nixconf/modules/nixos/containers/default.nix

{ config
, lib
, options
, pkgs
, ...
}:
let
  inherit (lib) types;
  cfg = config.mtxyz.containers;
in
{
  options.mtxyz.podman = {
    enable = lib.mkOption {
      type = types.bool;
      default = false;
    };
  };

  config = lib.mkIf cfg.enable {
    environment.systemPackages = with pkgs; [
      podman-compose
    ];

    virtualisation.podman = {
      enable = true;
      dockerSocket.enable = true;
      dockerCompat = true;
      defaultNetwork.settings = {
        dns_enabled = true;
      };
    };

    systemd.services."user@".serviceConfig = {
      Delegate= "cpu cpuset io memory pids";
    };
  };
}