I am using podman containers on nixos to self-host several applications for a few years now with few troubles.
However a few days ago the setup stopped working.
Although containers run and their webui is accessible, they can not access any other container using the container name.
Here is my virtualisation nix config:
virtualisation = {
oci-containers.containers = transform cfg;
podman = {
enable = true;
dockerCompat = true;
dockerSocket.enable = true;
defaultNetwork.settings = { dns_enabled = true; };
extraPackages = [pkgs.zfs];
autoPrune.enable = true;
};
};
Here is also the start script of one of the containers:
#!/nix/store/p6k7xp1lsfmbdd731mlglrdj2d66mr82-bash-5.2p37/bin/bash
set -e
exec podman \
run \
--rm \
--name=emqx \
--log-driver=journald \
--cidfile=/run/podman-emqx.ctr-id \
--cgroups=no-conmon \
--sdnotify=conmon \
-d \
--replace \
-e PGID=1000 \
-e PUID=1000 \
-p 1883:1883 \
-v /var/run/docker.sock:/var/run/docker.sock:rw \
-v /volumes/IoT/emqx/:/opt/emqx/data \
-l homepage.group=IoT \
-l homepage.href=https://emqx.xxxx.xxxx \
-l homepage.icon=emqx.png \
-l homepage.name=emqx \
-l io.containers.autoupdate=registry \
-l traefik.enable=true \
-l traefik.http.routers.emqx.rule='Host(`emqx.xxxx.xxxx`)' \
-l traefik.http.routers.emqx.ruleSyntax=v2 \
-l traefik.http.routers.emqx.tls=true \
-l traefik.http.routers.emqx.tls.certresolver=le \
-l traefik.http.services.emqx.loadbalancer.server.port=18083 \
docker.io/emqx/emqx
And here is podman network inspect:
[
{
"name": "podman",
"id": "0000000000000000000000000000000000000000000000000000000000000000",
"driver": "bridge",
"network_interface": "podman0",
"created": "0001-01-01T00:00:00Z",
"subnets": [
{
"subnet": "10.88.0.0/16",
"gateway": "10.88.0.1"
}
],
"ipv6_enabled": false,
"internal": false,
"dns_enabled": true,
"ipam_options": {
"driver": "host-local"
},
"containers": {
"6372a60c718dd3cb973a700ad13376c3d0657391592104fafd0f2947ac63ffd8": {
"name": "homepage",
"interfaces": {
"eth0": {
"subnets": [
{
"ipnet": "10.88.35.72/16",
"gateway": "10.88.0.1"
}
],
"mac_address": "0e:cd:9d:73:af:3b"
}
}
},
"a86b6f8f6ce6de945ca60ad6cc64df065090a9ebed7eb9c187c78ac7e6a468a8": {
"name": "nodered",
"interfaces": {
"eth0": {
"subnets": [
{
"ipnet": "10.88.35.85/16",
"gateway": "10.88.0.1"
}
],
"mac_address": "92:f3:4e:60:d9:79"
}
}
}
}
}
]
At this point all containers begin, but can not reach any other container.
For an examples i have emqx and nodered running, but they no longer see each other.
I have tried various things from other posts, such as disabling firewall for the podman network(podman: container dns not resolving · Issue #226365 · NixOS/nixpkgs · GitHub) but to no avail.
Not sure what else i can try.