diff options
| -rw-r--r-- | gnu/packages/librewolf.scm | 760 |
1 files changed, 383 insertions, 377 deletions
diff --git a/gnu/packages/librewolf.scm b/gnu/packages/librewolf.scm index 344ab9532f..e2f307fc7b 100644 --- a/gnu/packages/librewolf.scm +++ b/gnu/packages/librewolf.scm @@ -283,383 +283,389 @@ (guix elf) (guix build gremlin) ,@%default-gnu-imported-modules) - #:phases #~(modify-phases %standard-phases - (add-after 'unpack 'fix-preferences - (lambda* (#:key inputs #:allow-other-keys) - (let ((port (open-file "browser/app/profile/firefox.js" - "a"))) - (define (write-setting key value) - (format port "~%pref(\"~a\", ~a);~%" key value) - (format #t - "fix-preferences: setting value of ~a to ~a~%" key - value)) - - ;; We should allow the sandbox to read the store directory, - ;; because the sandbox has access to /usr on FHS distros. - (write-setting - "security.sandbox.content.read_path_whitelist" - (string-append "\"" - (%store-directory) "/\"")) - - ;; XDG settings should be managed by Guix. - (write-setting "browser.shell.checkDefaultBrowser" - "false") - (close-port port)))) - (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker - (lambda* (#:key inputs #:allow-other-keys) - (let* ((ffmpeg (assoc-ref inputs "ffmpeg")) - (libavcodec (string-append ffmpeg - "/lib/libavcodec.so"))) - ;; Arrange to load libavcodec.so by its absolute file name. - (substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp" - (("libavcodec\\.so") - libavcodec))))) - (add-after 'unpack 'neuter-genai - (lambda* _ - ;; Lock the preferences so they can't be enabled. - (substitute* "lw/librewolf.cfg" - (("defaultPref\\(\"browser\\.ml\\.") - "lockPref(\"browser.ml.")))) - (add-after 'patch-source-shebangs 'patch-cargo-checksums - (lambda _ - (use-modules (guix build cargo-utils)) - (let ((null-hash - ;; This is the SHA256 output of an empty string. - (string-append - "e3b0c44298fc1c149afbf4c8996fb924" - "27ae41e4649b934ca495991b7852b855"))) - (for-each (lambda (file) - (format #t - "patch-cargo-checksums: patching checksums in ~a~%" - file) - (substitute* file - (("(checksum = )\".*\"" all name) - (string-append name "\"" null-hash - "\"")))) - (find-files "." "Cargo\\.lock$")) - (for-each generate-all-checksums - '("build" - "dom/media" - "dom/webauthn" - "gfx" - "intl" - "js" - "media" - "modules" - "mozglue/static/rust" - "netwerk" - "remote" - "security/manager/ssl" - "servo" - "storage" - "third_party/rust" - "toolkit" - "xpcom/rust" - "services"))))) - (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag - (lambda _ - ;; Remove --frozen flag from cargo invocation, otherwise it'll - ;; complain that it's not able to change Cargo.lock. - ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373 - (substitute* "build/RunCbindgen.py" - (("args.append\\(\"--frozen\"\\)") "pass")))) - (delete 'bootstrap) - (add-before 'configure 'patch-SpeechDispatcherService.cpp - (lambda _ - (let* ((lib "libspeechd.so.2") - (file (string-append - "dom/media/webspeech/synth/" - "speechd/SpeechDispatcherService.cpp")) - (old-content (call-with-input-file file - get-string-all))) - (substitute - file - `((,(format #f "~s" lib) unquote - (lambda (line _) - (string-replace-substring - line lib - (string-append #$speech-dispatcher - "/lib/" lib)))))) - (if (string=? old-content - (call-with-input-file file - get-string-all)) - (error - "substitute did nothing, phase requires an update"))))) - (add-before 'configure 'set-build-id - ;; Build will write the timestamp to output, which is harmful - ;; for reproducibility, so change it to a fixed date. Use a - ;; separate phase for easier modification with inherit. - (lambda _ - (setenv "MOZ_BUILD_DATE" - #$%librewolf-build-id))) - ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1927380 - (add-before 'configure 'patch-icu-lookup - (lambda _ - (let* ((file "js/moz.configure") - (old-content (call-with-input-file file get-string-all))) - (substitute* file - (("icu-i18n >= 76.1" all) - (string-append all ", icu-uc >= 76.1"))) - (if (string=? old-content - (pk (call-with-input-file file get-string-all))) - (error "substitute did nothing, phase requires an update"))))) - (replace 'configure - (lambda* (#:key inputs outputs configure-flags - #:allow-other-keys) - (setenv "AUTOCONF" - (string-append (assoc-ref inputs "autoconf") - "/bin/autoconf")) - (setenv "SHELL" - (which "bash")) - (setenv "CONFIG_SHELL" - (which "bash")) - (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE" - "system") - (setenv "LANG" "en_US.utf8") - ;; This should use the host info probably (does it - ;; build on non-x86_64 though?) - (setenv "GUIX_PYTHONPATH" - (string-append (getcwd) - "/obj-x86_64-pc-linux-gnu/_virtualenvs/build")) - - ;; Use Clang, Clang is 2x faster than GCC - (setenv "AR" "llvm-ar") - (setenv "NM" "llvm-nm") - (setenv "CC" "clang") - (setenv "CXX" "clang++") - (setenv "MOZ_NOSPAM" "1") - (setenv "MOZ_APP_REMOTINGNAME" "LibreWolf") - (setenv "MOZ_APP_NAME" "librewolf") - - (setenv "MOZBUILD_STATE_PATH" - (getcwd)) - - (let* ((mozconfig (string-append (getcwd) "/mozconfig")) - (out (assoc-ref outputs "out")) - (flags (cons (string-append "--prefix=" out) - configure-flags))) - (format #t "build directory: ~s~%" - (getcwd)) - (format #t "configure flags: ~s~%" flags) - - (define write-flags - (lambda flags - (display (string-join (map (cut string-append - "ac_add_options " <>) - flags) "\n")) - (display "\n"))) - (with-output-to-file mozconfig - (lambda () - (apply write-flags flags) - ;; The following option unsets Telemetry - ;; Reporting. With the Addons Fiasco, - ;; Mozilla was found to be collecting - ;; user's data, including saved passwords - ;; and web form data, without users - ;; consent. Mozilla was also found - ;; shipping updates to systems without - ;; the user's knowledge or permission. - ;; As a result of this, use the following - ;; command to permanently disable - ;; telemetry reporting. - (display "unset MOZ_TELEMETRY_REPORTING\n") - (display "mk_add_options MOZ_CRASHREPORTER=0\n") - (display "mk_add_options MOZ_DATA_REPORTING=0\n") - (display - "mk_add_options MOZ_SERVICES_HEALTHREPORT=0") - (display - "mk_add_options MOZ_TELEMETRY_REPORTING=0"))) - (setenv "MOZCONFIG" mozconfig)) - (invoke "./mach" "configure"))) - (add-before 'build 'fix-addons-placeholder - (lambda _ - (substitute* "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl" - (("addons.mozilla.org") - "gnuzilla.gnu.org")))) - (replace 'build - (lambda* (#:key (make-flags '()) - (parallel-build? #t) #:allow-other-keys) - (apply invoke "./mach" "build" - ;; mach will use parallel build if possible by default - `(,@(if parallel-build? - `(,(string-append - "-j" (number->string (parallel-job-count)))) - '("-j1")) - ,@make-flags)))) - (add-after 'build 'neutralise-store-references - (lambda _ - ;; Mangle the store references to compilers & - ;; other build tools in about:buildconfig, - ;; reducing the package's closure by 1 GiB on - ;; x86-64. - (let* ((build-dir (car (scandir "." - (cut string-prefix? - "obj-" <>)))) - (file (string-append build-dir - "/dist/bin/chrome/toolkit/" - "content/global/buildconfig.html"))) - (substitute* file - (((format #f "(~a/)([0-9a-df-np-sv-z]{32})" - (regexp-quote (%store-directory))) - _ store hash) - (string-append store - (string-take hash 8) - "<!-- Guix: not a runtime dependency -->" - (string-drop hash 8))))))) - (replace 'install - (lambda _ - (invoke "./mach" "install"))) - (add-after 'install 'remove-duplicate-bin - (lambda* (#:key outputs #:allow-other-keys) - (delete-file (string-append #$output - "/lib/librewolf/librewolf-bin")))) - (add-after 'install 'wrap-glxtest - ;; glxtest uses dlopen() to load mesa and pci - ;; libs, wrap it to set LD_LIBRARY_PATH. - (lambda* (#:key inputs outputs #:allow-other-keys) - (let* ((out (assoc-ref outputs "out")) - (lib (string-append out "/lib")) - (libs (map - (lambda (lib-name) - (string-append (assoc-ref inputs - lib-name) - "/lib")) - '("mesa" "pciutils")))) - (wrap-program (car (find-files lib "^glxtest$")) - `("LD_LIBRARY_PATH" prefix ,libs))))) - (add-after 'install 'patch-config - (lambda* (#:key inputs #:allow-other-keys) - (let ((lib (string-append #$output "/lib/librewolf")) - (config-file "librewolf.cfg")) - - ;; Required for Guix packaged extensions - ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8 - ;; Default is 5. - (substitute* (in-vicinity lib config-file) - (("defaultPref\\(\"extensions.enabledScopes\", 5\\)") - "defaultPref(\"extensions.enabledScopes\", 13)")) - ;; Use Mozzarella addons repo. - (call-with-port - (open-file - (in-vicinity lib config-file) - "a") - (lambda (port) - ;; Add-ons panel (see settings.js in Icecat source). - (for-each - (lambda (pref) - (format port - "defaultPref(~s, ~s);~%" - (car pref) - (cdr pref))) - `(("extensions.getAddons.search.browseURL" - ,(string-append - "https://gnuzilla.gnu.org/mozzarella/" - "search.php?q=%TERMS%")) - ("extensions.getAddons.get.url" . - "https://gnuzilla.gnu.org/mozzarella") - ("extensions.getAddons.link.url" . - "https://gnuzilla.gnu.org/mozzarella") - ("extensions.getAddons.discovery.api_url" . - "https://gnuzilla.gnu.org/mozzarella") - ("extensions.getAddons.langpacks.url" . - "https://gnuzilla.gnu.org/mozzarella") - ("lightweightThemes.getMoreURL" . - "https://gnuzilla.gnu.org/mozzarella")))))))) - (add-after 'install 'wrap-program - (lambda* (#:key inputs outputs #:allow-other-keys) - ;; The following two functions are from Guix's icecat package in - ;; (gnu packages gnuzilla). See commit - ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b. - (define (runpath-of lib) - (call-with-input-file lib - (compose elf-dynamic-info-runpath elf-dynamic-info - parse-elf get-bytevector-all))) - (define (runpaths-of-input label) - (let* ((dir (string-append (assoc-ref inputs label) - "/lib")) - (libs (find-files dir "\\.so$"))) - (append-map runpath-of libs))) - (let* ((out (assoc-ref outputs "out")) - (lib (string-append out "/lib")) - (libs (map - (lambda (lib-name) - (string-append (assoc-ref inputs - lib-name) - "/lib")) - '("eudev" ; For U2F and WebAuthn - "libnotify" - "libpng-apng" - "libva" - "mesa" - "pipewire" ; For sharing on Wayland - "pulseaudio"))) - - ;; VA-API is run in the RDD (Remote Data Decoder) sandbox - ;; and must be explicitly given access to files it needs. - ;; Rather than adding the whole store (as Nix had - ;; upstream do, see - ;; <https://github.com/NixOS/nixpkgs/pull/165964> and - ;; linked upstream patches), we can just follow the - ;; runpaths of the needed libraries to add everything to - ;; LD_LIBRARY_PATH. These will then be accessible in the - ;; RDD sandbox. - (rdd-whitelist - (map (cut string-append <> "/") - (delete-duplicates - (append-map runpaths-of-input - '("mesa" - "ffmpeg"))))) - (gtk-share (string-append (assoc-ref inputs - "gtk+") - "/share"))) - (wrap-program (car (find-files lib "^librewolf$")) - `("LD_LIBRARY_PATH" prefix - (,@libs ,@rdd-whitelist)) - `("XDG_DATA_DIRS" prefix - (,gtk-share)) - `("MOZ_LEGACY_PROFILES" = - ("1")) - `("MOZ_ALLOW_DOWNGRADE" = - ("1")))))) - (add-after 'wrap-program 'install-desktop-entry - (lambda* (#:key outputs #:allow-other-keys) - (let* ((desktop-file - "toolkit/mozapps/installer/linux/rpm/mozilla.desktop") - (applications (string-append #$output - "/share/applications"))) - (substitute* desktop-file - (("^Exec=@MOZ_APP_NAME@") - (string-append "Exec=" - #$output "/bin/librewolf %u")) - (("@MOZ_APP_DISPLAYNAME@") - "LibreWolf") - (("@MOZ_APP_REMOTINGNAME@") - "LibreWolf") - (("^Icon=@MOZ_APP_NAME@") - (string-append "Icon=" - #$output - "/share/icons/hicolor/128x128/apps/librewolf.png"))) - - (copy-file desktop-file "librewolf.desktop") - (install-file "librewolf.desktop" applications)))) - (add-after 'install-desktop-entry 'install-icons - (lambda* (#:key outputs #:allow-other-keys) - (let ((icon-source-dir (string-append #$output - "/lib/librewolf/browser/" - "chrome/icons/default"))) - (for-each (lambda (size) - (let ((dest (string-append #$output - "/share/icons/hicolor/" - size - "x" - size - "/apps"))) - (mkdir-p dest) - (symlink (string-append icon-source-dir - "/default" size ".png") - (string-append dest - "/librewolf.png")))) - '("16" "32" "48" "64" "128")))))) + #:phases + #~(modify-phases %standard-phases + (add-after 'unpack 'fix-preferences + (lambda* (#:key inputs #:allow-other-keys) + (let ((port (open-file "browser/app/profile/firefox.js" + "a"))) + (define (write-setting key value) + (format port "~%pref(\"~a\", ~a);~%" key value) + (format #t + "fix-preferences: setting value of ~a to ~a~%" key + value)) + + ;; We should allow the sandbox to read the store directory, + ;; because the sandbox has access to /usr on FHS distros. + (write-setting + "security.sandbox.content.read_path_whitelist" + (string-append "\"" + (%store-directory) "/\"")) + + ;; XDG settings should be managed by Guix. + (write-setting "browser.shell.checkDefaultBrowser" + "false") + (close-port port)))) + (add-after 'fix-preferences 'fix-ffmpeg-runtime-linker + (lambda* (#:key inputs #:allow-other-keys) + (let* ((ffmpeg (assoc-ref inputs "ffmpeg")) + (libavcodec (string-append ffmpeg + "/lib/libavcodec.so"))) + ;; Arrange to load libavcodec.so by its absolute file name. + (substitute* + "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp" + (("libavcodec\\.so") + libavcodec))))) + (add-after 'unpack 'neuter-genai + (lambda* _ + ;; Lock the preferences so they can't be enabled. + (substitute* "lw/librewolf.cfg" + (("defaultPref\\(\"browser\\.ml\\.") + "lockPref(\"browser.ml.")))) + (add-after 'patch-source-shebangs 'patch-cargo-checksums + (lambda _ + (use-modules (guix build cargo-utils)) + (let ((null-hash + ;; This is the SHA256 output of an empty string. + (string-append + "e3b0c44298fc1c149afbf4c8996fb924" + "27ae41e4649b934ca495991b7852b855"))) + (for-each + (lambda (file) + (format #t + "patch-cargo-checksums: patching checksums in ~a~%" + file) + (substitute* file + (("(checksum = )\".*\"" all name) + (string-append name "\"" null-hash + "\"")))) + (find-files "." "Cargo\\.lock$")) + (for-each generate-all-checksums + '("build" + "dom/media" + "dom/webauthn" + "gfx" + "intl" + "js" + "media" + "modules" + "mozglue/static/rust" + "netwerk" + "remote" + "security/manager/ssl" + "servo" + "storage" + "third_party/rust" + "toolkit" + "xpcom/rust" + "services"))))) + (add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag + (lambda _ + ;; Remove --frozen flag from cargo invocation, otherwise it'll + ;; complain that it's not able to change Cargo.lock. + ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373 + (substitute* "build/RunCbindgen.py" + (("args.append\\(\"--frozen\"\\)") "pass")))) + (delete 'bootstrap) + (add-before 'configure 'patch-SpeechDispatcherService.cpp + (lambda _ + (let* ((lib "libspeechd.so.2") + (file (string-append + "dom/media/webspeech/synth/" + "speechd/SpeechDispatcherService.cpp")) + (old-content (call-with-input-file file + get-string-all))) + (substitute + file + `((,(format #f "~s" lib) unquote + (lambda (line _) + (string-replace-substring + line lib + (string-append #$speech-dispatcher + "/lib/" lib)))))) + (if (string=? old-content + (call-with-input-file file + get-string-all)) + (error + "substitute did nothing, phase requires an update"))))) + (add-before 'configure 'set-build-id + ;; Build will write the timestamp to output, which is harmful + ;; for reproducibility, so change it to a fixed date. Use a + ;; separate phase for easier modification with inherit. + (lambda _ + (setenv "MOZ_BUILD_DATE" + #$%librewolf-build-id))) + ;; https://bugzilla.mozilla.org/show_bug.cgi?id=1927380 + (add-before 'configure 'patch-icu-lookup + (lambda _ + (let* ((file "js/moz.configure") + (old-content (call-with-input-file file get-string-all))) + (substitute* file + (("icu-i18n >= 76.1" all) + (string-append all ", icu-uc >= 76.1"))) + (if (string=? old-content + (pk (call-with-input-file file get-string-all))) + (error + "substitute did nothing, phase requires an update"))))) + (replace 'configure + (lambda* (#:key inputs outputs configure-flags + #:allow-other-keys) + (setenv "AUTOCONF" + (string-append (assoc-ref inputs "autoconf") + "/bin/autoconf")) + (setenv "SHELL" + (which "bash")) + (setenv "CONFIG_SHELL" + (which "bash")) + (setenv "MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE" + "system") + (setenv "LANG" "en_US.utf8") + ;; This should use the host info probably (does it + ;; build on non-x86_64 though?) + (setenv "GUIX_PYTHONPATH" + (string-append + (getcwd) + "/obj-x86_64-pc-linux-gnu/_virtualenvs/build")) + + ;; Use Clang, Clang is 2x faster than GCC + (setenv "AR" "llvm-ar") + (setenv "NM" "llvm-nm") + (setenv "CC" "clang") + (setenv "CXX" "clang++") + (setenv "MOZ_NOSPAM" "1") + (setenv "MOZ_APP_REMOTINGNAME" "LibreWolf") + (setenv "MOZ_APP_NAME" "librewolf") + + (setenv "MOZBUILD_STATE_PATH" + (getcwd)) + + (let* ((mozconfig (string-append (getcwd) "/mozconfig")) + (out (assoc-ref outputs "out")) + (flags (cons (string-append "--prefix=" out) + configure-flags))) + (format #t "build directory: ~s~%" + (getcwd)) + (format #t "configure flags: ~s~%" flags) + + (define write-flags + (lambda flags + (display (string-join (map (cut string-append + "ac_add_options " <>) + flags) "\n")) + (display "\n"))) + (with-output-to-file mozconfig + (lambda () + (apply write-flags flags) + ;; The following option unsets Telemetry + ;; Reporting. With the Addons Fiasco, + ;; Mozilla was found to be collecting + ;; user's data, including saved passwords + ;; and web form data, without users + ;; consent. Mozilla was also found + ;; shipping updates to systems without + ;; the user's knowledge or permission. + ;; As a result of this, use the following + ;; command to permanently disable + ;; telemetry reporting. + (display "unset MOZ_TELEMETRY_REPORTING\n") + (display "mk_add_options MOZ_CRASHREPORTER=0\n") + (display "mk_add_options MOZ_DATA_REPORTING=0\n") + (display + "mk_add_options MOZ_SERVICES_HEALTHREPORT=0") + (display + "mk_add_options MOZ_TELEMETRY_REPORTING=0"))) + (setenv "MOZCONFIG" mozconfig)) + (invoke "./mach" "configure"))) + (add-before 'build 'fix-addons-placeholder + (lambda _ + (substitute* + "toolkit/locales/en-US/toolkit/about/aboutAddons.ftl" + (("addons.mozilla.org") + "gnuzilla.gnu.org")))) + (replace 'build + (lambda* (#:key (make-flags '()) + (parallel-build? #t) #:allow-other-keys) + (apply invoke "./mach" "build" + ;; mach will use parallel build if possible by default + `(,@(if parallel-build? + `(,(string-append + "-j" (number->string (parallel-job-count)))) + '("-j1")) + ,@make-flags)))) + (add-after 'build 'neutralise-store-references + (lambda _ + ;; Mangle the store references to compilers & + ;; other build tools in about:buildconfig, + ;; reducing the package's closure by 1 GiB on + ;; x86-64. + (let* ((build-dir (car (scandir "." + (cut string-prefix? + "obj-" <>)))) + (file (string-append build-dir + "/dist/bin/chrome/toolkit/" + "content/global/buildconfig.html"))) + (substitute* file + (((format #f "(~a/)([0-9a-df-np-sv-z]{32})" + (regexp-quote (%store-directory))) + _ store hash) + (string-append store + (string-take hash 8) + "<!-- Guix: not a runtime dependency -->" + (string-drop hash 8))))))) + (replace 'install + (lambda _ + (invoke "./mach" "install"))) + (add-after 'install 'remove-duplicate-bin + (lambda* (#:key outputs #:allow-other-keys) + (delete-file (string-append #$output + "/lib/librewolf/librewolf-bin")))) + (add-after 'install 'wrap-glxtest + ;; glxtest uses dlopen() to load mesa and pci + ;; libs, wrap it to set LD_LIBRARY_PATH. + (lambda* (#:key inputs outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib")) + (libs (map + (lambda (lib-name) + (string-append (assoc-ref inputs + lib-name) + "/lib")) + '("mesa" "pciutils")))) + (wrap-program (car (find-files lib "^glxtest$")) + `("LD_LIBRARY_PATH" prefix ,libs))))) + (add-after 'install 'patch-config + (lambda* (#:key inputs #:allow-other-keys) + (let ((lib (string-append #$output "/lib/librewolf")) + (config-file "librewolf.cfg")) + + ;; Required for Guix packaged extensions + ;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8 + ;; Default is 5. + (substitute* (in-vicinity lib config-file) + (("defaultPref\\(\"extensions.enabledScopes\", 5\\)") + "defaultPref(\"extensions.enabledScopes\", 13)")) + ;; Use Mozzarella addons repo. + (call-with-port + (open-file + (in-vicinity lib config-file) + "a") + (lambda (port) + ;; Add-ons panel (see settings.js in Icecat source). + (for-each + (lambda (pref) + (format port + "defaultPref(~s, ~s);~%" + (car pref) + (cdr pref))) + `(("extensions.getAddons.search.browseURL" + ,(string-append + "https://gnuzilla.gnu.org/mozzarella/" + "search.php?q=%TERMS%")) + ("extensions.getAddons.get.url" . + "https://gnuzilla.gnu.org/mozzarella") + ("extensions.getAddons.link.url" . + "https://gnuzilla.gnu.org/mozzarella") + ("extensions.getAddons.discovery.api_url" . + "https://gnuzilla.gnu.org/mozzarella") + ("extensions.getAddons.langpacks.url" . + "https://gnuzilla.gnu.org/mozzarella") + ("lightweightThemes.getMoreURL" . + "https://gnuzilla.gnu.org/mozzarella")))))))) + (add-after 'install 'wrap-program + (lambda* (#:key inputs outputs #:allow-other-keys) + ;; The following two functions are from Guix's icecat package in + ;; (gnu packages gnuzilla). See commit + ;; b7a0935420ee630a29b7e5ac73a32ba1eb24f00b. + (define (runpath-of lib) + (call-with-input-file lib + (compose elf-dynamic-info-runpath elf-dynamic-info + parse-elf get-bytevector-all))) + (define (runpaths-of-input label) + (let* ((dir (string-append (assoc-ref inputs label) + "/lib")) + (libs (find-files dir "\\.so$"))) + (append-map runpath-of libs))) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib")) + (libs (map + (lambda (lib-name) + (string-append (assoc-ref inputs + lib-name) + "/lib")) + '("eudev" ; For U2F and WebAuthn + "libnotify" + "libpng-apng" + "libva" + "mesa" + "pipewire" ; For sharing on Wayland + "pulseaudio"))) + + ;; VA-API is run in the RDD (Remote Data Decoder) sandbox + ;; and must be explicitly given access to files it needs. + ;; Rather than adding the whole store (as Nix had + ;; upstream do, see + ;; <https://github.com/NixOS/nixpkgs/pull/165964> and + ;; linked upstream patches), we can just follow the + ;; runpaths of the needed libraries to add everything to + ;; LD_LIBRARY_PATH. These will then be accessible in the + ;; RDD sandbox. + (rdd-whitelist + (map (cut string-append <> "/") + (delete-duplicates + (append-map runpaths-of-input + '("mesa" + "ffmpeg"))))) + (gtk-share (string-append (assoc-ref inputs + "gtk+") + "/share"))) + (wrap-program (car (find-files lib "^librewolf$")) + `("LD_LIBRARY_PATH" prefix + (,@libs ,@rdd-whitelist)) + `("XDG_DATA_DIRS" prefix + (,gtk-share)) + `("MOZ_LEGACY_PROFILES" = + ("1")) + `("MOZ_ALLOW_DOWNGRADE" = + ("1")))))) + (add-after 'wrap-program 'install-desktop-entry + (lambda* (#:key outputs #:allow-other-keys) + (let* ((desktop-file + "toolkit/mozapps/installer/linux/rpm/mozilla.desktop") + (applications (string-append #$output + "/share/applications"))) + (substitute* desktop-file + (("^Exec=@MOZ_APP_NAME@") + (string-append "Exec=" + #$output "/bin/librewolf %u")) + (("@MOZ_APP_DISPLAYNAME@") + "LibreWolf") + (("@MOZ_APP_REMOTINGNAME@") + "LibreWolf") + (("^Icon=@MOZ_APP_NAME@") + (string-append "Icon=" + #$output + "/share/icons/hicolor/128x128/apps/librewolf.png"))) + + (copy-file desktop-file "librewolf.desktop") + (install-file "librewolf.desktop" applications)))) + (add-after 'install-desktop-entry 'install-icons + (lambda* (#:key outputs #:allow-other-keys) + (let ((icon-source-dir (string-append #$output + "/lib/librewolf/browser/" + "chrome/icons/default"))) + (for-each (lambda (size) + (let ((dest (string-append #$output + "/share/icons/hicolor/" + size + "x" + size + "/apps"))) + (mkdir-p dest) + (symlink (string-append icon-source-dir + "/default" size ".png") + (string-append dest + "/librewolf.png")))) + '("16" "32" "48" "64" "128")))))) ;; Test will significantly increase build time but with little rewards. #:tests? #f |