Just in case anyone misses the link to the solution (I missed it), here it is:
Manual for rootless-podman-service-type: GNU Guix Reference Manual
Which provides this example:
(use-service-modules containers networking …)
(use-modules (gnu system accounts)) ;for 'subid-range'
(operating-system
;; …
(users (cons (user-account
(name "alice")
(group "users")
;; Adding the account to the "cgroup" group
;; makes it possible to run podman commands.
(supplementary-groups '("cgroup" "wheel"
"audio" "video")))
%base-user-accounts))
(services
(append (list (service iptables-service-type)
(service rootless-podman-service-type
(rootless-podman-configuration
(subgids
(list (subid-range (name "alice"))))
(subuids
(list (subid-range (name "alice")))))))
%base-services)))