main
1{
2 pkgs,
3 ...
4}:
5{
6 networking.firewall.checkReversePath = false;
7 virtualisation.podman = {
8 enable = true;
9 extraPackages = with pkgs; [
10 virtiofsd
11 ];
12 };
13 environment.systemPackages = with pkgs; [ ];
14 virtualisation.containers = {
15 enable = true;
16 registries = {
17 search = [
18 "registry.fedoraproject.org"
19 "registry.access.redhat.com"
20 "registry.centos.org"
21 "docker.io"
22 "quay.io"
23 ];
24 };
25 policy = {
26 default = [ { type = "insecureAcceptAnything"; } ];
27 transports = {
28 docker-daemon = {
29 "" = [ { type = "insecureAcceptAnything"; } ];
30 };
31 };
32 };
33 containersConf.settings = {
34 network = {
35 default_subnet_pools = [
36 # See https://github.com/kubernetes-sigs/kind/issues/2872 for this
37 {
38 "base" = "11.0.0.0/24";
39 "size" = 24;
40 }
41 {
42 "base" = "192.168.129.0/24";
43 "size" = 24;
44 }
45 {
46 "base" = "192.168.130.0/24";
47 "size" = 24;
48 }
49 {
50 "base" = "192.168.131.0/24";
51 "size" = 24;
52 }
53 {
54 "base" = "192.168.132.0/24";
55 "size" = 24;
56 }
57 ];
58 };
59 };
60 };
61}