pyrox.dev
1# pkgs.ociTools {#sec-pkgs-ociTools}
2
3`pkgs.ociTools` is a set of functions for creating containers according to the [OCI container specification v1.0.0](https://github.com/opencontainers/runtime-spec). Beyond that, it makes no assumptions about the container runner you choose to use to run the created container.
4
5## buildContainer {#ssec-pkgs-ociTools-buildContainer}
6
7This function creates a simple OCI container that runs a single command inside of it. An OCI container consists of a `config.json` and a rootfs directory. The nix store of the container will contain all referenced dependencies of the given command.
8
9The parameters of `buildContainer` with an example value are described below:
10
11```nix
12buildContainer {
13 args = [
14 (with pkgs;
15 writeScript "run.sh" ''
16 #!${bash}/bin/bash
17 exec ${bash}/bin/bash
18 '').outPath
19 ];
20
21 mounts = {
22 "/data" = {
23 type = "none";
24 source = "/var/lib/mydata";
25 options = [ "bind" ];
26 };
27 };
28
29 readonly = false;
30}
31```
32
33- `args` specifies a set of arguments to run inside the container. This is the only required argument for `buildContainer`. All referenced packages inside the derivation will be made available inside the container.
34
35- `mounts` specifies additional mount points chosen by the user. By default only a minimal set of necessary filesystems are mounted into the container (e.g procfs, cgroupfs)
36
37- `readonly` makes the container's rootfs read-only if it is set to true. The default value is false `false`.