Skip to content

stewlab/sandwich

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
containerfiles
containerfiles
 
 
images
images
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
sandwich.sh
sandwich.sh
 
 

Repository files navigation

🥪 sandwich

sandwich is a command-line tool that creates a self-contained, rootless container environment in a local subsystem directory. It downloads and configures nerdctl, containerd, and other tools, allowing you to build and run containers without needing root or modifying system-wide services.

✨ Features

  • Rootless by Default: Runs containerd and buildkitd as user services.
  • Self-Contained: All tools and data reside under ./subsystem.
  • Zero-Dependency Install: Automatically downloads required binaries.
  • Simple Cleanup: clean removes everything, optionally preserving downloads.
  • Flexible Builds: Build images from local folders, archives, or remote URLs.
  • Subsystem Tools: Use subsystem to invoke tools like nerdctl within your environment.
  • Image Management: List and remove container images by tag.

✅ Prerequisites

Ensure the following tools are installed:

  • bash (version 4+)
  • curl
  • tar
  • unzip (optional, for .zip archives)
  • systemd (for user services)

Note: On macOS or WSL2, systemctl --user may not work. You’ll need to configure rootless services manually.

🚀 Getting Started

1. Download the Script

Save the script as sandwich.

2. Make It Executable

chmod +x sandwich

3. Initialize the Environment

./sandwich initialize

This command:

  • Sets up subsystem/ directory structure
  • Installs nerdctl, containerd, slirp4netns, and CNI plugins
  • Configures rootless services
  • Prepares the system to run or build containers

📖 Usage

Usage: ./sandwich <command> [options/args...]

Commands:
  initialize                  Download tools and configure rootless services.
  clean [-p true|false]       Remove the subsystem directory.
                              Use -p or --preserve to retain downloads.
  run [CMD...] [-t TAG]       Run a command in a container using the specified image tag.
  build [SRC] [-t TAG]        Build image from rootfs dir, archive, or URL.
  from-image IMAGE [-t TAG]   Pull a registry image and tag it.
  subsystem CMD [ARGS...]     Run a binary from subsystem (e.g., nerdctl).
  list-images                 List all installed container images.
  remove-image TAG            Remove a container image by tag.
  help                        Show this help message.

Examples

1. Initialize the Subsystem

./sandwich initialize

2. Run a Shell in a Container

./sandwich run

3. Run a Custom Command

./sandwich run echo "Hello from my container!"

4. Build an Image from a Directory

mkdir -p myapp/bin
echo -e '#!/bin/sh\necho Hello!' > myapp/bin/hello
chmod +x myapp/bin/hello

./sandwich build ./myapp -t myapp:1.0

5. Build from a RootFS Archive or URL

./sandwich build https://example.com/myrootfs.tar.gz -t webserver:latest

6. Pull and Tag a Registry Image

./sandwich from-image registry.fedoraproject.org/fedora-minimal:42 -t fedora:latest

7. Run a Subsystem Tool

./sandwich subsystem nerdctl images

8. List Images

./sandwich list-images

9. Remove an Image

./sandwich remove-image myapp:1.0

10. Clean Up

# Remove all subsystem files and downloads
./sandwich clean -p false

# Remove only subsystem files, keep downloads
./sandwich clean

⚖️ License

This project is licensed under the GNU General Public License v3.0. See LICENSE or the script header for details.

Let me know if you’d like this written as a README.md file or integrated with CLI doc generators.

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages