nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-26 06:44:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
a269b980e9
nixpkgs/pkgs/applications/networking/browsers/chromium/default.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

185 lines
6.7 KiB
Nix
Raw Normal View History

chromium: replace update.nix with Python impl update.nix was a huuuuge hack, abusing checksum collisions, etc., and was extremely difficult to read and maintain, especially because values from update.nix were also used in the derivations themselves! I've replaced this with an implementation in Python, which I chose for readability. Rather than generating Nix, I chose to generate JSON, since Python can do that in the standard library and Nix can read it. I also set update.py as an updateScript, so Chromium can now automatically be updated! Fixes: https://github.com/NixOS/nixpkgs/issues/89635
2019-11-06 19:37:25 +00:00
{ newScope, config, stdenv, fetchurl, makeWrapper
chromium: take gnChromium from buildPackages ${gnChromium}/bin/gn needs to be compiled for the buildPlatform since it is run at build time.
2023-04-22 23:36:37 +00:00
, buildPackages
chromium{Beta,Dev}: Switch to LLVM 15 Not required yet but we should always use the latest LLVM version that is available in Nixpkgs as Google builds Chromium against commits from the main branch.
2023-03-05 20:14:13 +00:00
, ed, gnugrep, coreutils, xdg-utils
chromium: Support GTK 4 Chromium can be launched with `--gtk-version=4` but this didn't work as the binary must be able to dlopen() libgtk-4.so.1 [0]. This fixes #214392. Co-Authored-By: Sávio <25729991+saviosg@users.noreply.github.com> [0]: https://source.chromium.org/chromium/chromium/src/+/main:ui/gtk/gtk_compat.cc;l=85;drc=3e1a26c44c024d97dc9a4c09bbc6a2365398ca2c
2023-02-19 11:18:22 +00:00
, glib, gtk3, gtk4, gnome, gsettings-desktop-schemas, gn, fetchgit
chromium: Fix the Ozone/Wayland support The stable channel update to M92 (97570d30c7f) broke the Wayland support: $ chromium --enable-features=UseOzonePlatform --ozone-platform=wayland [31712:31712:0721/114725.940557:ERROR:wayland_connection.cc(137)] Failed to load wayland client libraries. [31712:31712:0721/114725.940641:FATAL:ozone_platform_wayland.cc(177)] Failed to initialize Wayland platform [0721/114725.947566:ERROR:process_memory_range.cc(75)] read out of range Trace/breakpoint trap (core dumped)
2021-07-21 09:46:49 +00:00
, libva, pipewire, wayland
remove usage of patchelfUnstable now that it's released
2020-07-08 19:55:09 +00:00
, gcc, nspr, nss, runCommand
chromium: improve kerberos support
2022-02-11 18:51:42 +00:00
, lib, libkrb5
chromium: remove internal widevine drv in favor of `widevine-cdm` This gets rid of a lot of redundant logic that is already present in the `widevine-cdm` package :) The resulting directory structure is the same and works just as well.
2024-05-12 23:21:58 +00:00
, widevine-cdm
chromium: changes required for electron
2023-09-27 02:36:38 +00:00
, electron-source # for warnObsoleteVersionConditional
chromium: Allow package override on channels. This allows for more flexible overrides instead of just passing a custom configuration attrset like: chromium.override { config.chromium.channel = "beta"; } So you can now simply do: chromium.override { channel = "beta"; } Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-12-03 16:55:09 +00:00
chromium: Don't use the config attrset anymore. We can still use the config attribute set from within all-packages to pass it to the package expression, which we do in case of PulseAudio. In order to override other stuff you can now conveniently use chromium.override without passing a fake config attribute set. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-12-03 17:23:49 +00:00
# package customization
chromium: Build with VA-API but disable it by default This makes it possible to enable VA-API without having to rebuild Chromium: `chromium.override { enableVaapi = true; }`
2020-04-13 13:26:09 +00:00
# Note: enable* flags should not require full rebuilds (i.e. only affect the wrapper)
chromium: Allow package override on channels. This allows for more flexible overrides instead of just passing a custom configuration attrset like: chromium.override { config.chromium.channel = "beta"; } So you can now simply do: chromium.override { channel = "beta"; } Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-12-03 16:55:09 +00:00
, channel ? "stable"
chromium: changes required for electron
2023-09-27 02:36:38 +00:00
, upstream-info ? (import ./upstream-info.nix).${channel}
chromium: Don't use the config attrset anymore. We can still use the config attribute set from within all-packages to pass it to the package expression, which we do in case of PulseAudio. In order to override other stuff you can now conveniently use chromium.override without passing a fake config attribute set. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2012-12-03 17:23:49 +00:00
, proprietaryCodecs ? true
chromium: Add WideVine content decryption plugin. Seems to be needed in order to view Netflix content, but this only pulls in the proprietary plugin and doesn't yet compile Chromium with support for it, so this is only in preparation for the bright and shiny future (where we all have rootkits implanted in our body). Of course, this plugin is disabled by default as well as all the other proprietary plugins. For the plugin derivation, we now do the checkPhase _after_ the installPhase, to make sure we also detect RPATHs pointing to the plugin directory itself, because the shared object files only exist after the installPhase. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-09-30 04:00:47 +00:00
, enableWideVine ? false
ungoogled-chromium: Merge back into chromium I used nix-instantiate to verify that the derivations for chromium and ungoogled-chromium remain unchanged (only the meta attributes change slightly as I added myself as ungoogled-chromium to receive notifications for PRs/issues).
2020-12-09 18:13:26 +00:00
, ungoogled ? false # Whether to build chromium or ungoogled-chromium
chromium: enable cups by default
2014-12-07 13:52:36 +00:00
, cupsSupport ? true
chromium: move defaults to package file This one is a bit untrivial.
2019-02-03 15:31:25 +00:00
, pulseSupport ? config.pulseaudio or stdenv.isLinux
chromium, google-chrome: add commandLineArgs
2017-01-05 16:46:37 +00:00
, commandLineArgs ? ""
chromium: take llvmPackages from pkgsBuildTarget `llvmPackages.clang` is used in the `gnFlags` attrset, so we need to indicate explicitly which "on" platform (the build) and which "for" platform (the host) we want. This commit does that.
2023-04-23 01:26:11 +00:00
, pkgsBuildTarget
chromium: invoke ungoogled-chromium via buildPackages ungoogled-chromium is, contrary to its name, not a build of chromium. It is a patched copy of chromium's *source code*. Therefore, it needs to come from pkgsBuildBuild, because it contains python scripts which get /nix/store/.../bin/python3 patched into their shebangs.
2023-04-22 23:22:56 +00:00
, pkgsBuildBuild
chromium: control llvmPackages version selection with a string Sometimes we access `llvmPackages` via `pkgs`, and other times via `pkgsFooBar`, so unfortunately a string (attrname) is the only way to have a single point of control over the LLVM version used for both buildPlatform and hostPlatform.
2023-04-23 23:01:56 +00:00
, pkgs
chromium: Minimal build (no install) from source. This only gets chromium to build so far, installation is missing by upstream, so we need to manually copy the corresponding files. And I guess with nix, we also need to patch a few paths on installation. Another issue is that at the moment, a lot of dependencies are used from the source tree, rather than from the system. Also, it would be nice to build using LLVM, as it really speeds up compilation a *LOT* and also has the side effect of resulting in smaller binaries. Working unit tests would be nice, too. Unfortunately they're quite heavyweight and take hours to run, so I guess "someday" would be the most appropriate time to integrate. Further todo's: - Allow to disable GConf, GIO and CUPS. - Option to disable the sandbox (for whatever reason the user might have). - Integrate gold binutils. - Pulseaudio support. - Clearly separate Linux specific stuff.
2012-06-12 08:19:22 +00:00
}:
chrome 20565 svn path=/nixpkgs/trunk/; revision=18046
2009-10-30 08:45:58 +00:00
chromium: Minimal build (no install) from source. This only gets chromium to build so far, installation is missing by upstream, so we need to manually copy the corresponding files. And I guess with nix, we also need to patch a few paths on installation. Another issue is that at the moment, a lot of dependencies are used from the source tree, rather than from the system. Also, it would be nice to build using LLVM, as it really speeds up compilation a *LOT* and also has the side effect of resulting in smaller binaries. Working unit tests would be nice, too. Unfortunately they're quite heavyweight and take hours to run, so I guess "someday" would be the most appropriate time to integrate. Further todo's: - Allow to disable GConf, GIO and CUPS. - Option to disable the sandbox (for whatever reason the user might have). - Integrate gold binutils. - Pulseaudio support. - Clearly separate Linux specific stuff.
2012-06-12 08:19:22 +00:00
let
chromium: control llvmPackages version selection with a string Sometimes we access `llvmPackages` via `pkgs`, and other times via `pkgsFooBar`, so unfortunately a string (attrname) is the only way to have a single point of control over the LLVM version used for both buildPlatform and hostPlatform.
2023-04-23 23:01:56 +00:00
# Sometimes we access `llvmPackages` via `pkgs`, and other times
# via `pkgsFooBar`, so a string (attrname) is the only way to have
# a single point of control over the LLVM version used.
chromium: use llvm 17
2023-12-17 01:08:18 +00:00
llvmPackages_attrName = "llvmPackages_17";
chromium: control llvmPackages version selection with a string Sometimes we access `llvmPackages` via `pkgs`, and other times via `pkgsFooBar`, so unfortunately a string (attrname) is the only way to have a single point of control over the LLVM version used for both buildPlatform and hostPlatform.
2023-04-23 23:01:56 +00:00
stdenv = pkgs.${llvmPackages_attrName}.stdenv;
chromium: move defaults to package file This one is a bit untrivial.
2019-02-03 15:31:25 +00:00
chromium: Move the version helper functions into default.nix Those functions can be required anywhere in the Nix expressions for Chromium and therefore they should be defined in default.nix and inherited where necessary. This fixes the chromiumBeta build which failed because I forgot to update the channel conditional when the beta channel advanced to M94. This is exactly why the version based conditionals should be used everywhere.
2021-08-28 21:12:27 +00:00
# Helper functions for changes that depend on specific versions:
warnObsoleteVersionConditional = min-version: result:
chromium: changes required for electron
2023-09-27 02:36:38 +00:00
let min-supported-version = (lib.head (lib.attrValues electron-source)).unwrapped.info.chromium.version;
chromium: Move the version helper functions into default.nix Those functions can be required anywhere in the Nix expressions for Chromium and therefore they should be defined in default.nix and inherited where necessary. This fixes the chromiumBeta build which failed because I forgot to update the channel conditional when the beta channel advanced to M94. This is exactly why the version based conditionals should be used everywhere.
2021-08-28 21:12:27 +00:00
in lib.warnIf
chromium: changes required for electron
2023-09-27 02:36:38 +00:00
(lib.versionAtLeast min-supported-version min-version)
"chromium: min-supported-version ${min-supported-version} is newer than a conditional bounded at ${min-version}. You can safely delete it."
chromium: Move the version helper functions into default.nix Those functions can be required anywhere in the Nix expressions for Chromium and therefore they should be defined in default.nix and inherited where necessary. This fixes the chromiumBeta build which failed because I forgot to update the channel conditional when the beta channel advanced to M94. This is exactly why the version based conditionals should be used everywhere.
2021-08-28 21:12:27 +00:00
result;
chromiumVersionAtLeast = min-version:
let result = lib.versionAtLeast upstream-info.version min-version;
in warnObsoleteVersionConditional min-version result;
versionRange = min-version: upto-version:
let inherit (upstream-info) version;
result = lib.versionAtLeast version min-version && lib.versionOlder version upto-version;
in warnObsoleteVersionConditional upto-version result;
chromium: Decouple browser from default.nix. This currently only passes through the arguments and is nothing more than the foundation of the new structure. In essence, I want to have a really small default.nix which is then going down into the respective subparts that are isolated from each other. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-19 11:21:10 +00:00
callPackage = newScope chromium;
chromium: Add support for ppapi flash and PDF. This is hardcoded for the dev channel at the moment and we're going to fetch it along with the main Chromium sources. Also I'm putting this in default.nix at the moment, because we're going to tear apart the whole Chromium package into several subparts soon. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-19 10:32:39 +00:00
chromium: Make the gnChromium overrides depend on the version This is more robust than depending on the channel, though the version should only matter if the configuration phase fails. This also switches to the intended version for `chromium` which should be higher since M85 is in the stable channel. Thanks `@volth` for pointing this out.
2020-08-25 21:03:35 +00:00
chromium = rec {
chromium: control llvmPackages version selection with a string Sometimes we access `llvmPackages` via `pkgs`, and other times via `pkgsFooBar`, so unfortunately a string (attrname) is the only way to have a single point of control over the LLVM version used for both buildPlatform and hostPlatform.
2023-04-23 23:01:56 +00:00
inherit stdenv llvmPackages_attrName upstream-info;
chromium: Factor out source into its own Nix file. The name is a bit unfortunate, so it would make sense to rename "sources.nix" into something else. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-19 11:51:39 +00:00
chromiumDev: Override gn to fix the configuration phase The configuration phase was failing due to: ``` configuring ERROR at //BUILD.gn:1376:5: Unknown function. filter_exclude([ "$root_build_dir/foo" ], ^------------- ```
2020-04-03 17:17:57 +00:00
mkChromiumDerivation = callPackage ./common.nix ({
chromium: Move the version helper functions into default.nix Those functions can be required anywhere in the Nix expressions for Chromium and therefore they should be defined in default.nix and inherited where necessary. This fixes the chromiumBeta build which failed because I forgot to update the channel conditional when the beta channel advanced to M94. This is exactly why the version based conditionals should be used everywhere.
2021-08-28 21:12:27 +00:00
inherit channel chromiumVersionAtLeast versionRange;
chromium: remove unused GConf dependency GConf has been deprecated for ages and support for it removed from Chromium a while ago: - Removal of `use_gconf` gn build system flag: https://chromium.googlesource.com/chromium/src/+/a28f4d062f4c030eeddd085f261988d7958db2ba
2022-03-28 14:10:35 +00:00
inherit proprietaryCodecs
ungoogled-chromium: Merge back into chromium I used nix-instantiate to verify that the derivations for chromium and ungoogled-chromium remain unchanged (only the meta attributes change slightly as I added myself as ungoogled-chromium to receive notifications for PRs/issues).
2020-12-09 18:13:26 +00:00
cupsSupport pulseSupport ungoogled;
chromium: take gnChromium from buildPackages ${gnChromium}/bin/gn needs to be compiled for the buildPlatform since it is run at build time.
2023-04-22 23:36:37 +00:00
gnChromium = buildPackages.gn.overrideAttrs (oldAttrs: {
chromium: Extend update.py to automatically update gn The gn version depends on the channel and new gn versions aren't always backward compatible. Therefore we should also include it in upstream-info.json (I've scoped it under "deps" as we'll likely have to add more like this in the future).
2020-11-03 12:08:09 +00:00
inherit (upstream-info.deps.gn) version;
chromium{Beta,Dev}: M84 -> M85 -> M86 (broken) Mark chromiumDev as broken since the build requires LLVM 11 which is not yet in Nixpkgs (due to the lack of an RC, see #93324). Build error: clang (LLVM option parsing): Unknown command line argument '-basic-aa-recphi=0'. Try: 'clang (LLVM option parsing) --help' clang (LLVM option parsing): Did you mean '--basicaa-recphi=0'? ninja: build stopped: subcommand failed.
2020-07-23 20:43:09 +00:00
src = fetchgit {
chromium,chromedriver,electron: use hash instead of sha256 everywhere this patch updates the packaging of chromium and chromedriver to use sri hashes in `upstream-info.nix` instead of sha256 as well as the packaging of electron to use sri hashes in `info.json` instead of sha256 (just gn). this patch also updates the previous `sha256` values in `upstream-info.nix` and `info.json` to sri hashes in `hash`.
2023-10-21 11:02:47 +00:00
inherit (upstream-info.deps.gn) url rev hash;
chromium{Beta,Dev}: M84 -> M85 -> M86 (broken) Mark chromiumDev as broken since the build requires LLVM 11 which is not yet in Nixpkgs (due to the lack of an RC, see #93324). Build error: clang (LLVM option parsing): Unknown command line argument '-basic-aa-recphi=0'. Try: 'clang (LLVM option parsing) --help' clang (LLVM option parsing): Did you mean '--basicaa-recphi=0'? ninja: build stopped: subcommand failed.
2020-07-23 20:43:09 +00:00
};
});
chromium: improve and move `recompressTarball` Recap: We need that (arguably stupid) helper function/drv because the chromium tarball is big -- and is likely to increase even more in the future. So big, that we eventually exceeded hydra.nixos.org's max-output-limit (3G). Instead of raising global hydra's limit, it was decided that we recompress the tarball after deleting unused vendored files from it. I spent a lot of time on a version/prototype that does everything (downloading, decompression, tar extraction, deleting unused files, reproducible tar recreation and finally recompression) via stdin but eventually had to scratch that. GNU tar does not allow to create a tarball just from stdin, nixpkgs' stdenv isn't built with stdin/stdout/pipes in mind, and things a lot of other things I probably already forgot. Nonetheless, this version improves multiple things: - No more `mv` (used to be multiple, not just ours, since fetchzip had some as well) - No more `rm` to get rid of the extracted files before recompressing. Instead, we simply don't extract them in the first place (thanks to tar's --exlude). - No more "no space left" that happened due to `downloadToTemp = true;`. - Multithreaded xz decompression, since that commit is still in staging-next. We cannot use stdenv's unpackFile() because that does not allow us to specify the needed --exclude (and --strip-components=1 if we don't want to rely on glob matching). The hash changed because we now have a static base directory ("source") in the tarball, instead of whatever upstream provided us with (e.g. "chromium-120.0.6099.129").
2024-01-04 00:34:15 +00:00
recompressTarball = callPackage ./recompress-tarball.nix { };
chromiumDev: Override gn to fix the configuration phase The configuration phase was failing due to: ``` configuring ERROR at //BUILD.gn:1376:5: Unknown function. filter_exclude([ "$root_build_dir/foo" ], ^------------- ```
2020-04-03 17:17:57 +00:00
});
chromium: Move plugins into its own Nix file. We now no longer pass enablePepperFlash and enablePepperPDF to the browser package itself and only use plugins.flagsEnabled from there. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-19 11:57:49 +00:00
chromium: Move the version helper functions into default.nix Those functions can be required anywhere in the Nix expressions for Chromium and therefore they should be defined in default.nix and inherited where necessary. This fixes the chromiumBeta build which failed because I forgot to update the channel conditional when the beta channel advanced to M94. This is exactly why the version based conditionals should be used everywhere.
2021-08-28 21:12:27 +00:00
browser = callPackage ./browser.nix {
inherit channel chromiumVersionAtLeast enableWideVine ungoogled;
};
chromium: Split off sandbox from the browser. Now, we no longer tie the sandbox directly to the browser derivation but wrap everything together into one derivation at the entry point at default.nix. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-22 16:05:14 +00:00
chromium: invoke ungoogled-chromium via buildPackages ungoogled-chromium is, contrary to its name, not a build of chromium. It is a patched copy of chromium's *source code*. Therefore, it needs to come from pkgsBuildBuild, because it contains python scripts which get /nix/store/.../bin/python3 patched into their shebangs.
2023-04-22 23:22:56 +00:00
# ungoogled-chromium is, contrary to its name, not a build of
# chromium. It is a patched copy of chromium's *source code*.
# Therefore, it needs to come from buildPackages, because it
# contains python scripts which get /nix/store/.../bin/python3
# patched into their shebangs.
ungoogled-chromium = pkgsBuildBuild.callPackage ./ungoogled.nix {};
Revert "chromium: make gcc8 build available via buildWithGcc flag" This partially reverts commit b70ab5c405f3c3b1852286696130f0112b80979b (except for depending gnome2) see #48922
2018-10-28 16:07:19 +00:00
};
chromium: Add support for ppapi flash and PDF. This is hardcoded for the dev channel at the moment and we're going to fetch it along with the main Chromium sources. Also I'm putting this in default.nix at the moment, because we're going to tear apart the whole Chromium package into several subparts soon. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-19 10:32:39 +00:00
treewide: use optionalString instead of 'then ""'
2023-06-24 18:19:19 +00:00
suffix = lib.optionalString (channel != "stable" && channel != "ungoogled-chromium") ("-" + channel);
chromium: Shorten line length of name attribute. No feature change, I'm just very nitpicky if it comes to lines with more than 79 characters. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-11-25 09:08:28 +00:00
chromium: add nixos module security.chromiumSuidSandbox Closes #17460 Changed the wrapper derivation to produce a second output containing the sandbox. Add a launch wrapper to try and locate the sandbox (either in /var/setuid-wrappers or in /nix/store). This launch wrapper also sheds libredirect.so from LD_PRELOAD as Chromium does not tolerate it. Does not trigger a Chromium rebuild. cc @cleverca22 @joachifm @jasom
2016-08-06 08:13:20 +00:00
sandboxExecutableName = chromium.browser.passthru.sandboxExecutableName;
chromiumDev: fix widevine support Upstream moved libwidevinecdm.so from ./opt/google/chrome-unstable/libwidevinecdm.so to ./opt/google/chrome-unstable/WidevineCdm/_platform_specific/linux_x64/libwidevinecdm.so
2019-09-18 21:30:15 +00:00
# We want users to be able to enableWideVine without rebuilding all of
# chromium, so we have a separate derivation here that copies chromium
chromium: fix enableWideVine for v79 which needs the manifest.json in WidevineCdm/
2019-12-15 04:16:24 +00:00
# and adds the unfree WidevineCdm.
Rework to avoid a full rebuild for widevine.
2019-08-10 23:09:55 +00:00
chromiumWV = let browser = chromium.browser; in if enableWideVine then
runCommand (browser.name + "-wv") { version = browser.version; }
''
mkdir -p $out
chromiumDev: fix widevine support Upstream moved libwidevinecdm.so from ./opt/google/chrome-unstable/libwidevinecdm.so to ./opt/google/chrome-unstable/WidevineCdm/_platform_specific/linux_x64/libwidevinecdm.so
2019-09-18 21:30:15 +00:00
cp -a ${browser}/* $out/
chmod u+w $out/libexec/chromium
chromium: remove internal widevine drv in favor of `widevine-cdm` This gets rid of a lot of redundant logic that is already present in the `widevine-cdm` package :) The resulting directory structure is the same and works just as well.
2024-05-12 23:21:58 +00:00
cp -a ${widevine-cdm}/share/google/chrome/WidevineCdm $out/libexec/chromium/
Rework to avoid a full rebuild for widevine.
2019-08-10 23:09:55 +00:00
''
else browser;
chromium: Build with VA-API but disable it by default This makes it possible to enable VA-API without having to rebuild Chromium: `chromium.override { enableVaapi = true; }`
2020-04-13 13:26:09 +00:00
chromium: Split off sandbox from the browser. Now, we no longer tie the sandbox directly to the browser derivation but wrap everything together into one derivation at the entry point at default.nix. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-22 16:05:14 +00:00
in stdenv.mkDerivation {
treewide: rename name to pname&version
2022-03-22 16:57:23 +00:00
pname = lib.optionalString ungoogled "ungoogled-"
+ "chromium${suffix}";
chromium,ungoogled-chromium: fix ofborg maintainer pings ofborg uses `builtins.unsafeGetAttrPos` internally, to figure out which maintainers need to be pinged. e.g: `builtins.unsafeGetAttrPos "version" drv` When using a `.json` file containing the version via `lib.importJSON`, this will always return `null` and thus leading to no pings at all. This commit works around this, resulting in properly working pings for any changes to the upstream-info file. A similar thing has been done for element-{web,desktop} in the past.
2023-07-29 16:53:34 +00:00
inherit (chromium.browser) version;
chromium: Split off sandbox from the browser. Now, we no longer tie the sandbox directly to the browser derivation but wrap everything together into one derivation at the entry point at default.nix. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-22 16:05:14 +00:00
chromium: move ed and makeWrapper into nativeBuildInputs This most notably fixes cross _evaluation_ of chromium which previously would fail because makeWrapper relies on runtimeShell which is not available in the HostTarget package set. I tested that the native chromium build still works, but haven't tried cross compiling it yet. There very well may be additional errors, but at least they will be build errors, not hard to understand evaluation errors.
2021-07-05 12:58:52 +00:00
nativeBuildInputs = [
chrome: fix fallout from #26512 Fixes broken save dialogue (causes chrome to crash) and missing icons.
2017-06-16 05:49:50 +00:00
makeWrapper ed
chromium: move ed and makeWrapper into nativeBuildInputs This most notably fixes cross _evaluation_ of chromium which previously would fail because makeWrapper relies on runtimeShell which is not available in the HostTarget package set. I tested that the native chromium build still works, but haven't tried cross compiling it yet. There very well may be additional errors, but at least they will be build errors, not hard to understand evaluation errors.
2021-07-05 12:58:52 +00:00
];
chrome: fix fallout from #26512 Fixes broken save dialogue (causes chrome to crash) and missing icons.
2017-06-16 05:49:50 +00:00
chromium: move ed and makeWrapper into nativeBuildInputs This most notably fixes cross _evaluation_ of chromium which previously would fail because makeWrapper relies on runtimeShell which is not available in the HostTarget package set. I tested that the native chromium build still works, but haven't tried cross compiling it yet. There very well may be additional errors, but at least they will be build errors, not hard to understand evaluation errors.
2021-07-05 12:58:52 +00:00
buildInputs = [
chrome: fix fallout from #26512 Fixes broken save dialogue (causes chrome to crash) and missing icons.
2017-06-16 05:49:50 +00:00
# needed for GSETTINGS_SCHEMAS_PATH
chromium: fix gtk4 schema paths
2023-04-28 19:42:59 +00:00
gsettings-desktop-schemas glib gtk3 gtk4
chrome: fix fallout from #26512 Fixes broken save dialogue (causes chrome to crash) and missing icons.
2017-06-16 05:49:50 +00:00
# needed for XDG_ICON_DIRS
gnome: rename from gnome3 Since GNOME version is now 40, it no longer makes sense to use the old attribute name.
2021-05-07 21:18:14 +00:00
gnome.adwaita-icon-theme
chromium: improve kerberos support
2022-02-11 18:51:42 +00:00
# Needed for kerberos at runtime
libkrb5
chrome: fix fallout from #26512 Fixes broken save dialogue (causes chrome to crash) and missing icons.
2017-06-16 05:49:50 +00:00
];
chromium: Split off sandbox from the browser. Now, we no longer tie the sandbox directly to the browser derivation but wrap everything together into one derivation at the entry point at default.nix. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-22 16:05:14 +00:00
chromium: add nixos module security.chromiumSuidSandbox Closes #17460 Changed the wrapper derivation to produce a second output containing the sandbox. Add a launch wrapper to try and locate the sandbox (either in /var/setuid-wrappers or in /nix/store). This launch wrapper also sheds libredirect.so from LD_PRELOAD as Chromium does not tolerate it. Does not trigger a Chromium rebuild. cc @cleverca22 @joachifm @jasom
2016-08-06 08:13:20 +00:00
outputs = ["out" "sandbox"];
chromium: Split off sandbox from the browser. Now, we no longer tie the sandbox directly to the browser derivation but wrap everything together into one derivation at the entry point at default.nix. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-22 16:05:14 +00:00
buildCommand = let
Rework to avoid a full rebuild for widevine.
2019-08-10 23:09:55 +00:00
browserBinary = "${chromiumWV}/libexec/chromium/chromium";
chromium: Support GTK 4 Chromium can be launched with `--gtk-version=4` but this didn't work as the binary must be able to dlopen() libgtk-4.so.1 [0]. This fixes #214392. Co-Authored-By: Sávio <25729991+saviosg@users.noreply.github.com> [0]: https://source.chromium.org/chromium/chromium/src/+/main:ui/gtk/gtk_compat.cc;l=85;drc=3e1a26c44c024d97dc9a4c09bbc6a2365398ca2c
2023-02-19 11:18:22 +00:00
libPath = lib.makeLibraryPath [ libva pipewire wayland gtk3 gtk4 libkrb5 ];
chromium: enable mojo + vaapi + allow hw accel fixes https://github.com/NixOS/nixpkgs/pull/57837 closes https://github.com/NixOS/nixpkgs/pull/56973
2019-02-18 08:17:05 +00:00
treewide: stdenv.lib -> lib
2021-01-15 13:21:58 +00:00
in with lib; ''
chromium: fixup share/share Reported on https://github.com/NixOS/nixpkgs/issues/11501#issuecomment-164383204
2016-08-27 15:38:25 +00:00
mkdir -p "$out/bin"
chromium: Add an install phase. This tries to put pathes unte the same directory as the previous prebuilt version of Chromium.
2012-06-15 08:19:26 +00:00
chromium: no need to eval makeWrapper
2022-02-02 11:07:18 +00:00
makeWrapper "${browserBinary}" "$out/bin/chromium" \
NIXOS_OZONE_WL: fix wayland window decorations
2022-09-23 19:19:37 +00:00
--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --enable-features=WaylandWindowDecorations}}" \
chromium: add commandLineArgs after wayland flags (#189371)
2022-09-01 23:38:22 +00:00
--add-flags ${escapeShellArg commandLineArgs}
chromium: Add an install phase. This tries to put pathes unte the same directory as the previous prebuilt version of Chromium.
2012-06-15 08:19:26 +00:00
chromium: remove one layer of wrapper by using ed
2016-08-19 18:18:14 +00:00
ed -v -s "$out/bin/chromium" << EOF
2i
Getting rid of the var indirection and using a bin path instead
2017-01-29 10:11:01 +00:00
if [ -x "/run/wrappers/bin/${sandboxExecutableName}" ]
chromium: remove one layer of wrapper by using ed
2016-08-19 18:18:14 +00:00
then
Getting rid of the var indirection and using a bin path instead
2017-01-29 10:11:01 +00:00
export CHROME_DEVEL_SANDBOX="/run/wrappers/bin/${sandboxExecutableName}"
chromium: remove one layer of wrapper by using ed
2016-08-19 18:18:14 +00:00
else
export CHROME_DEVEL_SANDBOX="$sandbox/bin/${sandboxExecutableName}"
fi
chromium: fix web app linking Currently Chromium will generate its Web App shortcuts by pointing to the current unwrapped executable of itself. This leads to all Web App shortcuts failing to launch as it is not launched trough nixpkgs's wrapper. This fix will set the `CHROME_WRAPPER` environment variable to point to a valid wrapper script, allowing chromium based browsers to generate valid `.desktop` files. NOTE: As these files are only set once by the browser inside of `~/.local/share/applications` and not updated, this fix will only work for generating new shortcuts, and only work as long as the relevant binary is available in `$PATH` for that user. INFO: While generic sounding, `CHROME_WRAPPER` is only invoked inside of `web_app_shortcut_linux.cc`[^1], so it should only affect the generation of web app shortcut files. INFO: There is a similar patch for google-chrome itself in nixpkgs.[^2] [^1]: https://source.chromium.org/chromium/chromium/src/+/main:chrome/browser/shell_integration_linux.cc;l=405;drc=b8f43a4e55639b03f76eccc6f6b951f2d06b8833 [^2]: https://github.com/NixOS/nixpkgs/pull/155430/
2022-12-16 12:53:28 +00:00
# Make generated desktop shortcuts have a valid executable name.
export CHROME_WRAPPER='chromium'
chromium: do not load .so files from current working directory Fixes #67234.
2019-10-30 22:39:17 +00:00
'' + lib.optionalString (libPath != "") ''
# To avoid loading .so files from cwd, LD_LIBRARY_PATH here must not
# contain an empty section before or after a colon.
export LD_LIBRARY_PATH="\$LD_LIBRARY_PATH\''${LD_LIBRARY_PATH:+:}${libPath}"
'' + ''
chromium: enable mojo + vaapi + allow hw accel fixes https://github.com/NixOS/nixpkgs/pull/57837 closes https://github.com/NixOS/nixpkgs/pull/56973
2019-02-18 08:17:05 +00:00
chromium: remove one layer of wrapper by using ed
2016-08-19 18:18:14 +00:00
# libredirect causes chromium to deadlock on startup
chromium: Add missing dependency on coreutils (#94578) The script that runs chromium calls tr from coreutils - however it just assumed that coreutils are in PATH. With missing coreutils chromium did still launch (at least with d433839007c27d3102ea78abac69bacefdc4bfc0 applied) but emitted `line 15: tr: command not found` error messages.
2020-08-03 15:58:41 +00:00
export LD_PRELOAD="\$(echo -n "\$LD_PRELOAD" | ${coreutils}/bin/tr ':' '\n' | ${gnugrep}/bin/grep -v /lib/libredirect\\\\.so$ | ${coreutils}/bin/tr '\n' ':')"
chromium: remove one layer of wrapper by using ed
2016-08-19 18:18:14 +00:00
chrome: fix fallout from #26512 Fixes broken save dialogue (causes chrome to crash) and missing icons.
2017-06-16 05:49:50 +00:00
export XDG_DATA_DIRS=$XDG_ICON_DIRS:$GSETTINGS_SCHEMAS_PATH\''${XDG_DATA_DIRS:+:}\$XDG_DATA_DIRS
chromium: late-bind xdg-utils if broken xdg-utils does not cross-compile. Let's late-bind (using the runtime $PATH) in this scenario so a native-built xdg-utils can be used instead.
2023-04-07 07:16:36 +00:00
'' + lib.optionalString (!xdg-utils.meta.broken) ''
chromium: Suffix instead of prefix ${xdg-utils}/bin to $PATH This is important so that users can choose to use other implementations (e.g., self-written Bash scripts). We only provide xdg-utils as a fallback in case the system isn't properly configured.
2022-02-26 11:45:52 +00:00
# Mainly for xdg-open but also other xdg-* tools (this is only a fallback; \$PATH is suffixed so that other implementations can be used):
export PATH="\$PATH\''${PATH:+:}${xdg-utils}/bin"
chromium: late-bind xdg-utils if broken xdg-utils does not cross-compile. Let's late-bind (using the runtime $PATH) in this scenario so a native-built xdg-utils can be used instead.
2023-04-07 07:16:36 +00:00
'' + ''
chromium: Prefix $PATH with xdg_utils (#96922) This is required for certain URIs that require launching external programs (e.g. mailto:, magnet:, or irc:) or setting the default browser via xdg-settings. Fix #96897 and fix #92751.
2020-09-06 21:20:30 +00:00
chromium: remove one layer of wrapper by using ed
2016-08-19 18:18:14 +00:00
.
w
EOF
chromium: add nixos module security.chromiumSuidSandbox Closes #17460 Changed the wrapper derivation to produce a second output containing the sandbox. Add a launch wrapper to try and locate the sandbox (either in /var/setuid-wrappers or in /nix/store). This launch wrapper also sheds libredirect.so from LD_PRELOAD as Chromium does not tolerate it. Does not trigger a Chromium rebuild. cc @cleverca22 @joachifm @jasom
2016-08-06 08:13:20 +00:00
chromium: split the sandbox into a separate output Related to #17460 and 66d5edf Triggers a rebuild of Chromium
2016-08-06 09:09:40 +00:00
ln -sv "${chromium.browser.sandbox}" "$sandbox"
chromium: add nixos module security.chromiumSuidSandbox Closes #17460 Changed the wrapper derivation to produce a second output containing the sandbox. Add a launch wrapper to try and locate the sandbox (either in /var/setuid-wrappers or in /nix/store). This launch wrapper also sheds libredirect.so from LD_PRELOAD as Chromium does not tolerate it. Does not trigger a Chromium rebuild. cc @cleverca22 @joachifm @jasom
2016-08-06 08:13:20 +00:00
add symlink to chromium-browser for xdg-open to work as expected
2014-09-19 05:51:11 +00:00
ln -s "$out/bin/chromium" "$out/bin/chromium-browser"
chromium: fixup share/share Reported on https://github.com/NixOS/nixpkgs/issues/11501#issuecomment-164383204
2016-08-27 15:38:25 +00:00
chromium: Fix build Since https://github.com/NixOS/nixpkgs/pull/60499, the unwrapped chromium already contains the applications directory.
2019-05-28 00:32:18 +00:00
mkdir -p "$out/share"
chromium: hide `enableWideVine` behind a `broken` flag ref https://github.com/NixOS/nixpkgs/issues/22333 ref https://github.com/NixOS/nixpkgs/pull/29640 cc @aszlig
2018-01-21 23:33:47 +00:00
for f in '${chromium.browser}'/share/*; do # hello emacs */
chromium: fixup share/share Reported on https://github.com/NixOS/nixpkgs/issues/11501#issuecomment-164383204
2016-08-27 15:38:25 +00:00
ln -s -t "$out/share/" "$f"
done
chromium: Split off sandbox from the browser. Now, we no longer tie the sandbox directly to the browser derivation but wrap everything together into one derivation at the entry point at default.nix. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-22 16:05:14 +00:00
'';
chromium: Propagate browser's meta to the wrapper. We obviously don't want the Hydra job of nixpkgs to fail, so we need to make sure that we have a proper meta attribute on the outermost derivation. For builds based on the Chromium source tree (like for example libcef), we can still move the wrapper elsewhere when we need it. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-23 18:48:53 +00:00
chromium: hide `enableWideVine` behind a `broken` flag ref https://github.com/NixOS/nixpkgs/issues/22333 ref https://github.com/NixOS/nixpkgs/pull/29640 cc @aszlig
2018-01-21 23:33:47 +00:00
inherit (chromium.browser) packageName;
chromium: fix widevine This change allows widevine to work in chromium (it was previously broken due to a segfault). Newer versions of chromium do not use the libwidevinecdmadapter.so. Instead, libwidevinecdm.so should be installed in the chromium libExec directory.
2019-04-23 01:47:19 +00:00
meta = chromium.browser.meta;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 05:36:26 +00:00
passthru = {
chromium: split the sandbox into a seperate output (take 2) Fixup of 231ed9e
2016-08-06 13:40:56 +00:00
inherit (chromium) upstream-info browser;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 05:36:26 +00:00
mkDerivation = chromium.mkChromiumDerivation;
chromium: remove internal widevine drv in favor of `widevine-cdm` This gets rid of a lot of redundant logic that is already present in the `widevine-cdm` package :) The resulting directory structure is the same and works just as well.
2024-05-12 23:21:58 +00:00
inherit sandboxExecutableName;
chromium: Factor out common build attributes. This results in a new function called mkChromiumDerivation, which can be used to easily build packages that are based on the Chromium source tree. We pass through this function as mkDerivation in the chromium wrappre, so in the end if you want to create such a package, something like: chromium.mkDerivation (base: { name = "your-shiny-package-based-on-chromium"; ... }) will suffice. Of course, this is only the first step towards this functionality, because right now I'm not even sure the Chromium browser itself will build. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-04-01 05:36:26 +00:00
};
chromium: Split off sandbox from the browser. Now, we no longer tie the sandbox directly to the browser derivation but wrap everything together into one derivation at the entry point at default.nix. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-22 16:05:14 +00:00
}
chromium,ungoogled-chromium: fix ofborg maintainer pings ofborg uses `builtins.unsafeGetAttrPos` internally, to figure out which maintainers need to be pinged. e.g: `builtins.unsafeGetAttrPos "version" drv` When using a `.json` file containing the version via `lib.importJSON`, this will always return `null` and thus leading to no pings at all. This commit works around this, resulting in properly working pings for any changes to the upstream-info file. A similar thing has been done for element-{web,desktop} in the past.
2023-07-29 16:53:34 +00:00
# the following is a complicated and long-winded variant of
# `inherit (chromium.browser) version`, with the added benefit
# that it keeps the pointer to upstream-info.nix for
# builtins.unsafeGetAttrPos, which is what ofborg uses to
# decide which maintainers need to be pinged.
// builtins.removeAttrs chromium.browser (builtins.filter (e: e != "version") (builtins.attrNames chromium.browser))
Reference in New Issue Copy Permalink