2024-06-11 10:35:38 +00:00
|
|
|
{ newScope, config, stdenv, makeWrapper
|
2023-04-22 23:36:37 +00:00
|
|
|
, buildPackages
|
2023-03-05 20:14:13 +00:00
|
|
|
, ed, gnugrep, coreutils, xdg-utils
|
2024-06-22 12:43:05 +00:00
|
|
|
, glib, gtk3, gtk4, adwaita-icon-theme, gsettings-desktop-schemas, gn, fetchgit
|
2021-07-21 09:46:49 +00:00
|
|
|
, libva, pipewire, wayland
|
2024-06-11 10:35:38 +00:00
|
|
|
, runCommand
|
2022-02-11 18:51:42 +00:00
|
|
|
, lib, libkrb5
|
2024-05-12 23:21:58 +00:00
|
|
|
, widevine-cdm
|
2023-09-27 02:36:38 +00:00
|
|
|
, electron-source # for warnObsoleteVersionConditional
|
2012-12-03 16:55:09 +00:00
|
|
|
|
2012-12-03 17:23:49 +00:00
|
|
|
# package customization
|
2020-04-13 13:26:09 +00:00
|
|
|
# Note: enable* flags should not require full rebuilds (i.e. only affect the wrapper)
|
2012-12-03 16:55:09 +00:00
|
|
|
, channel ? "stable"
|
2023-09-27 02:36:38 +00:00
|
|
|
, upstream-info ? (import ./upstream-info.nix).${channel}
|
2012-12-03 17:23:49 +00:00
|
|
|
, proprietaryCodecs ? true
|
2014-09-30 04:00:47 +00:00
|
|
|
, enableWideVine ? false
|
2020-12-09 18:13:26 +00:00
|
|
|
, ungoogled ? false # Whether to build chromium or ungoogled-chromium
|
2014-12-07 13:52:36 +00:00
|
|
|
, cupsSupport ? true
|
2019-02-03 15:31:25 +00:00
|
|
|
, pulseSupport ? config.pulseaudio or stdenv.hostPlatform.isLinux
|
2017-01-05 16:46:37 +00:00
|
|
|
, commandLineArgs ? ""
|
2023-04-22 23:22:56 +00:00
|
|
|
, pkgsBuildBuild
|
2023-04-23 23:01:56 +00:00
|
|
|
, pkgs
|
chromium: Minimal build (no install) from source.
This only gets chromium to build so far, installation is missing by upstream, so
we need to manually copy the corresponding files. And I guess with nix, we also
need to patch a few paths on installation.
Another issue is that at the moment, a lot of dependencies are used from the
source tree, rather than from the system.
Also, it would be nice to build using LLVM, as it really speeds up compilation a
*LOT* and also has the side effect of resulting in smaller binaries.
Working unit tests would be nice, too. Unfortunately they're quite heavyweight
and take hours to run, so I guess "someday" would be the most appropriate time
to integrate.
Further todo's:
- Allow to disable GConf, GIO and CUPS.
- Option to disable the sandbox (for whatever reason the user might have).
- Integrate gold binutils.
- Pulseaudio support.
- Clearly separate Linux specific stuff.
2012-06-12 08:19:22 +00:00
|
|
|
}:
|
2009-10-30 08:45:58 +00:00
|
|
|
|
chromium: Minimal build (no install) from source.
This only gets chromium to build so far, installation is missing by upstream, so
we need to manually copy the corresponding files. And I guess with nix, we also
need to patch a few paths on installation.
Another issue is that at the moment, a lot of dependencies are used from the
source tree, rather than from the system.
Also, it would be nice to build using LLVM, as it really speeds up compilation a
*LOT* and also has the side effect of resulting in smaller binaries.
Working unit tests would be nice, too. Unfortunately they're quite heavyweight
and take hours to run, so I guess "someday" would be the most appropriate time
to integrate.
Further todo's:
- Allow to disable GConf, GIO and CUPS.
- Option to disable the sandbox (for whatever reason the user might have).
- Integrate gold binutils.
- Pulseaudio support.
- Clearly separate Linux specific stuff.
2012-06-12 08:19:22 +00:00
|
|
|
let
|
2024-06-09 23:08:48 +00:00
|
|
|
stdenv = pkgs.rustc.llvmPackages.stdenv;
|
2019-02-03 15:31:25 +00:00
|
|
|
|
2021-08-28 21:12:27 +00:00
|
|
|
# Helper functions for changes that depend on specific versions:
|
|
|
|
warnObsoleteVersionConditional = min-version: result:
|
2023-09-27 02:36:38 +00:00
|
|
|
let min-supported-version = (lib.head (lib.attrValues electron-source)).unwrapped.info.chromium.version;
|
2021-08-28 21:12:27 +00:00
|
|
|
in lib.warnIf
|
2023-09-27 02:36:38 +00:00
|
|
|
(lib.versionAtLeast min-supported-version min-version)
|
|
|
|
"chromium: min-supported-version ${min-supported-version} is newer than a conditional bounded at ${min-version}. You can safely delete it."
|
2021-08-28 21:12:27 +00:00
|
|
|
result;
|
|
|
|
chromiumVersionAtLeast = min-version:
|
|
|
|
let result = lib.versionAtLeast upstream-info.version min-version;
|
|
|
|
in warnObsoleteVersionConditional min-version result;
|
|
|
|
versionRange = min-version: upto-version:
|
|
|
|
let inherit (upstream-info) version;
|
|
|
|
result = lib.versionAtLeast version min-version && lib.versionOlder version upto-version;
|
|
|
|
in warnObsoleteVersionConditional upto-version result;
|
|
|
|
|
2014-03-19 11:21:10 +00:00
|
|
|
callPackage = newScope chromium;
|
2014-03-19 10:32:39 +00:00
|
|
|
|
2020-08-25 21:03:35 +00:00
|
|
|
chromium = rec {
|
2024-06-09 23:08:48 +00:00
|
|
|
inherit stdenv upstream-info;
|
2014-03-19 11:51:39 +00:00
|
|
|
|
2020-04-03 17:17:57 +00:00
|
|
|
mkChromiumDerivation = callPackage ./common.nix ({
|
2021-08-28 21:12:27 +00:00
|
|
|
inherit channel chromiumVersionAtLeast versionRange;
|
2022-03-28 14:10:35 +00:00
|
|
|
inherit proprietaryCodecs
|
2020-12-09 18:13:26 +00:00
|
|
|
cupsSupport pulseSupport ungoogled;
|
2023-04-22 23:36:37 +00:00
|
|
|
gnChromium = buildPackages.gn.overrideAttrs (oldAttrs: {
|
2020-11-03 12:08:09 +00:00
|
|
|
inherit (upstream-info.deps.gn) version;
|
2020-07-23 20:43:09 +00:00
|
|
|
src = fetchgit {
|
2023-10-21 11:02:47 +00:00
|
|
|
inherit (upstream-info.deps.gn) url rev hash;
|
2020-07-23 20:43:09 +00:00
|
|
|
};
|
2024-07-24 23:53:53 +00:00
|
|
|
} // lib.optionalAttrs (chromiumVersionAtLeast "127") {
|
|
|
|
# Relax hardening as otherwise gn unstable 2024-06-06 and later fail with:
|
|
|
|
# cc1plus: error: '-Wformat-security' ignored without '-Wformat' [-Werror=format-security]
|
|
|
|
hardeningDisable = [ "format" ];
|
2024-10-17 23:56:56 +00:00
|
|
|
} // lib.optionalAttrs (chromiumVersionAtLeast "130") {
|
|
|
|
# At the time of writing, gn is at v2024-05-13 and has a backported patch.
|
|
|
|
# This patch appears to be already present in v2024-09-09 (from M130), which
|
|
|
|
# results in the patch not applying and thus failing the build.
|
|
|
|
# As a work around until gn is updated again, we filter specifically that patch out.
|
|
|
|
patches = lib.filter (e: lib.getName e != "LFS64.patch") oldAttrs.patches;
|
2020-07-23 20:43:09 +00:00
|
|
|
});
|
2024-07-24 23:53:53 +00:00
|
|
|
recompressTarball = callPackage ./recompress-tarball.nix { inherit chromiumVersionAtLeast; };
|
2020-04-03 17:17:57 +00:00
|
|
|
});
|
2014-03-19 11:57:49 +00:00
|
|
|
|
2021-08-28 21:12:27 +00:00
|
|
|
browser = callPackage ./browser.nix {
|
|
|
|
inherit channel chromiumVersionAtLeast enableWideVine ungoogled;
|
|
|
|
};
|
2014-03-22 16:05:14 +00:00
|
|
|
|
2023-04-22 23:22:56 +00:00
|
|
|
# ungoogled-chromium is, contrary to its name, not a build of
|
|
|
|
# chromium. It is a patched copy of chromium's *source code*.
|
|
|
|
# Therefore, it needs to come from buildPackages, because it
|
|
|
|
# contains python scripts which get /nix/store/.../bin/python3
|
|
|
|
# patched into their shebangs.
|
|
|
|
ungoogled-chromium = pkgsBuildBuild.callPackage ./ungoogled.nix {};
|
2018-10-28 16:07:19 +00:00
|
|
|
};
|
2014-03-19 10:32:39 +00:00
|
|
|
|
2023-06-24 18:19:19 +00:00
|
|
|
suffix = lib.optionalString (channel != "stable" && channel != "ungoogled-chromium") ("-" + channel);
|
2014-11-25 09:08:28 +00:00
|
|
|
|
2016-08-06 08:13:20 +00:00
|
|
|
sandboxExecutableName = chromium.browser.passthru.sandboxExecutableName;
|
|
|
|
|
2019-09-18 21:30:15 +00:00
|
|
|
# We want users to be able to enableWideVine without rebuilding all of
|
|
|
|
# chromium, so we have a separate derivation here that copies chromium
|
2019-12-15 04:16:24 +00:00
|
|
|
# and adds the unfree WidevineCdm.
|
2019-08-10 23:09:55 +00:00
|
|
|
chromiumWV = let browser = chromium.browser; in if enableWideVine then
|
|
|
|
runCommand (browser.name + "-wv") { version = browser.version; }
|
|
|
|
''
|
|
|
|
mkdir -p $out
|
2019-09-18 21:30:15 +00:00
|
|
|
cp -a ${browser}/* $out/
|
|
|
|
chmod u+w $out/libexec/chromium
|
2024-05-12 23:21:58 +00:00
|
|
|
cp -a ${widevine-cdm}/share/google/chrome/WidevineCdm $out/libexec/chromium/
|
2019-08-10 23:09:55 +00:00
|
|
|
''
|
|
|
|
else browser;
|
2020-04-13 13:26:09 +00:00
|
|
|
|
2014-03-22 16:05:14 +00:00
|
|
|
in stdenv.mkDerivation {
|
2022-03-22 16:57:23 +00:00
|
|
|
pname = lib.optionalString ungoogled "ungoogled-"
|
|
|
|
+ "chromium${suffix}";
|
2023-07-29 16:53:34 +00:00
|
|
|
inherit (chromium.browser) version;
|
2014-03-22 16:05:14 +00:00
|
|
|
|
2021-07-05 12:58:52 +00:00
|
|
|
nativeBuildInputs = [
|
2017-06-16 05:49:50 +00:00
|
|
|
makeWrapper ed
|
2021-07-05 12:58:52 +00:00
|
|
|
];
|
2017-06-16 05:49:50 +00:00
|
|
|
|
2021-07-05 12:58:52 +00:00
|
|
|
buildInputs = [
|
2017-06-16 05:49:50 +00:00
|
|
|
# needed for GSETTINGS_SCHEMAS_PATH
|
2023-04-28 19:42:59 +00:00
|
|
|
gsettings-desktop-schemas glib gtk3 gtk4
|
2017-06-16 05:49:50 +00:00
|
|
|
|
|
|
|
# needed for XDG_ICON_DIRS
|
2024-06-22 12:43:05 +00:00
|
|
|
adwaita-icon-theme
|
2022-02-11 18:51:42 +00:00
|
|
|
|
|
|
|
# Needed for kerberos at runtime
|
|
|
|
libkrb5
|
2017-06-16 05:49:50 +00:00
|
|
|
];
|
2014-03-22 16:05:14 +00:00
|
|
|
|
2016-08-06 08:13:20 +00:00
|
|
|
outputs = ["out" "sandbox"];
|
|
|
|
|
2014-03-22 16:05:14 +00:00
|
|
|
buildCommand = let
|
2019-08-10 23:09:55 +00:00
|
|
|
browserBinary = "${chromiumWV}/libexec/chromium/chromium";
|
2023-02-19 11:18:22 +00:00
|
|
|
libPath = lib.makeLibraryPath [ libva pipewire wayland gtk3 gtk4 libkrb5 ];
|
2019-02-18 08:17:05 +00:00
|
|
|
|
2024-08-16 17:22:28 +00:00
|
|
|
in ''
|
2016-08-27 15:38:25 +00:00
|
|
|
mkdir -p "$out/bin"
|
2012-06-15 08:19:26 +00:00
|
|
|
|
2022-02-02 11:07:18 +00:00
|
|
|
makeWrapper "${browserBinary}" "$out/bin/chromium" \
|
2022-09-23 19:19:37 +00:00
|
|
|
--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --enable-features=WaylandWindowDecorations}}" \
|
2024-08-16 17:22:28 +00:00
|
|
|
--add-flags ${lib.escapeShellArg commandLineArgs}
|
2012-06-15 08:19:26 +00:00
|
|
|
|
2016-08-19 18:18:14 +00:00
|
|
|
ed -v -s "$out/bin/chromium" << EOF
|
|
|
|
2i
|
|
|
|
|
2017-01-29 10:11:01 +00:00
|
|
|
if [ -x "/run/wrappers/bin/${sandboxExecutableName}" ]
|
2016-08-19 18:18:14 +00:00
|
|
|
then
|
2017-01-29 10:11:01 +00:00
|
|
|
export CHROME_DEVEL_SANDBOX="/run/wrappers/bin/${sandboxExecutableName}"
|
2016-08-19 18:18:14 +00:00
|
|
|
else
|
|
|
|
export CHROME_DEVEL_SANDBOX="$sandbox/bin/${sandboxExecutableName}"
|
|
|
|
fi
|
|
|
|
|
2022-12-16 12:53:28 +00:00
|
|
|
# Make generated desktop shortcuts have a valid executable name.
|
|
|
|
export CHROME_WRAPPER='chromium'
|
|
|
|
|
2019-10-30 22:39:17 +00:00
|
|
|
'' + lib.optionalString (libPath != "") ''
|
|
|
|
# To avoid loading .so files from cwd, LD_LIBRARY_PATH here must not
|
|
|
|
# contain an empty section before or after a colon.
|
|
|
|
export LD_LIBRARY_PATH="\$LD_LIBRARY_PATH\''${LD_LIBRARY_PATH:+:}${libPath}"
|
|
|
|
'' + ''
|
2019-02-18 08:17:05 +00:00
|
|
|
|
2016-08-19 18:18:14 +00:00
|
|
|
# libredirect causes chromium to deadlock on startup
|
2020-08-03 15:58:41 +00:00
|
|
|
export LD_PRELOAD="\$(echo -n "\$LD_PRELOAD" | ${coreutils}/bin/tr ':' '\n' | ${gnugrep}/bin/grep -v /lib/libredirect\\\\.so$ | ${coreutils}/bin/tr '\n' ':')"
|
2016-08-19 18:18:14 +00:00
|
|
|
|
2017-06-16 05:49:50 +00:00
|
|
|
export XDG_DATA_DIRS=$XDG_ICON_DIRS:$GSETTINGS_SCHEMAS_PATH\''${XDG_DATA_DIRS:+:}\$XDG_DATA_DIRS
|
|
|
|
|
2023-04-07 07:16:36 +00:00
|
|
|
'' + lib.optionalString (!xdg-utils.meta.broken) ''
|
2022-02-26 11:45:52 +00:00
|
|
|
# Mainly for xdg-open but also other xdg-* tools (this is only a fallback; \$PATH is suffixed so that other implementations can be used):
|
|
|
|
export PATH="\$PATH\''${PATH:+:}${xdg-utils}/bin"
|
2023-04-07 07:16:36 +00:00
|
|
|
'' + ''
|
2020-09-06 21:20:30 +00:00
|
|
|
|
2016-08-19 18:18:14 +00:00
|
|
|
.
|
|
|
|
w
|
|
|
|
EOF
|
2016-08-06 08:13:20 +00:00
|
|
|
|
2016-08-06 09:09:40 +00:00
|
|
|
ln -sv "${chromium.browser.sandbox}" "$sandbox"
|
2016-08-06 08:13:20 +00:00
|
|
|
|
2014-09-19 05:51:11 +00:00
|
|
|
ln -s "$out/bin/chromium" "$out/bin/chromium-browser"
|
2016-08-27 15:38:25 +00:00
|
|
|
|
2019-05-28 00:32:18 +00:00
|
|
|
mkdir -p "$out/share"
|
2018-01-21 23:33:47 +00:00
|
|
|
for f in '${chromium.browser}'/share/*; do # hello emacs */
|
2016-08-27 15:38:25 +00:00
|
|
|
ln -s -t "$out/share/" "$f"
|
|
|
|
done
|
2014-03-22 16:05:14 +00:00
|
|
|
'';
|
2014-03-23 18:48:53 +00:00
|
|
|
|
2018-01-21 23:33:47 +00:00
|
|
|
inherit (chromium.browser) packageName;
|
2019-04-23 01:47:19 +00:00
|
|
|
meta = chromium.browser.meta;
|
2014-04-01 05:36:26 +00:00
|
|
|
passthru = {
|
2016-08-06 13:40:56 +00:00
|
|
|
inherit (chromium) upstream-info browser;
|
2014-04-01 05:36:26 +00:00
|
|
|
mkDerivation = chromium.mkChromiumDerivation;
|
2024-05-12 23:21:58 +00:00
|
|
|
inherit sandboxExecutableName;
|
2014-04-01 05:36:26 +00:00
|
|
|
};
|
2014-03-22 16:05:14 +00:00
|
|
|
}
|
2023-07-29 16:53:34 +00:00
|
|
|
# the following is a complicated and long-winded variant of
|
|
|
|
# `inherit (chromium.browser) version`, with the added benefit
|
|
|
|
# that it keeps the pointer to upstream-info.nix for
|
|
|
|
# builtins.unsafeGetAttrPos, which is what ofborg uses to
|
|
|
|
# decide which maintainers need to be pinged.
|
|
|
|
// builtins.removeAttrs chromium.browser (builtins.filter (e: e != "version") (builtins.attrNames chromium.browser))
|