Documentation Index
Fetch the complete documentation index at: https://docs.boxlite.ai/llms.txt
Use this file to discover all available pages before exploring further.
BoxOptions
Options for constructing a box.
pub struct BoxOptions {
/// Number of CPUs (default: 1)
pub cpus: Option<u8>,
/// Memory in MiB (default: 512)
pub memory_mib: Option<u32>,
/// Disk size in GB for rootfs (sparse, grows as needed)
pub disk_size_gb: Option<u64>,
/// Working directory inside box
pub working_dir: Option<String>,
/// Environment variables
pub env: Vec<(String, String)>,
/// Root filesystem source
pub rootfs: RootfsSpec,
/// Volume mounts
pub volumes: Vec<VolumeSpec>,
/// Network isolation mode
pub network: NetworkSpec,
/// Port mappings
pub ports: Vec<PortSpec>,
/// Enable bind mount isolation (Linux only)
pub isolate_mounts: bool,
/// Auto-remove box when stopped (default: true)
pub auto_remove: bool,
/// Run independently of parent process (default: false)
pub detach: bool,
/// Security isolation options
pub security: SecurityOptions,
}
Example
use boxlite::runtime::options::{BoxOptions, RootfsSpec, VolumeSpec, PortSpec};
let options = BoxOptions {
cpus: Some(4),
memory_mib: Some(2048),
rootfs: RootfsSpec::Image("python:3.11".to_string()),
env: vec![
("PYTHONPATH".to_string(), "/app".to_string()),
],
volumes: vec![
VolumeSpec {
host_path: "/home/user/project".to_string(),
guest_path: "/app".to_string(),
read_only: false,
},
],
ports: vec![
PortSpec {
host_port: Some(8080),
guest_port: 80,
..Default::default()
},
],
auto_remove: false, // Keep box after stop
detach: true, // Run independently
..Default::default()
};
RootfsSpec
How to populate the box root filesystem.
pub enum RootfsSpec {
/// Pull/resolve this registry image reference
Image(String),
/// Use already prepared rootfs at host path
RootfsPath(String),
}
impl Default for RootfsSpec {
fn default() -> Self {
Self::Image("alpine:latest".into())
}
}
VolumeSpec
Filesystem mount specification.
pub struct VolumeSpec {
/// Path on host
pub host_path: String,
/// Path inside guest
pub guest_path: String,
/// Mount as read-only
pub read_only: bool,
}
NetworkSpec
Network isolation options.
pub enum NetworkSpec {
/// Isolated network with gvproxy (default)
Isolated,
// Host, // Future: share host network
// Custom, // Future: custom network config
}
PortSpec
Port mapping specification (host to guest).
pub struct PortSpec {
/// Host port (None/0 = dynamically assigned)
pub host_port: Option<u16>,
/// Guest port to expose
pub guest_port: u16,
/// Protocol (TCP/UDP)
pub protocol: PortProtocol,
/// Bind IP (None = 0.0.0.0)
pub host_ip: Option<String>,
}
pub enum PortProtocol {
Tcp, // default
Udp,
}
SecurityOptions
Security isolation options for a box.
pub struct SecurityOptions {
/// Enable jailer isolation (Linux: seccomp/namespaces, macOS: sandbox-exec)
pub jailer_enabled: bool,
/// Enable seccomp syscall filtering (Linux only)
pub seccomp_enabled: bool,
/// UID to drop to (Linux only). None = auto-allocate
pub uid: Option<u32>,
/// GID to drop to (Linux only). None = auto-allocate
pub gid: Option<u32>,
/// Create new PID namespace (Linux only)
pub new_pid_ns: bool,
/// Create new network namespace (Linux only)
pub new_net_ns: bool,
/// Base directory for chroot jails (Linux)
pub chroot_base: PathBuf,
/// Enable chroot isolation (Linux only)
pub chroot_enabled: bool,
/// Close inherited file descriptors
pub close_fds: bool,
/// Sanitize environment variables
pub sanitize_env: bool,
/// Environment variables to preserve
pub env_allowlist: Vec<String>,
/// Resource limits
pub resource_limits: ResourceLimits,
/// Custom sandbox profile (macOS only)
pub sandbox_profile: Option<PathBuf>,
/// Enable network in sandbox (macOS only)
pub network_enabled: bool,
}
Presets
// Development: minimal isolation for debugging
let dev = SecurityOptions::development();
// - jailer_enabled: false
// - seccomp_enabled: false
// - close_fds: false
// Standard: recommended for most use cases
let std = SecurityOptions::standard();
// - jailer_enabled: true (Linux/macOS)
// - seccomp_enabled: true (Linux)
// Maximum: all isolation features
let max = SecurityOptions::maximum();
// - All isolation enabled
// - uid/gid: 65534 (nobody)
// - Resource limits applied
SecurityOptionsBuilder
Fluent builder for security options.
use boxlite::runtime::options::{SecurityOptions, SecurityOptionsBuilder};
let security = SecurityOptionsBuilder::standard()
.jailer_enabled(true)
.max_open_files(2048)
.max_file_size_bytes(1024 * 1024 * 512) // 512 MiB
.max_processes(100)
.allow_env("MY_VAR")
.build();
// Or via SecurityOptions::builder()
let security = SecurityOptions::builder()
.jailer_enabled(true)
.seccomp_enabled(false)
.build();
Builder Methods
| Method | Description |
|---|
new() | Start from defaults |
development() | Start from dev preset |
standard() | Start from standard preset |
maximum() | Start from max preset |
jailer_enabled(bool) | Enable/disable jailer |
seccomp_enabled(bool) | Enable/disable seccomp |
uid(u32) | Set drop-to UID |
gid(u32) | Set drop-to GID |
new_pid_ns(bool) | Enable PID namespace |
new_net_ns(bool) | Enable network namespace |
chroot_base(path) | Set chroot base dir |
chroot_enabled(bool) | Enable chroot |
close_fds(bool) | Close inherited FDs |
sanitize_env(bool) | Sanitize environment |
env_allowlist(vec) | Set env allowlist |
allow_env(var) | Add to env allowlist |
resource_limits(limits) | Set all limits |
max_open_files(n) | RLIMIT_NOFILE |
max_file_size_bytes(n) | RLIMIT_FSIZE |
max_processes(n) | RLIMIT_NPROC |
max_memory_bytes(n) | RLIMIT_AS |
max_cpu_time_seconds(n) | RLIMIT_CPU |
sandbox_profile(path) | macOS sandbox profile |
network_enabled(bool) | macOS network access |
build() | Build SecurityOptions |
ResourceLimits
Resource limits for the jailed process.
pub struct ResourceLimits {
/// Max open file descriptors (RLIMIT_NOFILE)
pub max_open_files: Option<u64>,
/// Max file size in bytes (RLIMIT_FSIZE)
pub max_file_size: Option<u64>,
/// Max number of processes (RLIMIT_NPROC)
pub max_processes: Option<u64>,
/// Max virtual memory in bytes (RLIMIT_AS)
pub max_memory: Option<u64>,
/// Max CPU time in seconds (RLIMIT_CPU)
pub max_cpu_time: Option<u64>,
}
See Also
