weasel: create user folders in /var/lib/podman-users

/home is a nfs mount, which does not support extra filesystem arguments needed to run podman. We need to have a local home.
weasel: add podman
2025-08-28 11:33:38 +02:00 · 2025-08-28 10:58:53 +02:00
2 changed files with 41 additions and 0 deletions
--- a/m/weasel/configuration.nix
+++ b/m/weasel/configuration.nix
@@ -3,6 +3,7 @@
 {
  imports = [
    ../common/ssf.nix
+    ./virtualization.nix
  ];

  # Select this using the ID to avoid mismatches
--- a/m/weasel/virtualization.nix
+++ b/m/weasel/virtualization.nix
@@ -0,0 +1,40 @@
+{
+  lib,
+  pkgs,
+  config,
+  ...
+}:
+
+{
+  # Enable common container config files in /etc/containers
+  virtualisation.containers.enable = true;
+  virtualisation = {
+    podman = {
+      enable = true;
+
+      # Required for containers under podman-compose to be able to talk to each other.
+      defaultNetwork.settings.dns_enabled = true;
+    };
+  };
+
+  # We cannot use /home since nfs does not support fileattrs needed by podman
+  systemd.tmpfiles.settings = {
+    "podman-users" = lib.mapAttrs' (
+      name: value:
+      lib.nameValuePair ("/var/lib/podman-users/" + name) {
+        d = {
+          group = value.group;
+          mode = value.homeMode;
+          user = name;
+        };
+      }
+    ) (lib.filterAttrs (_: x: x.isNormalUser) config.users.users);
+  };
+
+  # Useful other development tools
+  environment.systemPackages = with pkgs; [
+    dive # look into docker image layers
+    podman-tui # status of containers in the terminal
+    podman-compose # start group of containers for dev
+  ];
+}
Author	SHA1	Message	Date
Aleix Boné	c81d93dda2	weasel: create user folders in /var/lib/podman-users /home is a nfs mount, which does not support extra filesystem arguments needed to run podman. We need to have a local home.	2025-08-28 11:33:38 +02:00
Aleix Boné	365c508bd9	weasel: add podman	2025-08-28 10:58:53 +02:00