Note: There is an open pull request for a podman module that will make all of this easier.

First you install all the software the normal way: 

1
2
3
4
5
6
7

environment.systemPackages = with pkgs; [
  podman
  runc
  skopeo
  conmon
  slirp4netns
];

But there is some additional configuration you need to do. You need to give the user you want to run podman on additional uids and gids so that they be used as virtual uids and gids in the containers: 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

{config, pkgs, ...}:
{
  users.extraUsers.beb = {
    # These are needed for podman to run
    subUidRanges = [
      { count = 65534; startUid = 100001; }
    ];
    subGidRanges = [
      { count = 65534; startGid = 100001; }
    ];
  };
}

Also you need to configure registries to pull from. I used home-manager for creating the needed files on a user level. You can also use your system configuration to set these system wide. In that case place the files in /etc/containers. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

home.file."registries.conf" = {
  target = ".config/containers/registries.conf";
  text = ''
    [registries.search]
    registries = ['docker.io', 'registry.gitlab.com']
  '';
};

home.file."policy.json" = {
  target = ".config/containers/policy.json";
  text = ''
    {
        "default": [
            {
                "type": "insecureAcceptAnything"
            }
        ],
        "transports":
            {
                "docker-daemon":
                    {
                        "": [{"type":"insecureAcceptAnything"}]
                    }
            }
    }
  '';
};

That should be it. E-mail me if you have questions.