Are you still using the -c security.nesting=true flag when creating the container?
Maybe that config to add, referenced here: Howto setup LXD on NixOS with NixOS guest using unmanaged bridge network interface
# `boot.isContainer` implies NIX_REMOTE = "daemon"
# (with the comment "Use the host's nix-daemon")
# We don't want to use the host's nix-daemon.
environment.variables.NIX_REMOTE = lib.mkForce "";