feat(nix): unify rootless podman across host and VM

Move the podman stack (podman, crun, conmon, netavark, aardvark-dns,
slirp4netns, passt, podman-compose, podman-docker) from a vm-only block
into common.nix so the Arch host and the Ubuntu remote-dev VM run the
same nix-pinned versions. This drops podman-compose + podman-docker
from pacman as well — they were the only podman-stack pieces still
sourced from there on the host.

Relocate registries.conf + policy.json into the chezmoi tree at
dot_config/containers/ so both flavors share them; vm.nix now picks
them up via the existing link helper. storage.conf stays inline in
vm.nix because the VM needs the overlay driver while the Arch host
uses the btrfs driver (root fs is btrfs there).

2 files changed, 43 insertions, 40 deletions

diff --git a/nix/common.nix b/nix/common.nix
index 5707d2b..66b9038 100644
--- a/nix/common.nix
+++ b/nix/common.nix
@@ -138,9 +138,26 @@
       exit 1
     '')
 
-    # CI runner (drives podman from pacman; act itself is just a Go binary)
+    # CI runner (drives podman; act itself is just a Go binary)
     act
 
+    # ── Rootless podman ─────────────────────────────────────────────────────
+    # Moved off pacman so the host and VM run the same nix-pinned stack.
+    # The nix `podman` is wrapped to find these helpers via /nix/store
+    # paths, so we don't need a containers.conf for `helper_binaries_dir`.
+    # Per-user containers config (registries/storage/policy) lives under
+    # chezmoi at `private_dot_config/containers/` and is symlinked on the
+    # VM by `vm.nix`'s xdg.configFile block.
+    podman
+    crun         # OCI runtime (lighter than runc; default for rootless)
+    conmon       # container monitor process
+    netavark     # default network stack on podman 4+
+    aardvark-dns # DNS for netavark networks
+    slirp4netns  # rootless user-mode networking
+    passt        # pasta backend (slirp4netns successor; podman picks it up)
+    podman-compose
+    podman-docker # `docker` shell shim → podman
+
     # Editor/AI agent runtimes — NOT for project builds (see policy above)
     nodejs_24 # copilot-language-server requires Node 24 (see ai.lua)
     uv        # for project tooling that asks for `uv`/`uvx`; brings no python
diff --git a/nix/vm.nix b/nix/vm.nix
index c9bb391..fe3cdcb 100644
--- a/nix/vm.nix
+++ b/nix/vm.nix
@@ -19,22 +19,13 @@ in
     # Ubuntu 20.04-derived hosts still default to cgroups v1; podman 5
     # warns on every invocation. Flipping to v2 is a host-level reboot
     # and only matters for --memory/--cpus, so silence the warning.
+    # (Arch host is on cgroups v2, so this isn't set in common.nix.)
     PODMAN_IGNORE_CGROUPSV1_WARNING = "1";
   };
 
-  home.packages = with pkgs; [
-    # ── Rootless podman ─────────────────────────────────────────────────────
-    # The nix `podman` is wrapped to find these helpers via /nix/store
-    # paths, so we don't need to write a containers.conf for
-    # `helper_binaries_dir`.
-    podman
-    crun         # OCI runtime (lighter than runc; default for rootless)
-    conmon       # container monitor process
-    netavark     # default network stack on podman 4+
-    aardvark-dns # DNS for netavark networks
-    slirp4netns  # rootless user-mode networking
-    passt        # pasta backend (slirp4netns successor; podman picks it up)
-  ];
+  # No extra packages — the rootless podman stack now lives in
+  # `common.nix` so the host and VM share the same nix-pinned versions.
+  home.packages = [ ];
 
   # ── Shared config symlinks ──────────────────────────────────────────────────
   # Live symlinks back into the cloned working tree so `git pull` is enough
@@ -92,8 +83,29 @@ in
 
     # Code review (binary from common.nix)
     "tuicr/config.toml".source = link "dot_config/tuicr/config.toml";
+
+    # Rootless podman config — registries.conf + policy.json are
+    # chezmoi-owned (shared with the host); storage.conf stays inline
+    # below because the VM needs the overlay driver (ext4 host) while
+    # the Arch host uses btrfs.
+    "containers/registries.conf".source = link "dot_config/containers/registries.conf";
+    "containers/policy.json".source     = link "dot_config/containers/policy.json";
   };
 
+  # VM-only: overlay driver. (Host's btrfs storage.conf is chezmoi-owned
+  # at dot_config/containers/storage.conf.)
+  xdg.configFile."containers/storage.conf".text = ''
+    [storage]
+    # runroot/graphroot default to $XDG_RUNTIME_DIR/containers and
+    # $XDG_DATA_HOME/containers/storage respectively for rootless — leave unset.
+    driver = "overlay"
+
+    [storage.options.overlay]
+    # Kernel >=5.13 supports rootless overlay natively (VM is on 5.15),
+    # so mount_program is left unset → uses the kernel driver directly
+    # instead of fuse-overlayfs.
+  '';
+
   # Claude-code looks under ~/.claude (NOT XDG). Skills live there.
   # Symlink the whole tuicr skill directory so SKILL.md and the wrapper
   # script (chezmoi `executable_` prefix preserved → see the dispatch
@@ -124,30 +136,4 @@ in
     export ZDOTDIR="$HOME/.config/zsh"
     [[ -r "$ZDOTDIR/.zshenv" ]] && source "$ZDOTDIR/.zshenv"
   '';
-
-  # ── Rootless podman config ──────────────────────────────────────────────────
-  # Kept inline (not in the chezmoi tree) because Arch's system-wide
-  # /etc/containers defaults already work there; these files exist only
-  # to give nix's user-installed podman sane rootless defaults.
-  xdg.configFile."containers/registries.conf".text = ''
-    unqualified-search-registries = ["docker.io", "quay.io", "ghcr.io"]
-    short-name-mode = "permissive"
-  '';
-
-  xdg.configFile."containers/storage.conf".text = ''
-    [storage]
-    # runroot/graphroot default to $XDG_RUNTIME_DIR/containers and
-    # $XDG_DATA_HOME/containers/storage respectively for rootless — leave unset.
-    driver = "overlay"
-
-    [storage.options.overlay]
-    # Kernel >=5.13 supports rootless overlay natively (VM is on 5.15),
-    # so mount_program is left unset → uses the kernel driver directly
-    # instead of fuse-overlayfs.
-  '';
-
-  xdg.configFile."containers/policy.json".text = builtins.toJSON {
-    default = [ { type = "insecureAcceptAnything"; } ];
-    transports.docker-daemon."" = [ { type = "insecureAcceptAnything"; } ];
-  };
 }