        hostPort = 2222;
+        protocol = "tcp";
+      }
+      {
+        containerPort = 80;
+        hostPort = 8080;
+        protocol = "tcp";
+      }
+    ];
+
+    bindMounts."/" = {
+      hostPath = "/mnt/rednix";
+      isReadOnly = false;
     };
-  };
 
-    # nix config
-  nix = {
-    package = pkgs.nixUnstable;
-    settings = {
-      extra-experimental-features = [
-        "nix-command"
-        "flakes"
-      ];
-    };
-  };
-
-  # nixpkgs config
-  nixpkgs.config = {
-    allowUnfree = true;
-    allowBroken = true;
-    allowInsecurePredicate = p: true;
-  };
-
-  # services
-  services = {
-    getty.autologinUser = "rednix";
-
-    openssh = {
-      enable = true;
-      forwardX11 = true;
-    };
-
-    avahi = {
-      enable = true;
-      browseDomains = [];
-      wideArea = false;
-      nssmdns = true;
-    };
-
-    unbound = {
-      enable = true;
-      settings.server = {};
-    };
-  };
-
-  # users
-  users = {
-    users = {
-      rednix = {
-        isNormalUser = true;
-        uid = 1000;
-        description = "RedNix container user";
-        password = "rednix";
-        extraGroups = ["wheel"];
-      };
-    };
+    config = import ./container-config.nix args;
   };
 }

flake.nix

@@ -49,8 +49,8 @@
     nixosConfigurations = genSystems (system:
       nixpkgs.lib.nixosSystem {
         inherit system;
-        specialArgs = { inherit inputs; };
-        modules = [./container.nix];
+        specialArgs = {inherit inputs;};
+        modules = [./container-config.nix];
       });
 
     # import into your config for declarative containers