{ ... }:
{
    containers.jellyfin = {
        config = { pkgs, ... }: {
            system.stateVersion = "25.05";

            services.jellyfin = {
                enable = true;
                package = pkgs.jellyfin;
            };

            # Firewall on the host system is enough + this firewall seems to break networking
            networking.firewall.enable = false;
            networking.resolvconf.enable = false;
        };
        autoStart = true;

        bindMounts = {
            "/var/lib/jellyfin/libraries" = {
                hostPath = "/mnt/hdd/jellyfin";
                isReadOnly = false;
            };
        };
    };

    networking = {
        firewall.trustedInterfaces = [ "ve-jellyfin" ];
        nat.internalInterfaces = [ "ve-jellyfin" ];
        networkmanager.unmanaged = [ "interface-name:ve-jellyfin" ];
    };
}