From 89d9adf09c97d8916a35c03658991c89641335e8 Mon Sep 17 00:00:00 2001 From: Jeschli Date: Thu, 23 Apr 2020 19:47:18 +0200 Subject: j firefox: overlay from 2configs -> 5pkgs/firefox --- jeschli/2configs/firefox.nix | 15 +- jeschli/2configs/overlays/firefox-with-config.nix | 488 --------------------- .../audio-fingerprint-defender/default.nix | 40 -- .../canvas-fingerprint-defender/default.nix | 40 -- jeschli/2configs/own-pkgs/dark-reader/default.nix | 28 -- .../own-pkgs/font-fingerprint-defender/default.nix | 40 -- jeschli/2configs/own-pkgs/hopper/default.nix | 45 -- .../2configs/own-pkgs/https-everywhere/default.nix | 29 -- jeschli/2configs/own-pkgs/pyocclient/default.nix | 26 -- jeschli/2configs/own-pkgs/rmount/default.nix | 34 -- .../2configs/own-pkgs/ublock-origin/default.nix | 28 -- .../own-pkgs/user-agent-switcher/default.nix | 40 -- .../webgl-fingerprint-defender/default.nix | 40 -- jeschli/2configs/own-pkgs/wl-clipboard/default.nix | 25 -- .../firefox/audio-fingerprint-defender/default.nix | 40 ++ .../canvas-fingerprint-defender/default.nix | 40 ++ jeschli/5pkgs/firefox/dark-reader/default.nix | 28 ++ jeschli/5pkgs/firefox/default.nix | 18 + jeschli/5pkgs/firefox/firefox-with-config.nix | 488 +++++++++++++++++++++ .../firefox/font-fingerprint-defender/default.nix | 40 ++ jeschli/5pkgs/firefox/hopper/default.nix | 45 ++ jeschli/5pkgs/firefox/https-everywhere/default.nix | 29 ++ jeschli/5pkgs/firefox/pyocclient/default.nix | 26 ++ jeschli/5pkgs/firefox/rmount/default.nix | 34 ++ jeschli/5pkgs/firefox/ublock-origin/default.nix | 28 ++ .../5pkgs/firefox/user-agent-switcher/default.nix | 40 ++ .../firefox/webgl-fingerprint-defender/default.nix | 40 ++ jeschli/5pkgs/firefox/wl-clipboard/default.nix | 25 ++ 28 files changed, 924 insertions(+), 915 deletions(-) delete mode 100644 jeschli/2configs/overlays/firefox-with-config.nix delete mode 100644 jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix delete mode 100644 jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix delete mode 100644 jeschli/2configs/own-pkgs/dark-reader/default.nix delete mode 100644 jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix delete mode 100644 jeschli/2configs/own-pkgs/hopper/default.nix delete mode 100644 jeschli/2configs/own-pkgs/https-everywhere/default.nix delete mode 100644 jeschli/2configs/own-pkgs/pyocclient/default.nix delete mode 100644 jeschli/2configs/own-pkgs/rmount/default.nix delete mode 100644 jeschli/2configs/own-pkgs/ublock-origin/default.nix delete mode 100644 jeschli/2configs/own-pkgs/user-agent-switcher/default.nix delete mode 100644 jeschli/2configs/own-pkgs/webgl-fingerprint-defender/default.nix delete mode 100644 jeschli/2configs/own-pkgs/wl-clipboard/default.nix create mode 100644 jeschli/5pkgs/firefox/audio-fingerprint-defender/default.nix create mode 100644 jeschli/5pkgs/firefox/canvas-fingerprint-defender/default.nix create mode 100644 jeschli/5pkgs/firefox/dark-reader/default.nix create mode 100644 jeschli/5pkgs/firefox/default.nix create mode 100644 jeschli/5pkgs/firefox/firefox-with-config.nix create mode 100644 jeschli/5pkgs/firefox/font-fingerprint-defender/default.nix create mode 100644 jeschli/5pkgs/firefox/hopper/default.nix create mode 100644 jeschli/5pkgs/firefox/https-everywhere/default.nix create mode 100644 jeschli/5pkgs/firefox/pyocclient/default.nix create mode 100644 jeschli/5pkgs/firefox/rmount/default.nix create mode 100644 jeschli/5pkgs/firefox/ublock-origin/default.nix create mode 100644 jeschli/5pkgs/firefox/user-agent-switcher/default.nix create mode 100644 jeschli/5pkgs/firefox/webgl-fingerprint-defender/default.nix create mode 100644 jeschli/5pkgs/firefox/wl-clipboard/default.nix diff --git a/jeschli/2configs/firefox.nix b/jeschli/2configs/firefox.nix index d171fa82d..1e1e16918 100644 --- a/jeschli/2configs/firefox.nix +++ b/jeschli/2configs/firefox.nix @@ -2,20 +2,11 @@ let - # Firefox addons - https-everywhere = pkgs.callPackage ./own-pkgs/https-everywhere {}; - ublock-origin = pkgs.callPackage ./own-pkgs/ublock-origin {}; - webgl-fingerprint-defender = pkgs.callPackage ./own-pkgs/webgl-fingerprint-defender {}; - canvas-fingerprint-defender = pkgs.callPackage ./own-pkgs/canvas-fingerprint-defender {}; - audio-fingerprint-defender = pkgs.callPackage ./own-pkgs/audio-fingerprint-defender {}; - font-fingerprint-defender = pkgs.callPackage ./own-pkgs/font-fingerprint-defender {}; - user-agent-switcher = pkgs.callPackage ./own-pkgs/user-agent-switcher {}; - dark-reader = pkgs.callPackage ./own-pkgs/dark-reader {}; - - wrapper = pkgs.callPackage ./overlays/firefox-with-config.nix { }; + wrapper = pkgs.callPackage ../5pkgs/firefox/firefox-with-config.nix { }; myFirefox = wrapper pkgs.firefox-unwrapped { - extraExtensions = [ + # these plugins are defined in 5pkgs/firefox + extraExtensions = with pkgs ; [ dark-reader https-everywhere ublock-origin diff --git a/jeschli/2configs/overlays/firefox-with-config.nix b/jeschli/2configs/overlays/firefox-with-config.nix deleted file mode 100644 index 9be6250d7..000000000 --- a/jeschli/2configs/overlays/firefox-with-config.nix +++ /dev/null @@ -1,488 +0,0 @@ -{ stdenv, lib, pkgs, makeDesktopItem, makeWrapper, lndir, replace, config - -## various stuff that can be plugged in -, flashplayer, hal-flash -, MPlayerPlugin, ffmpeg, xorg, libpulseaudio, libcanberra-gtk2 -, jrePlugin, icedtea_web -, bluejeans, djview4, adobe-reader -, google_talk_plugin, fribid, gnome3/*.gnome-shell*/ -, esteidfirefoxplugin ? "" -, browserpass, chrome-gnome-shell, uget-integrator, plasma-browser-integration, bukubrow -, udev -, kerberos - -}: - -## configurability of the wrapper itself - -browser: - -let - wrapper = - { browserName ? browser.browserName or (builtins.parseDrvName browser.name).name - , name ? (browserName + "-" + (builtins.parseDrvName browser.name).version) - , desktopName ? # browserName with first letter capitalized - (lib.toUpper (lib.substring 0 1 browserName) + lib.substring 1 (-1) browserName) - , nameSuffix ? "" - , icon ? browserName - , extraPlugins ? [] - , extraPrefs ? "" - , extraExtensions ? [ ] - , allowNonSigned ? false - , disablePocket ? false - , disableTelemetry ? true - , disableDrmPlugin ? false - , showPunycodeUrls ? true - , disableFirefoxStudies ? true - , disableFirefoxSync ? false - , useSystemCertificates ? true - , dontCheckDefaultBrowser ? false - # For more information about anti tracking - # vist https://wiki.kairaven.de/open/app/firefox - , activateAntiTracking ? true - , disableFeedbackCommands ? true - , disableDNSOverHTTPS ? true - , disableGoogleSafebrowsing ? false - , clearDataOnShutdown ? false - , homepage ? "about:blank" - # For more information about policies visit - # https://github.com/mozilla/policy-templates#enterprisepoliciesenabled - , extraPolicies ? {} - , extraNativeMessagingHosts ? [] - , gdkWayland ? false - }: - - assert gdkWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used - - let - - # If extraExtensions has been set disable manual extensions - disableManualExtensions = if lib.count (x: true) extraExtensions > 0 then true else false; - - cfg = config.${browserName} or {}; - enableAdobeFlash = cfg.enableAdobeFlash or false; - ffmpegSupport = browser.ffmpegSupport or false; - gssSupport = browser.gssSupport or false; - jre = cfg.jre or false; - icedtea = cfg.icedtea or false; - supportsJDK = - stdenv.hostPlatform.system == "i686-linux" || - stdenv.hostPlatform.system == "x86_64-linux" || - stdenv.hostPlatform.system == "armv7l-linux" || - stdenv.hostPlatform.system == "aarch64-linux"; - - plugins = - assert !(jre && icedtea); - if builtins.hasAttr "enableVLC" cfg - then throw "The option \"${browserName}.enableVLC\" has been removed since Firefox no longer supports npapi plugins" - else - ([ ] - ++ lib.optional enableAdobeFlash flashplayer - ++ lib.optional (cfg.enableDjvu or false) (djview4) - ++ lib.optional (cfg.enableMPlayer or false) (MPlayerPlugin browser) - ++ lib.optional (supportsJDK && jre && jrePlugin ? mozillaPlugin) jrePlugin - ++ lib.optional icedtea icedtea_web - ++ lib.optional (cfg.enableGoogleTalkPlugin or false) google_talk_plugin - ++ lib.optional (cfg.enableFriBIDPlugin or false) fribid - ++ lib.optional (cfg.enableGnomeExtensions or false) gnome3.gnome-shell - ++ lib.optional (cfg.enableBluejeans or false) bluejeans - ++ lib.optional (cfg.enableAdobeReader or false) adobe-reader - ++ lib.optional (cfg.enableEsteid or false) esteidfirefoxplugin - ++ extraPlugins - ); - nativeMessagingHosts = - ([ ] - ++ lib.optional (cfg.enableBrowserpass or false) (lib.getBin browserpass) - ++ lib.optional (cfg.enableBukubrow or false) bukubrow - ++ lib.optional (cfg.enableGnomeExtensions or false) chrome-gnome-shell - ++ lib.optional (cfg.enableUgetIntegrator or false) uget-integrator - ++ lib.optional (cfg.enablePlasmaBrowserIntegration or false) plasma-browser-integration - ++ extraNativeMessagingHosts - ); - libs = lib.optional stdenv.isLinux udev - ++ lib.optional ffmpegSupport ffmpeg - ++ lib.optional gssSupport kerberos - ++ lib.optionals (cfg.enableQuakeLive or false) - (with xorg; [ stdenv.cc libX11 libXxf86dga libXxf86vm libXext libXt alsaLib zlib ]) - ++ lib.optional (enableAdobeFlash && (cfg.enableAdobeFlashDRM or false)) hal-flash - ++ lib.optional (config.pulseaudio or true) libpulseaudio; - gtk_modules = [ libcanberra-gtk2 ]; - - enterprisePolicies = - { - policies = { - DisableAppUpdate = true; - } // lib.optionalAttrs disableManualExtensions ( - { - ExtensionSettings = { - "*" = { - blocked_install_message = "You can't have manual extension mixed with nix extensions"; - installation_mode = "blocked"; - }; - - } // lib.foldr (e: ret: - ret // { - "${e.extid}" = { - installation_mode = "allowed"; - }; - } - ) {} extraExtensions; - } - ) // lib.optionalAttrs disablePocket ( - { - DisablePocket = true; - } - ) // lib.optionalAttrs disableTelemetry ( - { - DisableTelemetry = true; - } - ) // lib.optionalAttrs disableFirefoxStudies ( - { - DisableFirefoxStudies = true; - } - ) // lib.optionalAttrs disableFirefoxSync ( - { - DisableFirefoxAccounts = true; - } - ) // lib.optionalAttrs useSystemCertificates ( - { - # Disable useless firefox certificate store - Certificates = { - ImportEnterpriseRoots = true; - }; - } - ) // lib.optionalAttrs ( - if lib.count (x: true) extraExtensions > 0 then true else false) ( - { - # Don't try to update nix installed addons - DisableSystemAddonUpdate = true; - - # But update manually installed addons - ExtensionUpdate = false; - } - ) // lib.optionalAttrs dontCheckDefaultBrowser ( - { - DontCheckDefaultBrowser = true; - } - )// lib.optionalAttrs disableDNSOverHTTPS ( - { - DNSOverHTTPS = { - Enabled = false; - }; - } - ) // lib.optionalAttrs clearDataOnShutdown ( - { - SanitizeOnShutdown = true; - } - ) // lib.optionalAttrs disableFeedbackCommands ( - { - DisableFeedbackCommands = true; - } - ) // lib.optionalAttrs ( if homepage == "" then false else true) ( - { - Homepage = { - URL = homepage; - Locked = true; - }; - } - ) // extraPolicies ;} ; - - - extensions = builtins.map (a: - if ! (builtins.hasAttr "signed" a) || ! (builtins.isBool a.signed) then - throw "Addon ${a.pname} needs boolean attribute 'signed' " - else if ! (builtins.hasAttr "extid" a) || ! (builtins.isString a.extid) then - throw "Addon ${a.pname} needs a string attribute 'extid'" - else if a.signed == false && !allowNonSigned then - throw "Disable signature checking in firefox if you want ${a.pname} addon" - else a - ) extraExtensions; - - policiesJson = builtins.toFile "policies.json" - (builtins.toJSON enterprisePolicies); - - mozillaCfg = builtins.toFile "mozilla.cfg" '' - // First line must be a comment - - // Remove default top sites - lockPref("browser.newtabpage.pinned", ""); - lockPref("browser.newtabpage.activity-stream.default.sites", ""); - - // Deactivate first run homepage - lockPref("browser.startup.firstrunSkipsHomepage", false); - - // If true, don't show the privacy policy tab on first run - lockPref("datareporting.policy.dataSubmissionPolicyBypassNotification", true); - - ${ - if allowNonSigned == true then - ''lockPref("xpinstall.signatures.required", false)'' - else - "" - } - - ${ - if showPunycodeUrls == true then - '' - lockPref("network.IDN_show_punycode", true); - '' - else - "" - } - - ${ - if disableManualExtensions == true then - '' - lockPref("extensions.getAddons.showPane", false); - lockPref("extensions.htmlaboutaddons.recommendations.enabled", false); - lockPref("app.update.auto", false); - '' - else - "" - } - - ${ - if disableDrmPlugin == true then - '' - lockPref("media.gmp-gmpopenh264.enabled", false); - lockPref("media.gmp-widevinecdm.enabled", false); - '' - else - "" - } - - ${ - if activateAntiTracking == true then - '' - // Tracking - lockPref("browser.send_pings", false); - lockPref("browser.send_pings.require_same_host", true); - lockPref("network.dns.disablePrefetch", true); - lockPref("browser.contentblocking.trackingprotection.control-center.ui.enabled", false); - lockPref("browser.search.geoip.url", ""); - lockPref("privacy.firstparty.isolate", true); - lockPref("privacy.userContext.enabled", true); - lockPref("privacy.userContext.ui.enabled", true); - lockPref("privacy.firstparty.isolate.restrict_opener_access", false); - lockPref("network.http.referer.XOriginPolicy", 1); - lockPref("network.http.referer.hideOnionSource", true); - lockPref(" privacy.spoof_english", true); - - // This option is currently not usable because of bug: - // https://bugzilla.mozilla.org/show_bug.cgi?id=1557620 - // lockPref("privacy.resistFingerprinting", true); - '' - else "" - } - ${ - if disableTelemetry == true then - '' - // Telemetry - lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false); - lockPref("browser.ping-centre.telemetry", false); - lockPref("devtools.onboarding.telemetry.logged", false); - lockPref("toolkit.telemetry.archive.enabled", false); - lockPref("toolkit.telemetry.bhrPing.enabled", false); - lockPref("toolkit.telemetry.enabled", false); - lockPref("toolkit.telemetry.firstShutdownPing.enabled", false); - lockPref("toolkit.telemetry.hybridContent.enabled", false); - lockPref("toolkit.telemetry.newProfilePing.enabled", false); - lockPref("toolkit.telemetry.shutdownPingSender.enabled", false); - lockPref("toolkit.telemetry.reportingpolicy.firstRun", false); - lockPref("dom.push.enabled", false); - lockPref("browser.newtabpage.activity-stream.feeds.snippets", false); - lockPref("security.ssl.errorReporting.enabled", false); - '' - else "" - } - - ${ - if disableGoogleSafebrowsing == true then - '' - // Google data sharing - lockPref("browser.safebrowsing.blockedURIs.enabled", false); - lockPref("browser.safebrowsing.downloads.enabled", false); - lockPref("browser.safebrowsing.malware.enabled", false); - lockPref("browser.safebrowsing.passwords.enabled", false); - lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false); - lockPref("browser.safebrowsing.malware.enabled", false); - lockPref("browser.safebrowsing.phishing.enabled", false); - lockPref("browser.safebrowsing.provider.mozilla.gethashURL", ""); - lockPref("browser.safebrowsing.provider.mozilla.updateURL", ""); - '' - else "" - } - - // User customization - ${extraPrefs} - ''; - in stdenv.mkDerivation { - inherit name; - - desktopItem = makeDesktopItem { - name = browserName; - exec = "${browserName}${nameSuffix} %U"; - inherit icon; - comment = ""; - desktopName = "${desktopName}${nameSuffix}${lib.optionalString gdkWayland " (Wayland)"}"; - genericName = "Web Browser"; - categories = "Application;Network;WebBrowser;"; - mimeType = stdenv.lib.concatStringsSep ";" [ - "text/html" - "text/xml" - "application/xhtml+xml" - "application/vnd.mozilla.xul+xml" - "x-scheme-handler/http" - "x-scheme-handler/https" - "x-scheme-handler/ftp" - ]; - }; - - nativeBuildInputs = [ makeWrapper lndir ]; - buildInputs = lib.optional (browser ? gtk3) browser.gtk3; - - buildCommand = lib.optionalString stdenv.isDarwin '' - mkdir -p $out/Applications - cp -R --no-preserve=mode,ownership ${browser}/Applications/${browserName}.app $out/Applications - rm -f $out${browser.execdir or "/bin"}/${browserName} - '' + '' - - # Link the runtime. The executable itself has to be copied, - # because it will resolve paths relative to its true location. - # Any symbolic links have to be replicated as well. - cd "${browser}" - find . -type d -exec mkdir -p "$out"/{} \; - - find . -type f \( -not -name "${browserName}" \) -exec ln -sT "${browser}"/{} "$out"/{} \; - - find . -type f -name "${browserName}" -print0 | while read -d $'\0' f; do - cp -P --no-preserve=mode,ownership "${browser}/$f" "$out/$f" - chmod a+rwx "$out/$f" - done - - # fix links and absolute references - cd "${browser}" - - find . -type l -print0 | while read -d $'\0' l; do - target="$(readlink "$l" | ${replace}/bin/replace-literal -es -- "${browser}" "$out")" - ln -sfT "$target" "$out/$l" - done - - # This will not patch binaries, only "text" files. - # Its there for the wrapper mostly. - cd "$out" - ${replace}/bin/replace-literal -esfR -- "${browser}" "$out" - - # create the wrapper - - executablePrefix="$out${browser.execdir or "/bin"}" - executablePath="$executablePrefix/${browserName}" - - if [ ! -x "$executablePath" ] - then - echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'" - exit 1 - fi - - if [ ! -L "$executablePath" ] - then - # Careful here, the file at executablePath may already be - # a wrapper. That is why we postfix it with -old instead - # of -wrapped. - oldExe="$executablePrefix"/".${browserName}"-old - mv "$executablePath" "$oldExe" - else - oldExe="$(readlink -v --canonicalize-existing "$executablePath")" - fi - - - makeWrapper "$oldExe" "$out${browser.execdir or "/bin"}/${browserName}${nameSuffix}" \ - --suffix-each MOZ_PLUGIN_PATH ':' "$plugins" \ - --suffix LD_LIBRARY_PATH ':' "$libs" \ - --suffix-each GTK_PATH ':' "$gtk_modules" \ - --suffix-each LD_PRELOAD ':' "$(cat $(filterExisting $(addSuffix /extra-ld-preload $plugins)))" \ - --prefix-contents PATH ':' "$(filterExisting $(addSuffix /extra-bin-path $plugins))" \ - --suffix PATH ':' "$out${browser.execdir or "/bin"}" \ - --set MOZ_APP_LAUNCHER "${browserName}${nameSuffix}" \ - --set MOZ_SYSTEM_DIR "$out/lib/mozilla" \ - ${lib.optionalString gdkWayland '' - --set GDK_BACKEND "wayland" \ - ''}${lib.optionalString (browser ? gtk3) - ''--prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" \ - --suffix XDG_DATA_DIRS : '${gnome3.adwaita-icon-theme}/share' - '' - } - - if [ -e "${browser}/share/icons" ]; then - mkdir -p "$out/share" - ln -s "${browser}/share/icons" "$out/share/icons" - else - for res in 16 32 48 64 128; do - mkdir -p "$out/share/icons/hicolor/''${res}x''${res}/apps" - icon=( "${browser}/lib/"*"/browser/chrome/icons/default/default''${res}.png" ) - if [ -e "$icon" ]; then ln -s "$icon" \ - "$out/share/icons/hicolor/''${res}x''${res}/apps/${browserName}.png" - fi - done - fi - - install -D -t $out/share/applications $desktopItem/share/applications/* - - mkdir -p $out/lib/mozilla - for ext in ${toString nativeMessagingHosts}; do - lndir -silent $ext/lib/mozilla $out/lib/mozilla - done - - # For manpages, in case the program supplies them - mkdir -p $out/nix-support - echo ${browser} > $out/nix-support/propagated-user-env-packages - - # user customization - mkdir -p $out/lib/firefox - - # creating policies.json - mkdir -p "$out/lib/firefox/distribution" - - cat > "$out/lib/firefox/distribution/policies.json" < ${policiesJson} - - # preparing for autoconfig - mkdir -p "$out/lib/firefox/defaults/pref" - - cat > "$out/lib/firefox/defaults/pref/autoconfig.js" < "$out/lib/firefox/mozilla.cfg" < ${mozillaCfg} - - mkdir -p $out/lib/firefox/distribution/extensions - - for i in ${toString extensions}; do - ln -s -t $out/lib/firefox/distribution/extensions $i/* - done - ''; - - preferLocalBuild = true; - - # Let each plugin tell us (through its `mozillaPlugin') attribute - # where to find the plugin in its tree. - plugins = map (x: x + x.mozillaPlugin) plugins; - libs = lib.makeLibraryPath libs + ":" + lib.makeSearchPathOutput "lib" "lib64" libs; - gtk_modules = map (x: x + x.gtkModule) gtk_modules; - - passthru = { unwrapped = browser; }; - - disallowedRequisites = [ stdenv.cc ]; - - meta = browser.meta // { - description = - browser.meta.description - + " (with plugins: " - + lib.concatStrings (lib.intersperse ", " (map (x: x.name) plugins)) - + ")"; - hydraPlatforms = []; - priority = (browser.meta.priority or 0) - 1; # prefer wrapper over the package - }; - }; -in - lib.makeOverridable wrapper diff --git a/jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix b/jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix deleted file mode 100644 index 05815e132..000000000 --- a/jeschli/2configs/own-pkgs/audio-fingerprint-defender/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ stdenv, fetchurl, unzip, jq, zip }: - -stdenv.mkDerivation rec { - pname = "audio-fingerprint-defender-${version}"; - version = "0.1.3"; - - extid = "@audio-fingerprint-defender"; - signed = false; - - src = fetchurl { - url = "https://addons.mozilla.org/firefox/downloads/file/3363623/audiocontext_fingerprint_defender-${version}-an+fx.xpi"; - sha256 = "0yfk5vqwjg4g25c98psj56sw3kv8imxav3nss4hbibflgla1h5pb"; - }; - - phases = [ "buildPhase" ]; - - buildInputs = [ zip unzip jq ]; - - buildPhase = '' - mkdir -p $out/${extid} - unzip ${src} -d $out/${extid} - NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json) - echo "$NEW_MANIFEST" > $out/${extid}/manifest.json - cd $out/${extid} - zip -r -FS $out/${extid}.xpi * - rm -r $out/${extid} - ''; - - meta = with stdenv.lib; { - description = "Audio context fingerprint defender firefox browser addon"; - homepage = https://mybrowseraddon.com/audiocontext-defender.html; - license = { - fullName = "Mozilla Public License Version 2.0"; - shortName = "moz2"; - spdxId = "mozilla-2.0"; - url = "https://www.mozilla.org/en-US/MPL/2.0/"; }; - maintainers = []; - platforms = stdenv.lib.platforms.all; - }; -} diff --git a/jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix b/jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix deleted file mode 100644 index 21b4b3f97..000000000 --- a/jeschli/2configs/own-pkgs/canvas-fingerprint-defender/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ stdenv, fetchurl, unzip, jq, zip }: - -stdenv.mkDerivation rec { - pname = "canvas-fingerprint-defender-${version}"; - version = "0.1.5"; - - extid = "@canvas-fingerprint-defender"; - signed = false; - - src = fetchurl { - url = "https://addons.mozilla.org/firefox/downloads/file/3362272/canvas_fingerprint_defender-${version}-an+fx.xpi?src=recommended"; - sha256 = "1hg00zsrw7ij7bc222j83g2wm3ml1aj34zg5im1802cjq4qqvbld"; - }; - - phases = [ "buildPhase" ]; - - buildInputs = [ zip unzip jq ]; - - buildPhase = '' - mkdir -p $out/${extid} - unzip ${src} -d $out/${extid} - NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json) - echo "$NEW_MANIFEST" > $out/${extid}/manifest.json - cd $out/${extid} - zip -r -FS $out/${extid}.xpi * - rm -r $out/${extid} - ''; - - meta = with stdenv.lib; { - description = "Canvas fingerprint defender firefox browser addon"; - homepage = https://mybrowseraddon.com/webgl-defender.html; - license = { - fullName = "Mozilla Public License Version 2.0"; - shortName = "moz2"; - spdxId = "mozilla-2.0"; - url = "https://www.mozilla.org/en-US/MPL/2.0/"; }; - maintainers = []; - platforms = stdenv.lib.platforms.all; - }; -} diff --git a/jeschli/2configs/own-pkgs/dark-reader/default.nix b/jeschli/2configs/own-pkgs/dark-reader/default.nix deleted file mode 100644 index 44f4f9054..000000000 --- a/jeschli/2configs/own-pkgs/dark-reader/default.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ stdenv, fetchurl }: - -stdenv.mkDerivation rec { - pname = "dark-reader-${version}"; - version = "4.8.1"; - - extid = "addon@darkreader.org"; - signed = true; - - src = fetchurl { - url = "https://addons.mozilla.org/firefox/downloads/file/3404143/dark_reader-${version}-an+fx.xpi"; - sha256 = "0ic0i56jhmxymvy68bs5hqcjvdvw3vks5r58i2ygmpsm190rlldb"; - }; - - phases = [ "installPhase" ]; - - installPhase = '' - install -D ${src} "$out/${extid}.xpi" - ''; - - meta = with stdenv.lib; { - description = "Dark mode for every website. Take care of your eyes, use dark theme for night and daily browsing."; - homepage = https://github.com/darkreader/darkreader; - license = licenses.mit; - maintainers = []; - platforms = stdenv.lib.platforms.all; - }; -} diff --git a/jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix b/jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix deleted file mode 100644 index 26751beef..000000000 --- a/jeschli/2configs/own-pkgs/font-fingerprint-defender/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ stdenv, fetchurl, unzip, jq, zip }: - -stdenv.mkDerivation rec { - pname = "font-fingerprint-defender-${version}"; - version = "0.1.0"; - - extid = "@font-fingerprint-defender"; - signed = false; - - src = fetchurl { - url = "https://addons.mozilla.org/firefox/downloads/file/3387637/font_fingerprint_defender-${version}-an+fx.xpi"; - sha256 = "1aidkvisnx6qd7hn2x756rvzmbnaz6laqbwq0j5yd86g1kc56dr0"; - }; - - phases = [ "buildPhase" ]; - - buildInputs = [ zip unzip jq ]; - - buildPhase = '' - mkdir -p $out/${extid} - unzip ${src} -d $out/${extid} - NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json) - echo "$NEW_MANIFEST" > $out/${extid}/manifest.json - cd $out/${extid} - zip -r -FS $out/${extid}.xpi * - rm -r $out/${extid} - ''; - - meta = with stdenv.lib; { - description = "Font fingerprint defender firefox browser addon"; - homepage = https://mybrowseraddon.com/font-defender.html; - license = { - fullName = "Mozilla Public License Version 2.0"; - shortName = "moz2"; - spdxId = "mozilla-2.0"; - url = "https://www.mozilla.org/en-US/MPL/2.0/"; }; - maintainers = []; - platforms = stdenv.lib.platforms.all; - }; -} diff --git a/jeschli/2configs/own-pkgs/hopper/default.nix b/jeschli/2configs/own-pkgs/hopper/default.nix deleted file mode 100644 index 569fc6aaf..000000000 --- a/jeschli/2configs/own-pkgs/hopper/default.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ stdenv, fetchurl, pkgs, makeWrapper, lib }: - -stdenv.mkDerivation rec { - name = "${pname}-${version}"; - pname = "hopper"; - version = "4.5.16"; - rev = "v${lib.versions.major version}"; - - src = fetchurl { - url = "https://d2ap6ypl1xbe4k.cloudfront.net/Hopper-${rev}-${version}-Linux.pkg.tar.xz"; - sha256 = "0gjnn7f6ibfx46k4bbj8ra7k04s0mrpq7316brgzks6x5yd1m584"; - }; - - sourceRoot = "."; - - ldLibraryPath = with pkgs; stdenv.lib.makeLibraryPath [ -libbsd.out libffi.out gmpxx.out python27Full.out python27Packages.libxml2.out qt5.qtbase zlib xlibs.libX11.out xorg_sys_opengl.out xlibs.libXrender.out gcc-unwrapped.lib - ]; - - nativeBuildInputs = [ makeWrapper ]; - - installPhase = '' - mkdir -p $out/bin - mkdir -p $out/lib - mkdir -p $out/share - cp $sourceRoot/opt/hopper-${rev}/bin/Hopper $out/bin/hopper - cp -r $sourceRoot/opt/hopper-${rev}/lib $out - cp -r $sourceRoot/usr/share $out/share - patchelf \ - --set-interpreter ${stdenv.glibc}/lib/ld-linux-x86-64.so.2 \ - $out/bin/hopper - # Details: https://nixos.wiki/wiki/Qt - wrapProgram $out/bin/hopper \ - --suffix LD_LIBRARY_PATH : ${ldLibraryPath} \ - --suffix QT_PLUGIN_PATH : ${pkgs.qt5.qtbase}/lib/qt-${pkgs.qt5.qtbase.qtCompatVersion}/plugins - ''; - - meta = { - homepage = "https://www.hopperapp.com/index.html"; - description = "A macOS and Linux Disassembler"; - license = stdenv.lib.licenses.unfree; - maintainers = [ stdenv.lib.maintainers.luis ]; - platforms = stdenv.lib.platforms.linux; - }; -} diff --git a/jeschli/2configs/own-pkgs/https-everywhere/default.nix b/jeschli/2configs/own-pkgs/https-everywhere/default.nix deleted file mode 100644 index 66fede43c..000000000 --- a/jeschli/2configs/own-pkgs/https-everywhere/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ stdenv, fetchurl }: - -stdenv.mkDerivation rec { - pname = "https-everywhere-${version}"; - version = "2019.6.27"; - - extid = "https-everywhere@eff.org"; - signed = true; - - src = fetchurl { - url = "https://addons.mozilla.org/firefox/downloads/file/3060290/https_everywhere-${version}-an+fx.xpi"; - sha256 = "0743lhn9phn7n6c0886h9ddn1n8vhzbl0vrw177zs43995aj3frp"; - }; - - phases = [ "installPhase" ]; - - installPhase = '' - install -D ${src} "$out/${extid}.xpi" - - ''; - - meta = { - description = "Https everywhere browser addon"; - homepage = https://www.eff.org/https-everywhere; - license = stdenv.lib.licenses.gpl2Plus; - maintainers = []; - platforms = stdenv.lib.platforms.all; - }; -} diff --git a/jeschli/2configs/own-pkgs/pyocclient/default.nix b/jeschli/2configs/own-pkgs/pyocclient/default.nix deleted file mode 100644 index cd91f6171..000000000 --- a/jeschli/2configs/own-pkgs/pyocclient/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ lib, python37Packages }: - -python37Packages.buildPythonPackage rec { - pname = "pyocclient"; - version = "0.4"; - - src = python37Packages.fetchPypi { - inherit pname version; - sha256 = "19k3slrk2idixsdw61in9a3jxglvkigkn5kvwl37lj8hrwr4yq6q"; - }; - - doCheck = false; - - propagatedBuildInputs = with python37Packages; [ - requests - six - ]; - - meta = with lib; { - homepage = https://github.com/owncloud/pyocclient/; - description = "Nextcloud / Owncloud library for python"; - license = licenses.mit; - maintainers = with maintainers; [ ]; - }; - -} diff --git a/jeschli/2configs/own-pkgs/rmount/default.nix b/jeschli/2configs/own-pkgs/rmount/default.nix deleted file mode 100644 index 22631f420..000000000 --- a/jeschli/2configs/own-pkgs/rmount/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ stdenv, fetchgit, makeWrapper, lib, pkgs ? import {} }: -with pkgs; - -stdenv.mkDerivation rec { - name = "rmount-${version}"; - version = "1.0.1"; - rev = "v${version}"; - - src = fetchgit { - rev = "9df124780d2e66f01c70afaecf92090669c5ffb6"; - url = "https://github.com/Luis-Hebendanz/rmount"; - sha256 = "0ydb6sspfnfa3y6gg1r8sk4r58il6636lpqwb2rw7dzmb4b8hpd2"; - }; - - buildInputs = [ stdenv makeWrapper ]; - - installPhase = '' - mkdir -p $out/bin - mkdir -p $out/share/man/man1 - cp ${src}/rmount.man $out/share/man/man1/rmount.1 - cp ${src}/rmount.bash $out/bin/rmount-noenv - cp ${src}/config.json $out/share/config.json - chmod +x $out/bin/rmount-noenv - - makeWrapper $out/bin/rmount-noenv $out/bin/rmount \ - --prefix PATH : ${lib.makeBinPath [ nmap jq cifs-utils sshfs ]} - ''; - - meta = { - homepage = "https://github.com/Luis-Hebendanz/rmount"; - description = "Remote mount utility which parses a json file"; - license = stdenv.lib.licenses.mit; - }; -} diff --git a/jeschli/2configs/own-pkgs/ublock-origin/default.nix b/jeschli/2configs/own-pkgs/ublock-origin/default.nix deleted file mode 100644 index 002fa3efc..000000000 --- a/jeschli/2configs/own-pkgs/ublock-origin/default.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ stdenv, fetchurl }: - -stdenv.mkDerivation rec { - pname = "ublock-origin-${version}"; - version = "1.21.2"; - - extid = "uBlock0@raymondhill.net"; - signed = true; - - src = fetchurl { - url = "https://addons.mozilla.org/firefox/downloads/file/3361355/ublock_origin-${version}-an+fx.xpi"; - sha256 = "0ypdq3z61mrymknl37qlq6379bx9f2fsgbgr0czbhqs9f2vwszkc"; - }; - - phases = [ "installPhase" ]; - - installPhase = '' - install -D ${src} "$out/${extid}.xpi" - ''; - - meta = with stdenv.lib; { - description = "ublock origin firefox browser addon"; - homepage = https://github.com/gorhill/uBlock; - license = licenses.gpl3; - maintainers = []; - platforms = stdenv.lib.platforms.all; - }; -} diff --git a/jeschli/2configs/own-pkgs/user-agent-switcher/default.nix b/jeschli/2configs/own-pkgs/user-agent-switcher/default.nix deleted file mode 100644 index c96f11129..000000000 --- a/jeschli/2configs/own-pkgs/user-agent-switcher/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ stdenv, fetchurl, unzip, jq, zip }: - -stdenv.mkDerivation rec { - pname = "user-agent-switcher-${version}"; - version = "0.3.2"; - - extid = "@user-agent-switcher"; - signed = false; - - src = fetchurl { - url = "https://addons.mozilla.org/firefox/downloads/file/3370255/user_agent_switcher_and_manager-${version}-an+fx.xpi"; - sha256 = "0lrw1xf6fsxr47bifkayfxpysv8s2p9ghmbmw2s7ymhrgy42i6v5"; - }; - - phases = [ "buildPhase" ]; - - buildInputs = [ zip unzip jq ]; - - buildPhase = '' - mkdir -p $out/${extid} - unzip ${src} -d $out/${extid} - NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json) - echo "$NEW_MANIFEST" > $out/${extid}/manifest.json - cd $out/${extid} - zip -r -FS $out/${extid}.xpi * - rm -r $out/${extid} - ''; - - meta = with stdenv.lib; { - description = "User agent switcher"; - homepage = https://add0n.com/useragent-switcher.html; - license = { - fullName = "Mozilla Public License Version 2.0"; - shortName = "moz2"; - spdxId = "mozilla-2.0"; - url = "https://www.mozilla.org/en-US/MPL/2.0/"; }; - maintainers = []; - platforms = stdenv.lib.platforms.all; - }; -} diff --git a/jeschli/2configs/own-pkgs/webgl-fingerprint-defender/default.nix b/jeschli/2configs/own-pkgs/webgl-fingerprint-defender/default.nix deleted file mode 100644 index 4e608d182..000000000 --- a/jeschli/2configs/own-pkgs/webgl-fingerprint-defender/default.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ stdenv, fetchurl, unzip, jq, zip }: - -stdenv.mkDerivation rec { - pname = "webgl-fingerprint-defender-${version}"; - version = "0.1.2"; - - extid = "@webgl-fingerprint-defender"; - signed = false; - - src = fetchurl { - url = "https://addons.mozilla.org/firefox/downloads/file/3362869/webgl_fingerprint_defender-${version}-an+fx.xpi"; - sha256 = "06hfr5hxr4qw0jx6i9fi9gdk5211z08brnvqj2jlmpyc3dwl4pif"; - }; - - phases = [ "buildPhase" ]; - - buildInputs = [ zip unzip jq ]; - - buildPhase = '' - mkdir -p $out/${extid} - unzip ${src} -d $out/${extid} - NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json) - echo "$NEW_MANIFEST" > $out/${extid}/manifest.json - cd $out/${extid} - zip -r -FS $out/${extid}.xpi * - rm -r $out/${extid} - ''; - - meta = with stdenv.lib; { - description = "Canvas defender firefox browser addon"; - homepage = https://mybrowseraddon.com/webgl-defender.html; - license = { - fullName = "Mozilla Public License Version 2.0"; - shortName = "moz2"; - spdxId = "mozilla-2.0"; - url = "https://www.mozilla.org/en-US/MPL/2.0/"; }; - maintainers = []; - platforms = stdenv.lib.platforms.all; - }; -} diff --git a/jeschli/2configs/own-pkgs/wl-clipboard/default.nix b/jeschli/2configs/own-pkgs/wl-clipboard/default.nix deleted file mode 100644 index 349d910da..000000000 --- a/jeschli/2configs/own-pkgs/wl-clipboard/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ stdenv, fetchFromGitHub, meson, ninja, pkgconfig -, wayland, wayland-protocols }: - -stdenv.mkDerivation rec { - pname = "wl-clipboard"; - version = "2.0.0"; - - src = fetchFromGitHub { - owner = "bugaevc"; - repo = "wl-clipboard"; - rev = "v${version}"; - sha256 = "0c4w87ipsw09aii34szj9p0xfy0m00wyjpll0gb0aqmwa60p0c5d"; - }; - - nativeBuildInputs = [ meson ninja pkgconfig wayland-protocols ]; - buildInputs = [ wayland ]; - - meta = with stdenv.lib; { - description = "Command-line copy/paste utilities for Wayland"; - homepage = https://github.com/bugaevc/wl-clipboard; - license = licenses.gpl3; - maintainers = with maintainers; [ dywedir ]; - platforms = platforms.linux; - }; -} diff --git a/jeschli/5pkgs/firefox/audio-fingerprint-defender/default.nix b/jeschli/5pkgs/firefox/audio-fingerprint-defender/default.nix new file mode 100644 index 000000000..05815e132 --- /dev/null +++ b/jeschli/5pkgs/firefox/audio-fingerprint-defender/default.nix @@ -0,0 +1,40 @@ +{ stdenv, fetchurl, unzip, jq, zip }: + +stdenv.mkDerivation rec { + pname = "audio-fingerprint-defender-${version}"; + version = "0.1.3"; + + extid = "@audio-fingerprint-defender"; + signed = false; + + src = fetchurl { + url = "https://addons.mozilla.org/firefox/downloads/file/3363623/audiocontext_fingerprint_defender-${version}-an+fx.xpi"; + sha256 = "0yfk5vqwjg4g25c98psj56sw3kv8imxav3nss4hbibflgla1h5pb"; + }; + + phases = [ "buildPhase" ]; + + buildInputs = [ zip unzip jq ]; + + buildPhase = '' + mkdir -p $out/${extid} + unzip ${src} -d $out/${extid} + NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json) + echo "$NEW_MANIFEST" > $out/${extid}/manifest.json + cd $out/${extid} + zip -r -FS $out/${extid}.xpi * + rm -r $out/${extid} + ''; + + meta = with stdenv.lib; { + description = "Audio context fingerprint defender firefox browser addon"; + homepage = https://mybrowseraddon.com/audiocontext-defender.html; + license = { + fullName = "Mozilla Public License Version 2.0"; + shortName = "moz2"; + spdxId = "mozilla-2.0"; + url = "https://www.mozilla.org/en-US/MPL/2.0/"; }; + maintainers = []; + platforms = stdenv.lib.platforms.all; + }; +} diff --git a/jeschli/5pkgs/firefox/canvas-fingerprint-defender/default.nix b/jeschli/5pkgs/firefox/canvas-fingerprint-defender/default.nix new file mode 100644 index 000000000..21b4b3f97 --- /dev/null +++ b/jeschli/5pkgs/firefox/canvas-fingerprint-defender/default.nix @@ -0,0 +1,40 @@ +{ stdenv, fetchurl, unzip, jq, zip }: + +stdenv.mkDerivation rec { + pname = "canvas-fingerprint-defender-${version}"; + version = "0.1.5"; + + extid = "@canvas-fingerprint-defender"; + signed = false; + + src = fetchurl { + url = "https://addons.mozilla.org/firefox/downloads/file/3362272/canvas_fingerprint_defender-${version}-an+fx.xpi?src=recommended"; + sha256 = "1hg00zsrw7ij7bc222j83g2wm3ml1aj34zg5im1802cjq4qqvbld"; + }; + + phases = [ "buildPhase" ]; + + buildInputs = [ zip unzip jq ]; + + buildPhase = '' + mkdir -p $out/${extid} + unzip ${src} -d $out/${extid} + NEW_MANIFEST=$(jq '. + {"applications": { "gecko": { "id": "${extid}" }}}' $out/${extid}/manifest.json) + echo "$NEW_MANIFEST" > $out/${extid}/manifest.json + cd $out/${extid} + zip -r -FS $out/${extid}.xpi * + rm -r $out/${extid} + ''; + + meta = with stdenv.lib; { + description = "Canvas fingerprint defender firefox browser addon"; + homepage = https://mybrowseraddon.com/webgl-defender.html; + license = { + fullName = "Mozilla Public License Version 2.0"; + shortName = "moz2"; + spdxId = "mozilla-2.0"; + url = "https://www.mozilla.org/en-US/MPL/2.0/"; }; + maintainers = []; + platforms = stdenv.lib.platforms.all; + }; +} diff --git a/jeschli/5pkgs/firefox/dark-reader/default.nix b/jeschli/5pkgs/firefox/dark-reader/default.nix new file mode 100644 index 000000000..44f4f9054 --- /dev/null +++ b/jeschli/5pkgs/firefox/dark-reader/default.nix @@ -0,0 +1,28 @@ +{ stdenv, fetchurl }: + +stdenv.mkDerivation rec { + pname = "dark-reader-${version}"; + version = "4.8.1"; + + extid = "addon@darkreader.org"; + signed = true; + + src = fetchurl { + url = "https://addons.mozilla.org/firefox/downloads/file/3404143/dark_reader-${version}-an+fx.xpi"; + sha256 = "0ic0i56jhmxymvy68bs5hqcjvdvw3vks5r58i2ygmpsm190rlldb"; + }; + + phases = [ "installPhase" ]; + + installPhase = '' + install -D ${src} "$out/${extid}.xpi" + ''; + + meta = with stdenv.lib; { + description = "Dark mode for every website. Take care of your eyes, use dark theme for night and daily browsing."; + homepage = https://github.com/darkreader/darkreader; + license = licenses.mit; + maintainers = []; + platforms = stdenv.lib.platforms.all; + }; +} diff --git a/jeschli/5pkgs/firefox/default.nix b/jeschli/5pkgs/firefox/default.nix new file mode 100644 index 000000000..6ba4fec83 --- /dev/null +++ b/jeschli/5pkgs/firefox/default.nix @@ -0,0 +1,18 @@ +with import ; + +self: super: + +let + # This callPackage will try to detect obsolete overrides. + callPackage = path: args: let + override = self.callPackage path args; + upstream = optionalAttrs (override ? "name") + (super.${(parseDrvName override.name).name} or {}); + in if upstream ? "name" && + override ? "name" && + compareVersions upstream.name override.name != -1 + then trace "Upstream `${upstream.name}' gets overridden by `${override.name}'." override + else override; +in + + mapNixDir (path: callPackage path {}) ./. diff --git a/jeschli/5pkgs/firefox/firefox-with-config.nix b/jeschli/5pkgs/firefox/firefox-with-config.nix new file mode 100644 index 000000000..9be6250d7 --- /dev/null +++ b/jeschli/5pkgs/firefox/firefox-with-config.nix @@ -0,0 +1,488 @@ +{ stdenv, lib, pkgs, makeDesktopItem, makeWrapper, lndir, replace, config + +## various stuff that can be plugged in +, flashplayer, hal-flash +, MPlayerPlugin, ffmpeg, xorg, libpulseaudio, libcanberra-gtk2 +, jrePlugin, icedtea_web +, bluejeans, djview4, adobe-reader +, google_talk_plugin, fribid, gnome3/*.gnome-shell*/ +, esteidfirefoxplugin ? "" +, browserpass, chrome-gnome-shell, uget-integrator, plasma-browser-integration, bukubrow +, udev +, kerberos + +}: + +## configurability of the wrapper itself + +browser: + +let + wrapper = + { browserName ? browser.browserName or (builtins.parseDrvName browser.name).name + , name ? (browserName + "-" + (builtins.parseDrvName browser.name).version) + , desktopName ? # browserName with first letter capitalized + (lib.toUpper (lib.substring 0 1 browserName) + lib.substring 1 (-1) browserName) + , nameSuffix ? "" + , icon ? browserName + , extraPlugins ? [] + , extraPrefs ? "" + , extraExtensions ? [ ] + , allowNonSigned ? false + , disablePocket ? false + , disableTelemetry ? true + , disableDrmPlugin ? false + , showPunycodeUrls ? true + , disableFirefoxStudies ? true + , disableFirefoxSync ? false + , useSystemCertificates ? true + , dontCheckDefaultBrowser ? false + # For more information about anti tracking + # vist https://wiki.kairaven.de/open/app/firefox + , activateAntiTracking ? true + , disableFeedbackCommands ? true + , disableDNSOverHTTPS ? true + , disableGoogleSafebrowsing ? false + , clearDataOnShutdown ? false + , homepage ? "about:blank" + # For more information about policies visit + # https://github.com/mozilla/policy-templates#enterprisepoliciesenabled + , extraPolicies ? {} + , extraNativeMessagingHosts ? [] + , gdkWayland ? false + }: + + assert gdkWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used + + let + + # If extraExtensions has been set disable manual extensions + disableManualExtensions = if lib.count (x: true) extraExtensions > 0 then true else false; + + cfg = config.${browserName} or {}; + enableAdobeFlash = cfg.enableAdobeFlash or false; + ffmpegSupport = browser.ffmpegSupport or false; + gssSupport = browser.gssSupport or false; + jre = cfg.jre or false; + icedtea = cfg.icedtea or false; + supportsJDK = + stdenv.hostPlatform.system == "i686-linux" || + stdenv.hostPlatform.system == "x86_64-linux" || + stdenv.hostPlatform.system == "armv7l-linux" || + stdenv.hostPlatform.system == "aarch64-linux"; + + plugins = + assert !(jre && icedtea); + if builtins.hasAttr "enableVLC" cfg + then throw "The option \"${browserName}.enableVLC\" has been removed since Firefox no longer supports npapi plugins" + else + ([ ] + ++ lib.optional enableAdobeFlash flashplayer + ++ lib.optional (cfg.enableDjvu or false) (djview4) + ++ lib.optional (cfg.enableMPlayer or false) (MPlayerPlugin browser) + ++ lib.optional (supportsJDK && jre && jrePlugin ? mozillaPlugin) jrePlugin + ++ lib.optional icedtea icedtea_web + ++ lib.optional (cfg.enableGoogleTalkPlugin or false) google_talk_plugin + ++ lib.optional (cfg.enableFriBIDPlugin or false) fribid + ++ lib.optional (cfg.enableGnomeExtensions or false) gnome3.gnome-shell + ++ lib.optional (cfg.enableBluejeans or false) bluejeans + ++ lib.optional (cfg.enableAdobeReader or false) adobe-reader + ++ lib.optional (cfg.enableEsteid or false) esteidfirefoxplugin + ++ extraPlugins + ); + nativeMessagingHosts = + ([ ] + ++ lib.optional (cfg.enableBrowserpass or false) (lib.getBin browserpass) + ++ lib.optional (cfg.enableBukubrow or false) bukubrow + ++ lib.optional (cfg.enableGnomeExtensions or false) chrome-gnome-shell + ++ lib.optional (cfg.enableUgetIntegrator or false) uget-integrator + ++ lib.optional (cfg.enablePlasmaBrowserIntegration or false) plasma-browser-integration + ++ extraNativeMessagingHosts + ); + libs = lib.optional stdenv.isLinux udev + ++ lib.optional ffmpegSupport ffmpeg + ++ lib.optional gssSupport kerberos + ++ lib.optionals (cfg.enableQuakeLive or false) + (with xorg; [ stdenv.cc libX11 libXxf86dga libXxf86vm libXext libXt alsaLib zlib ]) + ++ lib.optional (enableAdobeFlash && (cfg.enableAdobeFlashDRM or false)) hal-flash + ++ lib.optional (config.pulseaudio or true) libpulseaudio; + gtk_modules = [ libcanberra-gtk2 ]; + + enterprisePolicies = + { + policies = { + DisableAppUpdate = true; + } // lib.optionalAttrs disableManualExtensions ( + { + ExtensionSettings = { + "*" = { + blocked_install_message = "You can't have manual extension mixed with nix extensions"; + installation_mode = "blocked"; + }; + + } // lib.foldr (e: ret: + ret // { + "${e.extid}" = { + installation_mode = "allowed"; + }; + } + ) {} extraExtensions; + } + ) // lib.optionalAttrs disablePocket ( + { + DisablePocket = true; + } + ) // lib.optionalAttrs disableTelemetry ( + { + DisableTelemetry = true; + } + ) // lib.optionalAttrs disableFirefoxStudies ( + { + DisableFirefoxStudies = true; + } + ) // lib.optionalAttrs disableFirefoxSync ( + { + DisableFirefoxAccounts = true; + } + ) // lib.optionalAttrs useSystemCertificates ( + { + # Disable useless firefox certificate store + Certificates = { + ImportEnterpriseRoots = true; + }; + } + ) // lib.optionalAttrs ( + if lib.count (x: true) extraExtensions > 0 then true else false) ( + { + # Don't try to update nix installed addons + DisableSystemAddonUpdate = true; + + # But update manually installed addons + ExtensionUpdate = false; + } + ) // lib.optionalAttrs dontCheckDefaultBrowser ( + { + DontCheckDefaultBrowser = true; + } + )// lib.optionalAttrs disableDNSOverHTTPS ( + { + DNSOverHTTPS = { + Enabled = false; + }; + } + ) // lib.optionalAttrs clearDataOnShutdown ( + { + SanitizeOnShutdown = true; + } + ) // lib.optionalAttrs disableFeedbackCommands ( + { + DisableFeedbackCommands = true; + } + ) // lib.optionalAttrs ( if homepage == "" then false else true) ( + { + Homepage = { + URL = homepage; + Locked = true; + }; + } + ) // extraPolicies ;} ; + + + extensions = builtins.map (a: + if ! (builtins.hasAttr "signed" a) || ! (builtins.isBool a.signed) then + throw "Addon ${a.pname} needs boolean attribute 'signed' " + else if ! (builtins.hasAttr "extid" a) || ! (builtins.isString a.extid) then + throw "Addon ${a.pname} needs a string attribute 'extid'" + else if a.signed == false && !allowNonSigned then + throw "Disable signature checking in firefox if you want ${a.pname} addon" + else a + ) extraExtensions; + + policiesJson = builtins.toFile "policies.json" + (builtins.toJSON enterprisePolicies); + + mozillaCfg = builtins.toFile "mozilla.cfg" '' + // First line must be a comment + + // Remove default top sites + lockPref("browser.newtabpage.pinned", ""); + lockPref("browser.newtabpage.activity-stream.default.sites", ""); + + // Deactivate first run homepage + lockPref("browser.startup.firstrunSkipsHomepage", false); + + // If true, don't show the privacy policy tab on first run + lockPref("datareporting.policy.dataSubmissionPolicyBypassNotification", true); + + ${ + if allowNonSigned == true then + ''lockPref("xpinstall.signatures.required", false)'' + else + "" + } + + ${ + if showPunycodeUrls == true then + '' + lockPref("network.IDN_show_punycode", true); + '' + else + "" + } + + ${ + if disableManualExtensions == true then + '' + lockPref("extensions.getAddons.showPane", false); + lockPref("extensions.htmlaboutaddons.recommendations.enabled", false); + lockPref("app.update.auto", false); + '' + else + "" + } + + ${ + if disableDrmPlugin == true then + '' + lockPref("media.gmp-gmpopenh264.enabled", false); + lockPref("media.gmp-widevinecdm.enabled", false); + '' + else + "" + } + + ${ + if activateAntiTracking == true then + '' + // Tracking + lockPref("browser.send_pings", false); + lockPref("browser.send_pings.require_same_host", true); + lockPref("network.dns.disablePrefetch", true); + lockPref("browser.contentblocking.trackingprotection.control-center.ui.enabled", false); + lockPref("browser.search.geoip.url", ""); + lockPref("privacy.firstparty.isolate", true); + lockPref("privacy.userContext.enabled", true); + lockPref("privacy.userContext.ui.enabled", true); + lockPref("privacy.firstparty.isolate.restrict_opener_access", false); + lockPref("network.http.referer.XOriginPolicy", 1); + lockPref("network.http.referer.hideOnionSource", true); + lockPref(" privacy.spoof_english", true); + + // This option is currently not usable because of bug: + // https://bugzilla.mozilla.org/show_bug.cgi?id=1557620 + // lockPref("privacy.resistFingerprinting", true); + '' + else "" + } + ${ + if disableTelemetry == true then + '' + // Telemetry + lockPref("browser.newtabpage.activity-stream.feeds.telemetry", false); + lockPref("browser.ping-centre.telemetry", false); + lockPref("devtools.onboarding.telemetry.logged", false); + lockPref("toolkit.telemetry.archive.enabled", false); + lockPref("toolkit.telemetry.bhrPing.enabled", false); + lockPref("toolkit.telemetry.enabled", false); + lockPref("toolkit.telemetry.firstShutdownPing.enabled", false); + lockPref("toolkit.telemetry.hybridContent.enabled", false); + lockPref("toolkit.telemetry.newProfilePing.enabled", false); + lockPref("toolkit.telemetry.shutdownPingSender.enabled", false); + lockPref("toolkit.telemetry.reportingpolicy.firstRun", false); + lockPref("dom.push.enabled", false); + lockPref("browser.newtabpage.activity-stream.feeds.snippets", false); + lockPref("security.ssl.errorReporting.enabled", false); + '' + else "" + } + + ${ + if disableGoogleSafebrowsing == true then + '' + // Google data sharing + lockPref("browser.safebrowsing.blockedURIs.enabled", false); + lockPref("browser.safebrowsing.downloads.enabled", false); + lockPref("browser.safebrowsing.malware.enabled", false); + lockPref("browser.safebrowsing.passwords.enabled", false); + lockPref("browser.safebrowsing.provider.google4.dataSharing.enabled", false); + lockPref("browser.safebrowsing.malware.enabled", false); + lockPref("browser.safebrowsing.phishing.enabled", false); + lockPref("browser.safebrowsing.provider.mozilla.gethashURL", ""); + lockPref("browser.safebrowsing.provider.mozilla.updateURL", ""); + '' + else "" + } + + // User customization + ${extraPrefs} + ''; + in stdenv.mkDerivation { + inherit name; + + desktopItem = makeDesktopItem { + name = browserName; + exec = "${browserName}${nameSuffix} %U"; + inherit icon; + comment = ""; + desktopName = "${desktopName}${nameSuffix}${lib.optionalString gdkWayland " (Wayland)"}"; + genericName = "Web Browser"; + categories = "Application;Network;WebBrowser;"; + mimeType = stdenv.lib.concatStringsSep ";" [ + "text/html" + "text/xml" + "application/xhtml+xml" + "application/vnd.mozilla.xul+xml" + "x-scheme-handler/http" + "x-scheme-handler/https" + "x-scheme-handler/ftp" + ]; + }; + + nativeBuildInputs = [ makeWrapper lndir ]; + buildInputs = lib.optional (browser ? gtk3) browser.gtk3; + + buildCommand = lib.optionalString stdenv.isDarwin '' + mkdir -p $out/Applications + cp -R --no-preserve=mode,ownership ${browser}/Applications/${browserName}.app $out/Applications + rm -f $out${browser.execdir or "/bin"}/${browserName} + '' + '' + + # Link the runtime. The executable itself has to be copied, + # because it will resolve paths relative to its true location. + # Any symbolic links have to be replicated as well. + cd "${browser}" + find . -type d -exec mkdir -p "$out"/{} \; + + find . -type f \( -not -name "${browserName}" \) -exec ln -sT "${browser}"/{} "$out"/{} \; + + find . -type f -name "${browserName}" -print0 | while read -d $'\0' f; do + cp -P --no-preserve=mode,ownership "${browser}/$f" "$out/$f" + chmod a+rwx "$out/$f" + done + + # fix links and absolute references + cd "${browser}" + + find . -type l -print0 | while read -d $'\0' l; do + target="$(readlink "$l" | ${replace}/bin/replace-literal -es -- "${browser}" "$out")" + ln -sfT "$target" "$out/$l" + done + + # This will not patch binaries, only "text" files. + # Its there for the wrapper mostly. + cd "$out" + ${replace}/bin/replace-literal -esfR -- "${browser}" "$out" + + # create the wrapper + + executablePrefix="$out${browser.execdir or "/bin"}" + executablePath="$executablePrefix/${browserName}" + + if [ ! -x "$executablePath" ] + then + echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'" + exit 1 + fi + + if [ ! -L "$executablePath" ] + then + # Careful here, the file at executablePath may already be + # a wrapper. That is why we postfix it with -old instead + # of -wrapped. + oldExe="$executablePrefix"/".${browserName}"-old + mv "$executablePath" "$oldExe" + else + oldExe="$(readlink -v --canonicalize-existing "$executablePath")" + fi + + + makeWrapper "$oldExe" "$out${browser.execdir or "/bin"}/${browserName}${nameSuffix}" \ + --suffix-each MOZ_PLUGIN_PATH ':' "$plugins" \ + --suffix LD_LIBRARY_PATH ':' "$libs" \ + --suffix-each GTK_PATH ':' "$gtk_modules" \ + --suffix-each LD_PRELOAD ':' "$(cat $(filterExisting $(addSuffix /extra-ld-preload $plugins)))" \ + --prefix-contents PATH ':' "$(filterExisting $(addSuffix /extra-bin-path $plugins))" \ + --suffix PATH ':' "$out${browser.execdir or "/bin"}" \ + --set MOZ_APP_LAUNCHER "${browserName}${nameSuffix}" \ + --set MOZ_SYSTEM_DIR "$out/lib/mozilla" \ + ${lib.optionalString gdkWayland '' + --set GDK_BACKEND "wayland" \ + ''}${lib.optionalString (browser ? gtk3) + ''--prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" \ + --suffix XDG_DATA_DIRS : '${gnome3.adwaita-icon-theme}/share' + '' + } + + if [ -e "${browser}/share/icons" ]; then + mkdir -p "$out/share" + ln -s "${browser}/share/icons" "$out/share/icons" + else + for res in 16 32 48 64 128; do + mkdir -p "$out/share/icons/hicolor/''${res}x''${res}/apps" + icon=( "${browser}/lib/"*"/browser/chrome/icons/default/default''${res}.png" ) + if [ -e "$icon" ]; then ln -s "$icon" \ + "$out/share/icons/hicolor/''${res}x''${res}/apps/${browserName}.png" + fi + done + fi + + install -D -t $out/share/applications $desktopItem/share/applications/* + + mkdir -p $out/lib/mozilla + for ext in ${toString nativeMessagingHosts}; do + lndir -silent $ext/lib/mozilla $out/lib/mozilla + done + + # For manpages, in case the program supplies them + mkdir -p $out/nix-support + echo ${browser} > $out/nix-support/propagated-user-env-packages + + # user customization + mkdir -p $out/lib/firefox + + # creating policies.json + mkdir -p "$out/lib/firefox/distribution" + + cat > "$out/lib/firefox/distribution/policies.json" < ${policiesJson} + + # preparing for autoconfig + mkdir -p "$out/lib/firefox/defaults/pref" + + cat > "$out/lib/firefox/defaults/pref/autoconfig.js" < "$out/lib/firefox/mozilla.cfg" < ${mozillaCfg} + + mkdir -p $out/lib/firefox/distribution/extensions + + for i in ${toString extensions}; do + ln -s -t $out/lib/firefox/distribution/extensions $i/* + done + ''; + + preferLocalBuild = true; + + # Let each plugin tell us (through its `mozillaPlugin') attribute + # where to find the plugin in its tree. + plugins = map (x: x + x.mozillaPlugin) plugins; + libs = lib.makeLibraryPath libs + ":" + lib.makeSearchPathOutput "lib" "lib64" libs; + gtk_modules = map (x: x + x.gtkModule) gtk_modules; + + passthru = { unwrapped = browser; }; + + disallowedRequisites = [ stdenv.cc ]; + + meta = browser.meta // { + description = + browser.meta.description + + " (with plugins: " + + lib.concatStrings (lib.intersperse ", " (map (x: x.name) plugins)) + + ")"; + hydraPlatforms = []; + priority = (browser.meta.priority or 0) - 1; # prefer wrapper over the package + }; + }; +in + lib.makeOverridable wrapper diff --git a/jeschli/5pkgs/firefox/font-fingerprint-defender/default.nix b/jeschli/5pkgs/firefox/font-fingerprint-defender/default.nix new file mode 100644 index 000000000..26751beef --- /dev/null +++ b/jeschli/5pkgs/firefox/font-fingerprint-defender/default.nix @@ -0,0 +1,40 @@ +{ stdenv, fetchurl, unzip, jq, zip }: + +stdenv.mkDerivation rec { + pname = "font-fingerprint-defender-${version}"; + version = "0.1.0"; + + extid = "@font-fingerprint-defender"; + signed = false; + + src = fetchurl { + url = "https://addons.mozill