2 releases
new 0.1.8 | Sep 13, 2024 |
---|---|
0.1.7 | Sep 7, 2024 |
0.1.6 |
|
#122 in Command line utilities
397 downloads per month
500KB
1.5K
SLoC
arcam
Fast sandboxed development container manager using podman, minimal permissions by default choose balance between security and convenience
NOTE: Version 0.1.X is considered alpha and may break compatability at any time
Experimental but all code since v0.1.1
was written inside arcam container
Originally named box
Features
- Sandboxed ephemeral container by default (podman defaults with network turned on)
- Pass through audio, wayland, ssh-agent easily on demand with flags or config
- Customize your experience per language, even per project
- Override dotfiles locally on demand, so you don't have to rebuild image to update dotfiles
- Automatic passwordless sudo (or
su
if not installed) - Consistant development environment on any distro, especially useful on immutable distros like fedora atomic
- Offline use, container initialization process does not require internet connection (image has to be downloaded of course)
Planned Features
These are features that are planned but the details are debatable
- Provide support for devcontainer features
- Docker support
Installation
You can download binary for latest release here
Alternatively you can install it from crates.io
cargo install arcam
You can also install straight from git
cargo install --git https://github.com/sandorex/arcam
Custom Container Image
Making a custom container image is same as for any other container, to take full advantage of box keep following things in mind:
- Install
sudo
for nicer experience - Any executable files in
/init.d
will be executed on start of the container as the user, you can usesudo
orsu
for root access - Put dotfiles in
/etc/skel
which will be copied to user home on start, note that it may be overriden at runtime using flags - All data inside the container (not counting mounts) will be deleted when container stops, to add caching or presistant data use a named volume
For examples you can take a look at my container with neovim and all LSPs preinstalled
Comparison to Other Tools
Toolbox / Distrobox
Both are great at their job, to provide a seamless integration with the host but not sandboxing
Box provides sandbox by default approach where you choose where to sacrifice sandboxing for convenience
Dependencies
~4–13MB
~163K SLoC