Podman
virtualisation.podman.autoPrune.dates
Specification (in the format described by
{manpage}systemd.time(7)) of the time at
which the prune will occur.
Type: string
Default
"weekly"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/default.nix
virtualisation.podman.autoPrune.enable
Whether to periodically prune Podman resources. If enabled, a
systemd timer will run podman system prune -f
as specified by the dates option.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/default.nix
virtualisation.podman.autoPrune.flags
Any additional flags passed to {command}podman system prune.
Type: list of string
Default
[ ]
Example
["--all"]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/default.nix
virtualisation.podman.defaultNetwork.settings
Settings for podman's default network.
Type: JSON value
Default
{ }
Example
{ dns_enabled = true; }
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/default.nix
virtualisation.podman.dockerCompat
Create an alias mapping {command}docker to {command}podman.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/default.nix
virtualisation.podman.dockerSocket.enable
Make the Podman socket available in place of the Docker socket, so Docker tools can find the Podman socket.
Podman implements the Docker API.
Users must be in the podman group in order to connect. As
with Docker, members of this group can gain root access.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/default.nix
virtualisation.podman.enable
This option enables Podman, a daemonless container engine for developing, managing, and running OCI Containers on your Linux System.
It is a drop-in replacement for the {command}docker command.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/default.nix
virtualisation.podman.enableNvidia
Deprecated, please use virtualisation.containers.cdi.dynamic.nvidia.enable instead.
Enable use of NVidia GPUs from within podman containers.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/default.nix
virtualisation.podman.extraPackages
Extra packages to be installed in the Podman wrapper.
Type: list of package
Default
[ ]
Example
[pkgs.gvisor]
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/default.nix
virtualisation.podman.networkSocket.enable
Make the Podman and Docker compatibility API available over the network with TLS client certificate authentication.
This allows Docker clients to connect with the equivalents of the Docker
CLI -H and --tls* family of options.
For certificate setup, see https://docs.docker.com/engine/security/protect-access/
This option is independent of .
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/network-socket.nix
virtualisation.podman.networkSocket.listenAddress
Interface address for receiving TLS connections.
Type: string
Default
"0.0.0.0"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/network-socket.nix
virtualisation.podman.networkSocket.openFirewall
Whether to open the port in the firewall.
Type: boolean
Default
false
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/network-socket.nix
virtualisation.podman.networkSocket.port
TCP port number for receiving TLS connections.
Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)
Default
2376
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/network-socket.nix
virtualisation.podman.networkSocket.server
Choice of TLS proxy server.
Type: value "ghostunnel" (singular enum)
Example
"ghostunnel"
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/network-socket-ghostunnel.nix
virtualisation.podman.networkSocket.tls.cacert
Path to CA certificate to use for client authentication.
Type: path
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/network-socket.nix
virtualisation.podman.networkSocket.tls.cert
Path to certificate describing the server.
Type: path
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/network-socket.nix
virtualisation.podman.networkSocket.tls.key
Path to the private key corresponding to the server certificate.
Use a string for this setting. Otherwise it will be copied to the Nix store first, where it is readable by any system process.
Type: path
Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/virtualisation/podman/network-socket.nix