chore: podman for binex

hosts/desktopnix/default.nix

@@ -42,6 +42,10 @@
     layout = "de";
     xkbVariant = "bone";
   };
+  virtualisation.podman = {
+    enable = false;
+    dockerCompat = true;
+  };
 
   system.activationScripts.decryptKey.text = ''
     ln -f -s ${../../keys/PatC.key} /run/decrypt.key.pub

modules/config/users.nix

@@ -17,6 +17,7 @@
     msr = uidGid 208;
     avahi = uidGid 209;
     fwupd-refresh = uidGid 210;
+    podman = uidGid 211;
     systemd-oom = uidGid 300;
     systemd-coredump = uidGid 301;
   };

users/patrick/default.nix

@@ -23,6 +23,18 @@ lib.optionalAttrs (!minimal) {
     group = "patrick";
     hashedPassword = config.secrets.secrets.global.users.patrick.passwordHash;
     autoSubUidGidRange = false;
+    subUidRanges = [
+      {
+        count = 65534;
+        startUid = 100001;
+      }
+    ];
+    subGidRanges = [
+      {
+        count = 65534;
+        startGid = 100001;
+      }
+    ];
   };
   users.groups.patrick.gid = config.users.users.patrick.uid;