From aabcdc206246aa935790908f2ab7e7edcc88b3b9 Mon Sep 17 00:00:00 2001
From: sommerfeld <sommerfeld@sommerfeld.dev>
Date: Fri, 29 May 2026 11:18:13 +0100
Subject: feat(podman): switch rootless storage driver to btrfs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

fuse-overlayfs is dog-slow on `podman commit` (and noticeably slower
than native overlay/btrfs for layer extraction in general) because every
read/write round-trips through a FUSE daemon. The kernel overlay driver
does not support btrfs as a lowerdir, so on a btrfs root fs the choices
were:

  - fuse-overlayfs  (slow, but works)
  - btrfs           (native subvolume + CoW snapshot per layer; fast)

Switching graph drivers is destructive — the on-disk layout is
incompatible, so a one-time `podman system reset --force` is required.
A migration helper script lives at the repo root (gitignored,
chezmoiignored) that snapshots stateful containers, exports images and
volumes, runs the reset, and restores everything on the new driver.

Drops fuse-overlayfs from meta/base.txt — no longer needed and pulls
in libfuse3 transitively for nothing. (Flatpak still depends on it for
its own sandbox; pacman won't actually uninstall the binary while
flatpak is around — that's fine.)

VM (nix/vm.nix) is unaffected: it sets its own storage.conf inline
with driver=overlay since its rootfs is ext4.
---
 .chezmoiignore                     |  1 +
 .gitignore                         |  1 +
 dot_config/containers/storage.conf | 17 +++++++++++++++++
 meta/base.txt                      |  4 ----
 4 files changed, 19 insertions(+), 4 deletions(-)
 create mode 100644 dot_config/containers/storage.conf

diff --git a/.chezmoiignore b/.chezmoiignore
index 34be6e8..99af635 100644
--- a/.chezmoiignore
+++ b/.chezmoiignore
@@ -1,6 +1,7 @@
 KEYBINDS.md
 README.md
 bootstrap.sh
+migrate-podman-to-btrfs.sh
 meta/
 systemd-units/
 etc/
diff --git a/.gitignore b/.gitignore
index 3c74dc5..9a33068 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@
 .ruff_cache/
 node_modules/
 *.swp
+/migrate-podman-to-btrfs.sh
diff --git a/dot_config/containers/storage.conf b/dot_config/containers/storage.conf
new file mode 100644
index 0000000..3ba957e
--- /dev/null
+++ b/dot_config/containers/storage.conf
@@ -0,0 +1,17 @@
+# Rootless podman storage configuration.
+#
+# Uses the native kernel btrfs graph driver — much faster than fuse-overlayfs
+# (especially `podman commit`) because layers are real btrfs subvolumes with
+# CoW snapshots, no FUSE userspace round-trip.
+#
+# Switching driver requires a one-time `podman system reset --force`; the
+# overlay/fuse-overlay on-disk layout is incompatible. See the migration
+# helper at the dotfiles repo root (migrate-podman-to-btrfs.sh).
+#
+# graphroot/runroot left at defaults:
+#   graphroot = $XDG_DATA_HOME/containers/storage
+#   runroot   = $XDG_RUNTIME_DIR/containers
+# both are on btrfs in this setup (root fs is btrfs).
+
+[storage]
+driver = "btrfs"
diff --git a/meta/base.txt b/meta/base.txt
index 1cb96dc..1f7cdd8 100644
--- a/meta/base.txt
+++ b/meta/base.txt
@@ -75,10 +75,6 @@ nix
 perf             # links against running kernel ABI; must match kernel pkg
 podman-compose
 podman-docker
-fuse-overlayfs   # podman rootless storage driver on btrfs (kernel overlayfs
-                 # doesn't support btrfs as a lower dir; podman falls back to
-                 # vfs which is unusable). ~10-30% slower than native overlay
-                 # but unavoidable as long as ~/.local/share/containers is on btrfs.
 
 # --- sound ---
 alsa-utils
-- 
cgit v1.3.1