arcam
| Crates.io | arcam |
| lib.rs | arcam |
| version | 1.0.0 |
| created_at | 2024-09-06 16:05:34.332477+00 |
| updated_at | 2025-06-22 08:59:05.025602+00 |
| description | Sandboxed development containers at your fingertips |
| homepage | |
| repository | https://github.com/sandorex/arcam |
| max_upload_size | |
| id | 1366109 |
| size | 279,027 |
Sandorex (sandorex)
documentation
README
arcam
Fast sandboxed development container manager using podman, minimal permissions by default choose balance between security and convenience
Features
- Sandboxed ephemeral container by default (podman defaults with network turned off by default)
- Pass through audio, wayland, ssh-agent easily on demand with flags or config
- TOML configuration files for containers, customize your experience per project requirements
- Override dotfiles locally, so you don't have to rebuild the image to update dotfiles
- Automatic passwordless sudo (or
suifsudois not available) - Host terminfo integration, you do not have to install packages to use kitty, or wezterm
- Consistant development environment on any distro, especially useful on distros like fedora atomic
- Offline use, container initialization process does not require internet connection (image has to be downloaded of course)
Installation
You can download binary for latest release here
Alternatively you can install it from crates.io
cargo install arcam
You can also install straight from git
cargo install --git https://github.com/sandorex/arcam
Using Nix
Nix
You can run it in a shell like so
nix shell github:sandorex/arcam
Or install it into your profile
nix profile install github:sandorex/arcam
Usage
To avoid out-of-date documentation probably all the help you'll need is included in the binary itself
For help with config options run arcam config --options, or to see an example config run arcam config --example
Custom Container Images
Custom Container Images
Making a custom container image is same as for any other container, to take full advantage of arcam keep following things in mind:
- Any file in
/init.dwill be executed on start of the container as the user, useasroot(wrapssuorsudoif it exists) to run commands as root - Put dotfiles in
/etc/skelwhich will be copied to user home on start, note that it may be overriden at runtime using--skel - All data inside the container (not counting volumes) will be deleted when container stops, to add caching or presistant data use a named volume
For examples you can take a look at my everchanging containers
Comparison to Other Tools
Toolbox / Distrobox
Both are great at their job, to provide a seamless integration with the host but not sandboxing
Arcam provides sandboxed experience by default, and it's your job to choose where/when to sacrifice security for convenience, it's highly configurable
Development Notes
Development Notes
These are notes for me or anyone else hacking on this
Development
I have made toolchain.toml contain everything needed, and flake devshell also works great so development on any machine should be a breeze
Demo GIF
Use asciinema in 80x30 terminal
The GIF was generated with following command
agg --theme monokai \
--font-family 'FiraCode Nerd Font' \
--font-size 16 \
--last-frame-duration 5 \
demo.cast demo.gif