Note that this is a work in progress, please get in touch if you are interested.
Podenv provides a declarative interface to manage containerized applications. Using rootless containers, podenv let you run applications seamlessly.
The goal of podenv is to implement a modern application launcher:
- Highlevel capability system
- Multiple runtimes
- VPN network namespace
- Functional configuration
- Simple to use
Podenv differs from toolbx or flatpak:
- Isolation by default: network or home directory access need to be explicitely enabled.
- Unopinionated runtime: applications are provided by distro packages or Containerfile.
- High level command line interface.
Share resources with simple toggles:
--wayland
graphical display.--pipewire
access audio and video streams.--dbus
share the dbus session.- See the full list in this configuration schema: Capabilities.Type
Mount directories with smart volumes:
--volume ~
share the home directory.--volume web:~
use a volume namedweb
for the container home.--hostfile ./document.pdf
share a single file.
Podenv works with multiple container runtimes:
- Podman for image and Containerfile.
- Bubblewrap for local rootfs and Nix Flakes.
The runtime integration is decoupled from the application description so that more options can be added in the future.
Applications can share resources using the --namespace NAME
option.
For example, a browser application can be attached to the network of a VPN application.
Checkout the Configure a VPN howto.
Applications are user-defined with functionnal and re-usable expressions:
(env:PODENV).Application::{
, name = "firefox"
, description = Some "Mozilla Firefox"
, runtime = (env:PODENV).Hub.fedora.useGraphic [ "firefox" ]
, command = [ "firefox", "--no-remote" ]
, capabilities = (env:PODENV).Capabilities::{ wayland = True, network = True }
}
The fedora useGraphic function defines a custom Containerfile:
\(pkgs : List Text) ->
(env:PODENV).ContainerBuild::{
, containerfile =
''
FROM fedora:latest
RUN dnf install -y mesa-dri-drivers pipewire-libs
RUN dnf update -y
RUN dnf install -y ${concatSep " " pkgs}
''
, image_home = Some "/home/fedora"
, image_update = Some "dnf update -y"
}
The graphic packages layer is shared by the other apps.
Podenv support the Nix installables syntax:
(env:PODENV).Application::{
, name = "polyglot"
, description = Some "Tool to count lines of source code."
, runtime = (env:PODENV).Hub.nix.useInstallables [ "github:podenv/polyglot.nix" ]
, capabilities = (env:PODENV).Capabilities::{ cwd = True }
}
By default, podenv uses the hub collection.
Run podenv --list
to see the available applications.
Podenv provides a simple command line: podenv [--caps] application-name [args]
.
Checkout the tutorials for examples.
Podenv documentation is organized into the following four sections:
These guides help you get your hands dirty with working examples:
These cookbooks teach you how to solve specific tasks:
These posts explain the context and motivation behind this tool:
These comprehensive resources cover details that other texts will gloss over: