diff --git a/hosts/desktop1/configuration.nix b/hosts/desktop1/configuration.nix
index 84b3bab..8124129 100644
--- a/hosts/desktop1/configuration.nix
+++ b/hosts/desktop1/configuration.nix
@@ -20,6 +20,21 @@
     hyprland.enable = true;
     kde.enable = true;
     docker.enable = true;
+    containers = { 
+      nixos = {
+      };
+      docker = {
+        cyberchef = {
+          enable = true;
+          port = 6900;
+        };
+      };
+      networking = {
+        bridge = "br0";
+        dns = [ "192.168.1.202" ];
+        gateway = "192.168.1.254";
+      };
+    };
   };
 
   home-manager = {
diff --git a/hosts/server1/configuration.nix b/hosts/server1/configuration.nix
index 92cbee9..8eb521d 100644
--- a/hosts/server1/configuration.nix
+++ b/hosts/server1/configuration.nix
@@ -15,16 +15,29 @@
 
   smayzy = {
     server.enable = true;
-    containers.nixos= {
-      httpd = {
-        enable = true;
+    containers = {
+      networking = {
         bridge = "br0";
-        ip = "192.168.1.201/24";
+        dns = [ "192.168.1.202" ];
+        gateway = "192.168.1.254";
       };
-      unbound = {
-        enable = true;
-        bridge = "br0";
-        ip = "192.168.1.202/24";
+      nixos = {
+        httpd = {
+          enable = true;
+          bridge = "br0";
+          ip = "192.168.1.201/24";
+        };
+        unbound = {
+          enable = true;
+          bridge = "br0";
+          ip = "192.168.1.202/24";
+        };
+      };
+      docker = {
+        cyberchef = {
+          enable = true;
+          port = 6900;
+        };
       };
     };
   };
diff --git a/modules/nix/containers/default.nix b/modules/nix/containers/default.nix
index 32562bd..456e8fb 100644
--- a/modules/nix/containers/default.nix
+++ b/modules/nix/containers/default.nix
@@ -2,6 +2,8 @@
 {
   imports = [
     ./nixos
+    ./nixos.nix
+    ./docker
     ./docker.nix
   ];
 }
diff --git a/modules/nix/containers/docker/cyberchef.nix b/modules/nix/containers/docker/cyberchef.nix
new file mode 100644
index 0000000..d0c8849
--- /dev/null
+++ b/modules/nix/containers/docker/cyberchef.nix
@@ -0,0 +1,27 @@
+{ lib, config, ... }:
+let
+  inherit (lib) mkIf mkOption types;
+  cfg = config.smayzy.containers.docker.cyberchef;
+in
+{
+  options.smayzy.containers.docker.cyberchef = {
+    enable = mkOption {
+      type = types.bool;
+      default = false;
+      description = "cyberchef docker ct";
+    };
+    port = mkOption {
+      type = types.int;
+      default = 80;
+      description = "cyberchef's port";
+    };
+  };
+  config = mkIf cfg.enable {
+    virtualisation.oci-containers.containers = {
+      cyberchef = {
+        image = "ghcr.io/gchq/cyberchef";
+        ports = [ "${toString cfg.port}:80" ];
+      };
+    };
+  };
+}
diff --git a/modules/nix/containers/docker/default.nix b/modules/nix/containers/docker/default.nix
new file mode 100644
index 0000000..508c6da
--- /dev/null
+++ b/modules/nix/containers/docker/default.nix
@@ -0,0 +1,6 @@
+{ ... }:
+{
+  imports = [
+    ./cyberchef.nix
+  ];
+}
diff --git a/modules/nix/containers/nixos.nix b/modules/nix/containers/nixos.nix
new file mode 100644
index 0000000..61b203c
--- /dev/null
+++ b/modules/nix/containers/nixos.nix
@@ -0,0 +1,23 @@
+{
+  lib,
+  ...
+}:
+let
+  inherit (lib) mkOption types;
+in
+{
+  options.smayzy.containers.networking = {
+    bridge = mkOption {
+      type = types.str;
+      description = "the bridge to use e.g. (br0)";
+    };
+    dns = mkOption {
+      type = types.listOf types.str;
+      description = "the dns servers to use e.g. [ 1.1.1.1 8.8.8.8 ]";
+    };
+    gateway = mkOption {
+      type = types.str;
+      description = "the gateway to use e.g. (10.10.10.255)";
+    };
+  };
+}
diff --git a/modules/nix/containers/nixos/httpd.nix b/modules/nix/containers/nixos/httpd.nix
index cf50bee..2f40075 100644
--- a/modules/nix/containers/nixos/httpd.nix
+++ b/modules/nix/containers/nixos/httpd.nix
@@ -2,6 +2,7 @@
 let
   inherit (lib) mkIf mkOption types;
   cfg = config.smayzy.containers.nixos.httpd;
+  net = config.smayzy.containers.networking;
 in
 {
   options.smayzy.containers.nixos.httpd = {
@@ -32,6 +33,8 @@ in
         services.httpd = {
           enable = true;
         };
+        networking.defaultGateway = net.gateway;
+        networking.nameservers = net.dns;
         networking.firewall.allowedTCPPorts = [ 80 ];
       };
     };
diff --git a/modules/nix/containers/nixos/unbound.nix b/modules/nix/containers/nixos/unbound.nix
index e0a94fa..3040ff2 100644
--- a/modules/nix/containers/nixos/unbound.nix
+++ b/modules/nix/containers/nixos/unbound.nix
@@ -2,6 +2,7 @@
 let
   inherit (lib) mkIf mkOption types;
   cfg = config.smayzy.containers.nixos.unbound;
+  net = config.smayzy.containers.networking;
 in
 {
   options.smayzy.containers.nixos.unbound = {
@@ -61,6 +62,8 @@ in
             };
           };
         };
+        networking.defaultGateway = net.gateway;
+        networking.nameservers = net.dns;
         networking.firewall.allowedTCPPorts = [ 53 ];
         networking.firewall.allowedUDPPorts = [ 53 ];
       };