someday this will get merged: oci-containers support rootless podman
until then I don’t want to use home-manager to setup podman via systemd on nix: GitHub - SEIAROTg/quadlet-nix: Manages Podman containers and networks on NixOS via Quadlet.
so I’m stuck following this:
BUT on xfs filesystems… theres some bug with how podman interacts with tmpfs file systems see github: , which causes this error to print for rootless podman containers between boots:
[owncloud@HOSTNAME:~]$ podman ps
Error: current system boot ID differs from cached boot ID; an unhandled reboot has occurred. Please delete directories "/tmp/containers-user-1002/containers" and "/tmp/podman-run-1002/libpod/tmp" and re-run Podman
why this happens I don’t know… so I’ve had to set the following settings into /etc/tmpfiles.d/podman.conf:
R! /tmp/storage-run-*/containers/
R! /tmp/storage-run-*/libpod/tmp/
so heres the configuration bit I added to fix this via my global nix configuration… yes I need to move to flakes at some point:
#fix tmpfiles bug /tmp/containers-user-1002/containers" and "/tmp/podman-run-1002/libpod/tmp"
environment.etc."tmpfiles.d/podman.conf".text = ''
# /tmp/podman-run-* directory can contain content for Podman containers that have run
# for many days. This following line prevents systemd from removing this content.
x /tmp/podman-run-*
# comment # x /tmp/storage-run-*
# comment # x /tmp/containers-user-*
x /tmp/run-*/libpod
D! /var/lib/containers/storage/tmp 0700 root root
D! /var/lib/cni/networks
# Remove /var/tmp/container_images* podman temporary directories on each
# boot which are created when pulling or saving images.
R! /var/tmp/container_images*
#remove storage-run to fix podman bug: https://github.com/containers/podman/discussions/23193#discussioncomment-11523712
R! /tmp/storage-run-*/containers/
R! /tmp/storage-run-*/libpod/tmp/
R! /tmp/containers-user-*/containers
R! /tmp/podman-run-*/libpod/tmp
'';
thank you chatgpt for saving me hours of trying to figure out how to do this in nix
so I’m writing this post to help others, my future self, but also ask, whats the proper nix way to do this? I’m still not sure how that podman.conf file is generated because I don’t see it in its nixpkgs file?
thanks for your consideration to whoever reads this