3 releases
0.1.10 | Oct 4, 2024 |
---|---|
0.1.8 | Sep 13, 2024 |
0.1.7 | Sep 7, 2024 |
0.1.6 |
|
#361 in Command line utilities
500KB
1.5K
SLoC
arcam
Fast sandboxed development container manager using podman, minimal permissions by default choose balance between security and convenience
NOTE: Version 0.1.X is considered alpha and may break compatability at any time
Experimental but all code since v0.1.1
was written inside arcam container
Originally named box
Features
- Sandboxed ephemeral container by default (podman defaults with network turned on)
- Pass through audio, wayland, ssh-agent easily on demand with flags or config
- Customize your experience per language, even per project
- Override dotfiles locally on demand, so you don't have to rebuild image to update dotfiles
- Automatic passwordless sudo (or
su
if not installed) - Consistant development environment on any distro, especially useful on immutable distros like fedora atomic
- Offline use, container initialization process does not require internet connection (image has to be downloaded of course)
Planned Features
These are features that are planned but the details are debatable
- Provide support for devcontainer features
- Docker support
Installation
You can download binary for latest release here
Alternatively you can install it from crates.io
cargo install arcam
You can also install straight from git
cargo install --git https://github.com/sandorex/arcam
Custom Container Image
Making a custom container image is same as for any other container, to take full advantage of box keep following things in mind:
- Install
sudo
for nicer experience - Any executable files in
/init.d
will be executed on start of the container as the user, you can usesudo
orsu
for root access - Put dotfiles in
/etc/skel
which will be copied to user home on start, note that it may be overriden at runtime using flags - All data inside the container (not counting mounts) will be deleted when container stops, to add caching or presistant data use a named volume
For examples you can take a look at my container with neovim and all LSPs preinstalled
Comparison to Other Tools
Toolbox / Distrobox
Both are great at their job, to provide a seamless integration with the host but not sandboxing
Box provides sandbox by default approach where you choose where to sacrifice sandboxing for convenience
Dependencies
~9–19MB
~267K SLoC