podenv: A container wrapper

[ apache, development, library, program ] [ Propose Tags ] [ Report a vulnerability ]

Podenv provides a declarative interface to manage containerized applications. . Using rootless containers, podenv let you run applications seamlessly. .


[Skip to Readme]

Flags

Manual Flags

NameDescriptionDefault
ci

Make warnings error

Disabled

Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info

Downloads

Maintainer's Corner

Package maintainers

For package maintainers and hackage trustees

Candidates

  • No Candidates
Versions [RSS] 0.1.0, 0.2.0
Change log CHANGELOG.md
Dependencies base (<5), containers, dhall (>=1.39), directory, either, filepath, gitrev, lens-family-core, lens-family-th, linux-capabilities (>=0.1.1.0), optparse-applicative, podenv, relude (>=0.7), SHA, text, th-env, typed-process, unix [details]
License Apache-2.0
Copyright 2021 Red Hat
Author Tristan Cacqueray
Maintainer tdecacqu@redhat.com
Category Development
Home page https://github.com/podenv/podenv#readme
Bug tracker https://github.com/podenv/podenv/issues
Source repo head: git clone https://github.com/podenv/podenv.git
Uploaded by TristanCacqueray at 2022-08-10T14:46:16Z
Distributions
Executables podenv
Downloads 179 total (3 in the last 30 days)
Rating (no votes yet) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Docs available [build log]
Last success reported on 2022-08-10 [all 1 reports]

Readme for podenv-0.2.0

[back to package description]

podenv: a container wrapper

Hackage Apache-2.0 license

Note that this is a work in progress, please get in touch if you are interested.

Podenv provides a declarative interface to manage containerized applications. Using rootless containers, podenv let you run applications seamlessly.

Overview and scope

The goal of podenv is to implement a modern application launcher:

Podenv differs from toolbx or flatpak:

  • Isolation by default: network or home directory access need to be explicitely enabled.
  • Unopinionated runtime: applications are provided by distro packages or Containerfile.
  • High level command line interface.

Features

Capabilities

Share resources with simple toggles:

  • --wayland graphical display.
  • --pipewire access audio and video streams.
  • --dbus share the dbus session.
  • See the full list in this configuration schema: Capabilities.Type

Mount directories with smart volumes:

  • --volume ~ share the home directory.
  • --volume web:~ use a volume named web for the container home.
  • --hostfile ./document.pdf share a single file.

Container Runtimes

Podenv works with multiple container runtimes:

  • Podman for image and Containerfile.
  • Bubblewrap for local rootfs and Nix Flakes.

The runtime integration is decoupled from the application description so that more options can be added in the future.

Namespace

Applications can share resources using the --namespace NAME option. For example, a browser application can be attached to the network of a VPN application. Checkout the Configure a VPN howto.

Configuration

Applications are user-defined with functionnal and re-usable expressions:

Firefox with a fedora container

(env:PODENV).Application::{
, name = "firefox"
, description = Some "Mozilla Firefox"
, runtime = (env:PODENV).Hub.fedora.useGraphic [ "firefox" ]
, command = [ "firefox", "--no-remote" ]
, capabilities = (env:PODENV).Capabilities::{ wayland = True, network = True }
}

The fedora useGraphic function defines a custom Containerfile:

\(pkgs : List Text) ->
(env:PODENV).ContainerBuild::{
, containerfile =
    ''
    FROM fedora:latest
    RUN dnf install -y mesa-dri-drivers pipewire-libs
    RUN dnf update -y
    RUN dnf install -y ${concatSep " " pkgs}
    ''
, image_home = Some "/home/fedora"
, image_update = Some "dnf update -y"
}

The graphic packages layer is shared by the other apps.

Nix Flakes

Podenv support the Nix installables syntax:

(env:PODENV).Application::{
, name = "polyglot"
, description = Some "Tool to count lines of source code."
, runtime = (env:PODENV).Hub.nix.useInstallables [ "github:podenv/polyglot.nix" ]
, capabilities = (env:PODENV).Capabilities::{ cwd = True }
}

Hub

By default, podenv uses the podenv/hub collection. Run podenv --list to see the available applications.

Usage

Podenv provides a simple command line: podenv [--caps] application-name [args]. Checkout the tutorials for examples.

Documentation

Podenv documentation is organized into the following four sections:

Tutorials

These guides help you get your hands dirty with working examples:

Howtos

These cookbooks teach you how to solve specific tasks:

Discussions

These posts explain the context and motivation behind this tool:

References

These comprehensive resources cover details that other texts will gloss over: