Virtualisation

Updated: May 23, 2026

Settings for different virtualization programs.

Docker, Podman, Linux Containers, etc.

Table of Contents

Emulating Systems

emulatedSystems adds QEMU interpreters with the kernel
add if needing to build packages for different architecture
used for code generators
inside current machine/kernel

boot.binfmt.emulatedSystems = [ "aarch64-linux" ];

For building entire systems to run as a vm or build for other systems
Isolated build environment
Remote style builder

# For the builder machine (lets call it blackout)
nix.linux-builder = {
  enable = true;
  ephemeral = false;
  workingDirectory = "/var/lib/linux-builder";
  systems = [ "aarch64-linux" ];
  protocol = "ssh-ng";
  config = {
    virtualisation.cores = 8;
    memorySize = 8192;
  };
  supportedFeatures = [
    "benchmark"
    "big-parallel"
  ];
};

We can then check after a rebuild & reboot:

nix config show | rg builders

Should see result something like:

builders = @/etc/nix/machines
builders-use-substitutes = true

# check builder derivation just for fun
nix derivation show .#darwinConfigurations.blackout.system

For remote machine to use the builder (blackout)

nix = {
  distributedBuilds = true;
  buildMachines = [
    {
      hostName = "blackout";
      systems = [ "aarch64-linux" ];
      protocol = "ssh-ng";
      maxJobs = 4;
      supportedFeatures = [ "benchmark" "big-parallel" ];
      }
  ];
};

Build diagnostics to do when using remote builder:

# enable builder diagnostics
nix build ... -L --print-build-logs

# watch scheduling decisions
NIX_DEBUG=1 nix build ...

Docker

Add docker compose to systemPackages to install

virtulisation.docker.enable = true;
users.groups.docker.memebers = [ "megacron" ];
users.users.megacron..extraGroups = [ ... ... "docker" ];

Linux Containers

Podman

add podman as an enable option feature

{
  config,
  lib,
  pkgs,
  ...
}:
with lib;
let
  cfg = config.services.podman;
in
{
  options.services.podman.enable = mkEnableOption "enable podman";

  config = mkIf cfg.enable {
    virtualisation = {
      podman = {
        enable = true;
        dockerCompat = true;
        autoPrune = {
          enable = true;
          dates = "weekly";
          flags = [
            "--filter=until=24h"
            "--filter=label!=important"
          ];
        };
        defaultNetwork.settings.dns_enabled = true;
      };
    };
    environment.systemPackages = with pkgs; [
      podman-compose
    ];
  };
}