{config, pkgs, ...}:
{
  virtualisation.oci-containers.containers.transmission-openvpn = {
    image = "haugene/transmission-openvpn:latest";
    
    ports = [
      "9091:9091"
    ];
    
    volumes = [
      "/home/autumn/transtun/holding-cell:/data"
      "/home/autumn/transtun/mullvad_userpass.txt:/config/openvpn-credentials.txt"
      "/home/autumn/transtun/notify-download.sh:/etc/transmission/notify-download.sh:ro"
    ];
    
    environment = {
      OPENVPN_PROVIDER = "MULLVAD";
      OPENVPN_USERNAME = "9413153196446212";
      OPENVPN_CONFIG = "ca_van";
      LOCAL_NETWORK = "10.0.0.0/16";
      OPENVPN_OPTS = "--dev tun0";
      TRANSMISSION_RPC_BIND_ADDRESS = "0.0.0.0";
      TRANSMISSION_RPC_WHITELIST = "*";
      TRANSMISSION_RPC_WHITELIST_ENABLED = "false";
      TRANSMISSION_SCRIPT_TORRENT_DONE_ENABLED = "true";
      TRANSMISSION_SCRIPT_TORRENT_DONE_FILENAME = "/etc/transmission/notify-download.sh";
    };
    
    extraOptions = [
      "--cap-add=NET_ADMIN"
      "--cap-add=SYS_MODULE"
      "--device=/dev/net/tun:/dev/net/tun"
      "--privileged"
    ];
    
    autoStart = true;
  };

  # Firefox browser container (working version without VPN)
  virtualisation.oci-containers.containers.torrent-browser = {
    image = "jlesage/firefox:latest";
    
    ports = [
      "8080:5800"  # Firefox web interface
    ];
    
    environment = {
      DISPLAY = ":0";
      APP_NAME = "Torrent Browser";
      APP_ICON = "https://raw.githubusercontent.com/jlesage/docker-templates/master/jlesage/images/firefox-icon.png";
    };
    
    autoStart = true;
  };
}