diff --git a/hosts/common/default.nix b/hosts/common/default.nix
index 2e1f741..5744a71 100644
--- a/hosts/common/default.nix
+++ b/hosts/common/default.nix
@@ -14,9 +14,6 @@
   users.users.lew = {
     isNormalUser = true;
     extraGroups = [ "wheel" ];
-    linger = true;
-    subUidRanges = [{ startUid = 100000; count = 65536; }];
-    subGidRanges = [{ startGid = 100000; count = 65536; }];
     openssh.authorizedKeys.keys = [
       "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6KI06F0tHIurNFFRJRlHMeLb7dnUEk8jtSmdsdkfPPoDY0HL1A0QJwqsppFbjHSsJoQ/WZGIj09Evmk9RRGjR5uNEtDMWfxEoeJQoJ6Bwdit+BPa3TfgyyoLM107/D5JriFoZW9k0JVNkgAIFnHp6VAjFyrg4298yKzy2dZchDO4u5HfFi+HBwn2haP7IC0JNgq6GO8K+yw4UK2635/3B/xNLhhLobbT4sThcghBtBhvb8pSXJ0wLupwuGWN9uuONs0UYEOlb8BhedXR4ShJUsQERIPFByAvMaq5vbsVIojF5s4P4dAlpsRQpXhQa7E4wzwGy5bYVP3MNmtYwxZel ssh-key-2025-12-11"
     ];
diff --git a/hosts/lab/default.nix b/hosts/lab/default.nix
index 1066cf6..50949c4 100644
--- a/hosts/lab/default.nix
+++ b/hosts/lab/default.nix
@@ -23,6 +23,18 @@
 
   security.sudo.wheelNeedsPassword = false;
 
+  users.users.podman = {
+    isSystemUser = true;
+    group = "podman";
+    home = "/var/lib/podman";
+    createHome = true;
+    uid = 900;
+    linger = true;
+    subUidRanges = [{ startUid = 100000; count = 65536; }];
+    subGidRanges = [{ startGid = 100000; count = 65536; }];
+  };
+  users.groups.podman = {};
+
   virtualisation.containers.enable = true;
   virtualisation.podman = {
     enable = true;
diff --git a/hosts/lab/dokuwiki.nix b/hosts/lab/dokuwiki.nix
index aade5b8..f79e805 100644
--- a/hosts/lab/dokuwiki.nix
+++ b/hosts/lab/dokuwiki.nix
@@ -9,7 +9,8 @@
 
   virtualisation.oci-containers.containers.dokuwiki = {
     image = "lscr.io/linuxserver/dokuwiki:2025-05-14b-ls299";
-    podman.user = "lew";
+    podman.user = "podman";
+    podman.sdnotify = "healthy";
     environment = {
       PUID = "1000";
       PGID = "1000";
@@ -21,7 +22,4 @@
     ];
     ports = [ "127.0.0.1:8070:80" ];
   };
-
-  # Workaround for NixOS/nixpkgs#410857 until backport of #475089 lands
-  systemd.services.podman-dokuwiki.serviceConfig.Delegate = true;
 }
diff --git a/hosts/lab/foundry.nix b/hosts/lab/foundry.nix
index 2b53146..2c64480 100644
--- a/hosts/lab/foundry.nix
+++ b/hosts/lab/foundry.nix
@@ -11,8 +11,7 @@
     image = "node:22.22.2-slim";
     cmd = [ "node" "main.js" "--dataPath=/data" ];
     workdir = "/app";
-    user = "1000:1000";
-    podman.user = "lew";
+    podman.user = "podman";
     volumes = [
       "/srv/foundry/app:/app:ro"
       "/srv/foundry/data:/data"