mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-20 20:53:48 +00:00
233 lines
7.3 KiB
Nix
233 lines
7.3 KiB
Nix
{ pname, version, updateScript ? null
|
|
, src, patches ? [], extraConfigureFlags ? [], extraMakeFlags ? [], overrides ? {}, meta
|
|
, isTorBrowserLike ? false }:
|
|
|
|
{ lib, stdenv, pkgconfig, pango, perl, python, zip, libIDL
|
|
, libjpeg, zlib, dbus, dbus_glib, bzip2, xorg
|
|
, freetype, fontconfig, file, nspr, nss, libnotify
|
|
, yasm, mesa, sqlite, unzip, makeWrapper
|
|
, hunspell, libevent, libstartup_notification, libvpx
|
|
, cairo, icu, libpng, jemalloc
|
|
, autoconf213, which, gnused, cargo, rustc, llvmPackages
|
|
, debugBuild ? false
|
|
|
|
### optionals
|
|
|
|
## optional libraries
|
|
|
|
, alsaSupport ? true, alsaLib
|
|
, pulseaudioSupport ? true, libpulseaudio
|
|
, ffmpegSupport ? true, gstreamer, gst-plugins-base
|
|
, gtk3Support ? !isTorBrowserLike, gtk2, gtk3, wrapGAppsHook
|
|
, gssSupport ? true, kerberos
|
|
|
|
## privacy-related options
|
|
|
|
, privacySupport ? isTorBrowserLike
|
|
|
|
# WARNING: NEVER set any of the options below to `true` by default.
|
|
# Set to `privacySupport` or `false`.
|
|
|
|
, webrtcSupport ? !privacySupport
|
|
, geolocationSupport ? !privacySupport
|
|
, googleAPISupport ? geolocationSupport
|
|
, crashreporterSupport ? false
|
|
|
|
, safeBrowsingSupport ? false
|
|
, drmSupport ? false
|
|
|
|
## other
|
|
|
|
# If you want the resulting program to call itself
|
|
# "Firefox"/"Torbrowser" instead of "Nightly" or whatever, enable this
|
|
# option. However, in Firefox's case, those binaries may not be
|
|
# distributed without permission from the Mozilla Foundation, see
|
|
# http://www.mozilla.org/foundation/trademarks/.
|
|
, enableOfficialBranding ? isTorBrowserLike
|
|
}:
|
|
|
|
assert stdenv.cc ? libc && stdenv.cc.libc != null;
|
|
|
|
let
|
|
flag = tf: x: [(if tf then "--enable-${x}" else "--disable-${x}")];
|
|
gcc = if stdenv.cc.isGNU then stdenv.cc.cc else stdenv.cc.cc.gcc;
|
|
in
|
|
|
|
stdenv.mkDerivation (rec {
|
|
name = "${pname}-unwrapped-${version}";
|
|
|
|
inherit src patches meta;
|
|
|
|
buildInputs = [
|
|
gtk2 perl zip libIDL libjpeg zlib bzip2
|
|
dbus dbus_glib pango freetype fontconfig xorg.libXi
|
|
xorg.libX11 xorg.libXrender xorg.libXft xorg.libXt file
|
|
nspr libnotify xorg.pixman yasm mesa
|
|
xorg.libXScrnSaver xorg.scrnsaverproto
|
|
xorg.libXext xorg.xextproto sqlite unzip makeWrapper
|
|
hunspell libevent libstartup_notification libvpx /* cairo */
|
|
icu libpng jemalloc
|
|
]
|
|
++ lib.optionals (!isTorBrowserLike) [ nss ]
|
|
|
|
++ lib.optional alsaSupport alsaLib
|
|
++ lib.optional pulseaudioSupport libpulseaudio # only headers are needed
|
|
++ lib.optionals ffmpegSupport [ gstreamer gst-plugins-base ]
|
|
++ lib.optional gtk3Support gtk3
|
|
++ lib.optional gssSupport kerberos;
|
|
|
|
NIX_CFLAGS_COMPILE = "-I${nspr.dev}/include/nspr -I${nss.dev}/include/nss";
|
|
|
|
nativeBuildInputs =
|
|
[ autoconf213 which gnused pkgconfig perl python cargo rustc ]
|
|
++ lib.optional gtk3Support wrapGAppsHook;
|
|
|
|
preConfigure = ''
|
|
# remove distributed configuration files
|
|
rm -f configure
|
|
rm -f js/src/configure
|
|
rm -f .mozconfig*
|
|
|
|
# this will run autoconf213
|
|
make -f client.mk configure-files
|
|
|
|
configureScript="$(realpath ./configure)"
|
|
|
|
cxxLib=$( echo -n ${gcc}/include/c++/* )
|
|
archLib=$cxxLib/$( ${gcc}/bin/gcc -dumpmachine )
|
|
|
|
test -f layout/style/ServoBindings.toml && sed -i -e '/"-DMOZ_STYLO"/ a , "-cxx-isystem", "'$cxxLib'", "-isystem", "'$archLib'"' layout/style/ServoBindings.toml
|
|
|
|
cd obj-*
|
|
'' + lib.optionalString googleAPISupport ''
|
|
# Google API key used by Chromium and Firefox.
|
|
# Note: These are for NixOS/nixpkgs use ONLY. For your own distribution,
|
|
# please get your own set of keys.
|
|
echo "AIzaSyDGi15Zwl11UNe6Y-5XW_upsfyw31qwZPI" >ga
|
|
'';
|
|
|
|
configureFlags = [
|
|
"--enable-application=browser"
|
|
"--with-system-jpeg"
|
|
"--with-system-zlib"
|
|
"--with-system-bz2"
|
|
"--with-system-libevent"
|
|
"--with-system-libvpx"
|
|
"--with-system-png" # needs APNG support
|
|
"--with-system-icu"
|
|
"--enable-system-ffi"
|
|
"--enable-system-hunspell"
|
|
"--enable-system-pixman"
|
|
"--enable-system-sqlite"
|
|
#"--enable-system-cairo"
|
|
"--enable-startup-notification"
|
|
#"--enable-content-sandbox" # TODO: probably enable after 54
|
|
"--disable-tests"
|
|
"--disable-necko-wifi" # maybe we want to enable this at some point
|
|
"--disable-updater"
|
|
"--enable-jemalloc"
|
|
"--disable-maintenance-service"
|
|
"--disable-gconf"
|
|
"--enable-default-toolkit=cairo-gtk${if gtk3Support then "3" else "2"}"
|
|
]
|
|
++ lib.optionals (stdenv.lib.versionAtLeast version "56" && !stdenv.hostPlatform.isi686) [
|
|
# on i686-linux: --with-libclang-path is not available in this configuration
|
|
"--with-libclang-path=${llvmPackages.libclang}/lib"
|
|
"--with-clang-path=${llvmPackages.clang}/bin/clang"
|
|
]
|
|
++ lib.optionals (stdenv.lib.versionAtLeast version "57") [
|
|
"--enable-webrender=build"
|
|
]
|
|
|
|
# TorBrowser patches these
|
|
++ lib.optionals (!isTorBrowserLike) [
|
|
"--with-system-nss"
|
|
"--with-system-nspr"
|
|
]
|
|
|
|
# and wants these
|
|
++ lib.optionals isTorBrowserLike ([
|
|
"--with-tor-browser-version=${version}"
|
|
"--enable-signmar"
|
|
"--enable-verify-mar"
|
|
|
|
# We opt out of TorBrowser's nspr because that patch is useless on
|
|
# anything but Windows and produces zero fingerprinting
|
|
# possibilities on other platforms.
|
|
# Lets save some space instead.
|
|
"--with-system-nspr"
|
|
] ++ flag geolocationSupport "mozril-geoloc"
|
|
++ flag safeBrowsingSupport "safe-browsing"
|
|
)
|
|
|
|
++ flag alsaSupport "alsa"
|
|
++ flag pulseaudioSupport "pulseaudio"
|
|
++ flag ffmpegSupport "ffmpeg"
|
|
++ flag gssSupport "negotiateauth"
|
|
++ lib.optional (!ffmpegSupport) "--disable-gstreamer"
|
|
++ flag webrtcSupport "webrtc"
|
|
++ lib.optional googleAPISupport "--with-google-api-keyfile=ga"
|
|
++ flag crashreporterSupport "crashreporter"
|
|
++ lib.optional drmSupport "--enable-eme=widevine"
|
|
|
|
++ (if debugBuild then [ "--enable-debug" "--enable-profiling" ]
|
|
else [ "--disable-debug" "--enable-release"
|
|
"--enable-optimize"
|
|
"--enable-strip" ])
|
|
++ lib.optional enableOfficialBranding "--enable-official-branding"
|
|
++ extraConfigureFlags;
|
|
|
|
preBuild = lib.optionalString (enableOfficialBranding && isTorBrowserLike) ''
|
|
buildFlagsArray=("MOZ_APP_DISPLAYNAME=Tor Browser")
|
|
'';
|
|
|
|
makeFlags = lib.optionals enableOfficialBranding [
|
|
"MOZILLA_OFFICIAL=1"
|
|
"BUILD_OFFICIAL=1"
|
|
]
|
|
++ extraMakeFlags;
|
|
|
|
enableParallelBuilding = true;
|
|
|
|
preInstall = ''
|
|
# The following is needed for startup cache creation on grsecurity kernels.
|
|
paxmark m dist/bin/xpcshell
|
|
'';
|
|
|
|
postInstall = ''
|
|
# For grsecurity kernels
|
|
paxmark m $out/lib/firefox-[0-9]*/{firefox,firefox-bin,plugin-container}
|
|
|
|
# Remove SDK cruft. FIXME: move to a separate output?
|
|
rm -rf $out/share/idl $out/include $out/lib/firefox-devel-*
|
|
|
|
# Needed to find Mozilla runtime
|
|
gappsWrapperArgs+=(--argv0 "$out/bin/.firefox-wrapped")
|
|
'';
|
|
|
|
postFixup = ''
|
|
# Fix notifications. LibXUL uses dlopen for this, unfortunately; see #18712.
|
|
patchelf --set-rpath "${lib.getLib libnotify
|
|
}/lib:$(patchelf --print-rpath "$out"/lib/firefox-*/libxul.so)" \
|
|
"$out"/lib/firefox-*/libxul.so
|
|
'';
|
|
|
|
doInstallCheck = true;
|
|
installCheckPhase = ''
|
|
# Some basic testing
|
|
"$out/bin/firefox" --version
|
|
'';
|
|
|
|
passthru = {
|
|
browserName = "firefox";
|
|
inherit version updateScript;
|
|
isFirefox3Like = true;
|
|
inherit isTorBrowserLike;
|
|
gtk = gtk2;
|
|
inherit nspr;
|
|
inherit ffmpegSupport;
|
|
inherit gssSupport;
|
|
} // lib.optionalAttrs gtk3Support { inherit gtk3; };
|
|
|
|
} // overrides)
|