main
 1{
 2  flake.modules.nixos."services/podman" = {config, ...}: {
 3    virtualisation.podman = {
 4      enable = true;
 5      dockerCompat = true;
 6      dockerSocket.enable = true;
 7      autoPrune.enable = true;
 8    };
 9
10    # Enable container name DNS for all Podman networks.
11    networking.firewall.interfaces = let
12      matchAll =
13        if !config.networking.nftables.enable
14        then "podman+"
15        else "podman*";
16    in {
17      "${matchAll}".allowedUDPPorts = [53];
18    };
19
20    virtualisation.oci-containers.backend = "podman";
21  };
22}