mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-28 16:43:58 +00:00
ff6cc1ac0e
It works, but this state is far from ideal: GNU guys update generated source tarballs very infrequently. Ideally, src needs to be generated by running makeicecat over firefox src. Will do later.
256 lines
7.7 KiB
Nix
256 lines
7.7 KiB
Nix
{ lib, callPackage, stdenv, fetchurl, fetchFromGitHub, fetchpatch, python3 }:
|
|
|
|
let
|
|
|
|
common = opts: callPackage (import ./common.nix opts) {};
|
|
|
|
nixpkgsPatches = [
|
|
./env_var_for_system_dir.patch
|
|
];
|
|
|
|
in
|
|
|
|
rec {
|
|
|
|
firefox = common rec {
|
|
pname = "firefox";
|
|
ffversion = "65.0";
|
|
src = fetchurl {
|
|
url = "mirror://mozilla/firefox/releases/${ffversion}/source/firefox-${ffversion}.source.tar.xz";
|
|
sha512 = "39bx76whgf53rkfqqy8gfhd44wikh89zpnqr930v4grqg3v0pfr8mbvp7xzjjlf5r7bski0wxibn9vyyy273fp99zyj1w2m5ihh9aqh";
|
|
};
|
|
|
|
patches = nixpkgsPatches ++ [
|
|
./no-buildconfig-ffx65.patch
|
|
];
|
|
|
|
extraNativeBuildInputs = [ python3 ];
|
|
|
|
meta = {
|
|
description = "A web browser built from Firefox source tree";
|
|
homepage = http://www.mozilla.com/en-US/firefox/;
|
|
maintainers = with lib.maintainers; [ eelco ];
|
|
platforms = lib.platforms.unix;
|
|
license = lib.licenses.mpl20;
|
|
};
|
|
updateScript = callPackage ./update.nix {
|
|
attrPath = "firefox-unwrapped";
|
|
versionKey = "ffversion";
|
|
};
|
|
};
|
|
|
|
firefox-esr-52 = common rec {
|
|
pname = "firefox-esr";
|
|
ffversion = "52.9.0esr";
|
|
src = fetchurl {
|
|
url = "mirror://mozilla/firefox/releases/${ffversion}/source/firefox-${ffversion}.source.tar.xz";
|
|
sha512 = "bfca42668ca78a12a9fb56368f4aae5334b1f7a71966fbba4c32b9c5e6597aac79a6e340ac3966779d2d5563eb47c054ab33cc40bfb7306172138ccbd3adb2b9";
|
|
};
|
|
|
|
patches = nixpkgsPatches ++ [
|
|
# this one is actually an omnipresent bug
|
|
# https://bugzilla.mozilla.org/show_bug.cgi?id=1444519
|
|
./fix-pa-context-connect-retval.patch
|
|
];
|
|
|
|
meta = firefox.meta // {
|
|
description = "A web browser built from Firefox Extended Support Release source tree";
|
|
knownVulnerabilities = [ "Support ended in August 2018." ];
|
|
};
|
|
updateScript = callPackage ./update.nix {
|
|
attrPath = "firefox-esr-52-unwrapped";
|
|
ffversionSuffix = "esr";
|
|
versionKey = "ffversion";
|
|
};
|
|
};
|
|
|
|
firefox-esr-60 = common rec {
|
|
pname = "firefox-esr";
|
|
ffversion = "60.5.0esr";
|
|
src = fetchurl {
|
|
url = "mirror://mozilla/firefox/releases/${ffversion}/source/firefox-${ffversion}.source.tar.xz";
|
|
sha512 = "3n7l146gdjwhi0iq85awc0yykvi4x5m91mcylxa5mrq911bv6xgn2i92nzhgnhdilqap5218778vgvnalikzsh67irrncx1hy5f6iyx";
|
|
};
|
|
|
|
patches = nixpkgsPatches ++ [
|
|
./no-buildconfig-ffx65.patch
|
|
|
|
# this one is actually an omnipresent bug
|
|
# https://bugzilla.mozilla.org/show_bug.cgi?id=1444519
|
|
./fix-pa-context-connect-retval.patch
|
|
];
|
|
|
|
meta = firefox.meta // {
|
|
description = "A web browser built from Firefox Extended Support Release source tree";
|
|
};
|
|
updateScript = callPackage ./update.nix {
|
|
attrPath = "firefox-esr-60-unwrapped";
|
|
versionSuffix = "esr";
|
|
versionKey = "ffversion";
|
|
};
|
|
};
|
|
|
|
} // (let
|
|
|
|
iccommon = args: common (args // {
|
|
pname = "icecat";
|
|
isIceCatLike = true;
|
|
|
|
meta = (args.meta or {}) // {
|
|
description = "The GNU version of the Firefox web browser";
|
|
longDescription = ''
|
|
GNUzilla is the GNU version of the Mozilla suite, and GNU
|
|
IceCat is the GNU version of the Firefox web browser.
|
|
|
|
Notable differences from mainline Firefox:
|
|
|
|
- entirely free software, no non-free plugins, addons,
|
|
artwork,
|
|
- no telemetry, no "studies",
|
|
- sane privacy and security defaults (for instance, unlike
|
|
Firefox, IceCat does _zero_ network requests on startup by
|
|
default, which means that with IceCat you won't need to
|
|
unplug your Ethernet cable each time you want to create a
|
|
new browser profile without announcing that action to a
|
|
bunch of data-hungry corporations),
|
|
- all essential privacy and security settings can be
|
|
configured directly from the main screen,
|
|
- optional first party isolation (like TorBrowser),
|
|
- comes with HTTPS Everywhere (like TorBrowser), Tor Browser
|
|
Button (like TorBrowser Bundle), LibreJS, and SpyBlock
|
|
plugins out of the box.
|
|
|
|
This package can be installed together with Firefox and
|
|
TorBrowser, it will use distinct binary names and profile
|
|
directories.
|
|
'';
|
|
homepage = "https://www.gnu.org/software/gnuzilla/";
|
|
platforms = lib.platforms.unix;
|
|
license = with lib.licenses; [ mpl20 gpl3Plus ];
|
|
};
|
|
});
|
|
|
|
in rec {
|
|
|
|
icecat = iccommon rec {
|
|
ffversion = "60.3.0";
|
|
icversion = "${ffversion}-gnu1";
|
|
|
|
src = fetchurl {
|
|
url = "mirror://gnu/gnuzilla/${ffversion}/icecat-${icversion}.tar.bz2";
|
|
sha256 = "0icnl64nxcyf7dprpdpygxhabsvyhps8c3ixysj9bcdlj9q34ib1";
|
|
};
|
|
|
|
patches = nixpkgsPatches ++ [
|
|
./no-buildconfig.patch
|
|
];
|
|
};
|
|
|
|
icecat-52 = iccommon rec {
|
|
ffversion = "52.6.0";
|
|
icversion = "${ffversion}-gnu1";
|
|
|
|
src = fetchurl {
|
|
url = "mirror://gnu/gnuzilla/${ffversion}/icecat-${icversion}.tar.bz2";
|
|
sha256 = "09fn54glqg1aa93hnz5zdcy07cps09dbni2b4200azh6nang630a";
|
|
};
|
|
|
|
patches = nixpkgsPatches ++ [
|
|
# this one is actually an omnipresent bug
|
|
# https://bugzilla.mozilla.org/show_bug.cgi?id=1444519
|
|
./fix-pa-context-connect-retval.patch
|
|
];
|
|
|
|
meta.knownVulnerabilities = [ "Support ended in August 2018." ];
|
|
};
|
|
|
|
}) // (let
|
|
|
|
tbcommon = args: common (args // {
|
|
pname = "tor-browser";
|
|
isTorBrowserLike = true;
|
|
|
|
unpackPhase = ''
|
|
# fetchFromGitHub produces ro sources, root dir gets a name that
|
|
# is too long for shebangs. fixing
|
|
cp -a $src tor-browser
|
|
chmod -R +w tor-browser
|
|
cd tor-browser
|
|
|
|
# set times for xpi archives
|
|
find . -exec touch -d'2010-01-01 00:00' {} \;
|
|
'';
|
|
|
|
patches = nixpkgsPatches;
|
|
|
|
meta = (args.meta or {}) // {
|
|
description = "A web browser built from TorBrowser source tree";
|
|
longDescription = ''
|
|
This is a version of TorBrowser with bundle-related patches
|
|
reverted.
|
|
|
|
I.e. it's a variant of Firefox with less fingerprinting and
|
|
some isolation features you can't get with any extensions.
|
|
|
|
Or, alternatively, a variant of TorBrowser that works like any
|
|
other UNIX program and doesn't expect you to run it from a
|
|
bundle.
|
|
|
|
It will use your default Firefox profile if you're not careful
|
|
even! Be careful!
|
|
|
|
It will clash with firefox binary if you install both. But it
|
|
should not be a problem because you should run browsers in
|
|
separate users/VMs anyway.
|
|
|
|
Create new profile by starting it as
|
|
|
|
$ firefox -ProfileManager
|
|
|
|
and then configure it to use your tor instance.
|
|
|
|
Or just use `tor-browser-bundle` package that packs this
|
|
`tor-browser` back into a sanely-built bundle.
|
|
'';
|
|
homepage = https://www.torproject.org/projects/torbrowser.html;
|
|
platforms = lib.platforms.linux;
|
|
license = lib.licenses.bsd3;
|
|
};
|
|
});
|
|
|
|
in rec {
|
|
|
|
tor-browser-7-5 = (tbcommon rec {
|
|
ffversion = "52.9.0esr";
|
|
tbversion = "7.5.6";
|
|
|
|
# FIXME: fetchFromGitHub is not ideal, unpacked source is >900Mb
|
|
src = fetchFromGitHub {
|
|
owner = "SLNOS";
|
|
repo = "tor-browser";
|
|
# branch "tor-browser-52.9.0esr-7.5-2-slnos"
|
|
rev = "95bb92d552876a1f4260edf68fda5faa3eb36ad8";
|
|
sha256 = "1ykn3yg4s36g2cpzxbz7s995c33ij8kgyvghx38z4i8siaqxdddy";
|
|
};
|
|
}).override {
|
|
gtk3Support = false;
|
|
};
|
|
|
|
tor-browser-8-0 = tbcommon rec {
|
|
ffversion = "60.3.0esr";
|
|
tbversion = "8.0.3";
|
|
|
|
# FIXME: fetchFromGitHub is not ideal, unpacked source is >900Mb
|
|
src = fetchFromGitHub {
|
|
owner = "SLNOS";
|
|
repo = "tor-browser";
|
|
# branch "tor-browser-60.3.0esr-8.0-1-slnos"
|
|
rev = "bd512ad9c40069adfc983f4f03dbd9d220cdf2f9";
|
|
sha256 = "1j349aqiqrf58zrx8pkqvh292w41v1vwr7x7dmd74hq4pi2iwpn8";
|
|
};
|
|
};
|
|
|
|
tor-browser = tor-browser-8-0;
|
|
|
|
})
|