From 5e422d05c934c009a9570ed6b770734818cf8af0 Mon Sep 17 00:00:00 2001 From: Christoph Urlacher Date: Sun, 18 Jan 2026 01:19:04 +0100 Subject: [PATCH] System/Nixinator: Disable rootless docker --- system/default.nix | 9 +++------ system/modules/docker/default.nix | 5 +++++ system/modules/impermanence/default.nix | 2 +- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/system/default.nix b/system/default.nix index 20a7caf4..fcd951c7 100644 --- a/system/default.nix +++ b/system/default.nix @@ -46,12 +46,9 @@ with mylib.networking; { docker = { enable = true; - - # Use podman on the desktops, the servers are - # already configured using docker though... - # TODO: Use podman on the servers - podman = !headless; - docker.rootless = true; + podman = false; + docker.rootless = false; + docker.buildkit = true; }; fonts = { diff --git a/system/modules/docker/default.nix b/system/modules/docker/default.nix index 269d00b0..0806ae21 100644 --- a/system/modules/docker/default.nix +++ b/system/modules/docker/default.nix @@ -18,6 +18,10 @@ in { networking.firewall.trustedInterfaces = ["docker0" "podman0"]; + # Needed for default bridge network to automatically work + # boot.kernel.sysctl."net.ipv4.ip_forward" = 1; + # boot.kernel.sysctl."net.ipv6.ip_forward" = 1; + virtualisation = { docker = { enable = !docker.podman; @@ -25,6 +29,7 @@ in { extraPackages = with pkgs; [docker-compose]; + # TODO: Rootless docker has no internet? rootless = { enable = docker.docker.rootless; setSocketVariable = true; diff --git a/system/modules/impermanence/default.nix b/system/modules/impermanence/default.nix index 58f94f2f..438d9dce 100644 --- a/system/modules/impermanence/default.nix +++ b/system/modules/impermanence/default.nix @@ -162,7 +162,7 @@ in { (mkUDir ".config/Zeal" m755) # Share - (mkUDir ".local/share/containers" m755) + # (mkUDir ".local/share/containers" m755) # Rootless docker (mkUDir ".local/share/direnv" m755) (mkUDir ".local/share/docker" m755) (mkUDir ".local/share/fish" m755)