diff --git a/hosts/server7/containers/adc/default.nix b/hosts/server7/containers/adc/default.nix
index 110f4647..84fde2f6 100644
--- a/hosts/server7/containers/adc/default.nix
+++ b/hosts/server7/containers/adc/default.nix
@@ -1,25 +1,25 @@
-{ config, pkgs, lib, ... }:
+name:
 
-{
-  imports = [
-    ../../../../lib/hq.nix
-  ];
+(import ../outer-defaults.nix name) // {
+  config = { config, pkgs, lib, ... }: {
+    imports = [ (../inner-defaults.nix) (../../../../lib/yggdrasil-hq.nix) ];
 
-  services.uhub = {
-    enable = true;
-    enableTLS = false;
-    hubConfig = ''
-      hub_name=c3d2
-      hub_description=<<</>>
-    '';
-    plugins.history.enable = true;
-    plugins.welcome = {
+    services.uhub = {
       enable = true;
-      motd = config.users.motd;
+      enableTLS = false;
+      hubConfig = ''
+        hub_name=c3d2
+        hub_description=<<</>>
+      '';
+      plugins.history.enable = true;
+      plugins.welcome = {
+        enable = true;
+        motd = config.users.motd;
+      };
     };
+
+    networking.firewall.allowedTCPPorts = [ config.services.uhub.port ];
+    hq.yggdrasil.enable = true;
   };
 
-  networking.firewall.allowedTCPPorts = [ config.services.uhub.port ];
-
-  hq.yggdrasil.enable = true;
 }
diff --git a/hosts/server7/containers/default.nix b/hosts/server7/containers/default.nix
index 78efe3c0..f7b77205 100644
--- a/hosts/server7/containers/default.nix
+++ b/hosts/server7/containers/default.nix
@@ -5,31 +5,9 @@ let
 
   containerFunc = name:
     # Generate a container expression from the directory at `name`.
-    with builtins;
-    let
-      hash = hashString "sha256" name;
-      hextet0 = substring 0 4 hash;
-      hextet1 = substring 4 4 hash;
-    in {
+    {
       inherit name;
-      value = {
-        # These are attributes common to each container
-        # from the perspective of the host.
-        autoStart = true;
-        privateNetwork = true;
-        hostBridge = "br0";
-        localAddress6 = "${yggaddr.prefix}:${hextet0}:${hextet1}:c3d2/64";
-        # Generate a deterministic IPv6 address for the container.
-        # This address is accessible within HQ and Yggdrasil but not from ARPANET.
-        config = { ... }: {
-          imports = [ ../../../lib (./. + "/${name}") ];
-          c3d2 = {
-            isInHq = true;
-            mapHqHosts = true;
-            hq.interface = "eth0";
-          };
-        };
-      };
+      value = import (./. + "/${name}") name;
     };
 
   containerDir = builtins.readDir ../containers;
@@ -47,7 +25,7 @@ in {
   lxc.containers = {
     trivial = {
       nixos-config = "/tmp/trivial.nix";
-      lxc = {};
+      lxc = { };
     };
   };
 }
diff --git a/hosts/server7/containers/inner-defaults.nix b/hosts/server7/containers/inner-defaults.nix
new file mode 100644
index 00000000..1f333307
--- /dev/null
+++ b/hosts/server7/containers/inner-defaults.nix
@@ -0,0 +1,8 @@
+{ ... }: {
+  imports = [ ../../../lib ];
+  c3d2 = {
+    isInHq = true;
+    mapHqHosts = true;
+    hq.interface = "eth0";
+  };
+}
diff --git a/hosts/server7/containers/outer-defaults.nix b/hosts/server7/containers/outer-defaults.nix
new file mode 100644
index 00000000..c5a4a9a5
--- /dev/null
+++ b/hosts/server7/containers/outer-defaults.nix
@@ -0,0 +1,18 @@
+name:
+
+let yggaddr = import ../yggaddr.nix;
+in {
+  # These the container defaults from the perspective of the host.
+
+  autoStart = true;
+  privateNetwork = true;
+  hostBridge = "br0";
+
+  localAddress6 = with builtins; let
+    hash = hashString "sha256" name;
+    hextet0 = substring 0 4 hash;
+    hextet1 = substring 4 4 hash;
+  in "${yggaddr.prefix}:${hextet0}:${hextet1}:c3d2/64";
+  # Generate a deterministic IPv6 address for the container.
+  # This address is accessible within HQ and Yggdrasil but not from ARPANET.
+}