tor-browser-bundle: feature parity with the binary bundle

This will be factored later (eventually both will be subsumed by a more
generic construct).

Don't bother with pulseaudio support, however.

1 files changed, 67 insertions, 0 deletions

diff --git a/pkgs/applications/networking/browsers/tor-browser-bundle/default.nix b/pkgs/applications/networking/browsers/tor-browser-bundle/default.nix
index 16182c8e4e71..6b582c756a3b 100644
--- a/pkgs/applications/networking/browsers/tor-browser-bundle/default.nix
+++ b/pkgs/applications/networking/browsers/tor-browser-bundle/default.nix
@@ -14,6 +14,19 @@
 , noto-fonts
 , noto-fonts-emoji
 
+# Audio support
+, audioSupport ? mediaSupport
+, apulse
+
+# Media support (implies audio support)
+, mediaSupport ? false
+, gstreamer
+, gst-plugins-base
+, gst-plugins-good
+, gst-ffmpeg
+, gmp
+, ffmpeg
+
 # Extensions, common
 , zip
 
@@ -57,6 +70,21 @@ let
   };
 
   fontsDir = "${fontsEnv}/share/fonts";
+
+  gstPluginsPath = lib.concatMapStringsSep ":" (x:
+    "${x}/lib/gstreamer-0.10") [
+      gstreamer
+      gst-plugins-base
+      gst-plugins-good
+      gst-ffmpeg
+    ];
+
+  gstLibPath = lib.makeLibraryPath [
+    gstreamer
+    gst-plugins-base
+    gmp
+    ffmpeg
+  ];
 in
 stdenv.mkDerivation rec {
   name = "tor-browser-bundle-${version}";
@@ -109,6 +137,13 @@ stdenv.mkDerivation rec {
     lockPref("extensions.torlauncher.control_port_use_ipc", true);
     lockPref("extensions.torlauncher.socks_port_use_ipc", true);
 
+    // Allow sandbox access to sound devices if using ALSA directly
+    ${if audioSupport then ''
+      pref("security.sandbox.content.write_path_whitelist", "/dev/snd/");
+    '' else ''
+      clearPref("security.sandbox.content.write_path_whitelist");
+    ''}
+
     // User customization
     ${extraPrefs}
     EOF
@@ -141,6 +176,15 @@ stdenv.mkDerivation rec {
       shared_mime_info
     ]}
 
+    ${lib.optionalString audioSupport ''
+      # apulse uses a non-standard library path ...
+      wrapper_LD_LIBRARY_PATH=${apulse}/lib/apulse''${wrapper_LD_LIBRARY_PATH:+:$wrapper_LD_LIBRARY_PATH}
+    ''}
+
+    ${lib.optionalString mediaSupport ''
+      wrapper_LD_LIBRARY_PATH=${gstLibPath}''${wrapper_LD_LIBRARY_PATH:+:$wrapper_LD_LIBRARY_PATH}
+    ''}
+
     mkdir -p $out/bin
     cat >$out/bin/tor-browser <<EOF
     #! ${stdenv.shell} -eu
@@ -209,9 +253,21 @@ stdenv.mkDerivation rec {
     # XDG_DATA_DIRS is set to prevent searching system directories for
     # mime and icon data.
     #
+    # PULSE_{SERVER,COOKIE} is necessary for audio playback w/pulseaudio
+    #
+    # APULSE_PLAYBACK_DEVICE is for audio playback w/o pulseaudio (no capture yet)
+    #
+    # GST_PLUGIN_SYSTEM_PATH is for HD video playback
+    #
+    # GST_REGISTRY is set to devnull to minimize disk writes
+    #
+    # TOR_* is for using an external tor instance
+    #
     # Parameters lacking a default value below are *required* (enforced by
     # -o nounset).
     exec env -i \
+      LD_LIBRARY_PATH=$wrapper_LD_LIBRARY_PATH \
+      \
       TZ=":" \
       \
       DISPLAY="\$DISPLAY" \
@@ -223,11 +279,22 @@ stdenv.mkDerivation rec {
       XDG_CONFIG_HOME="\$XDG_CONFIG_HOME" \
       XDG_DATA_HOME="\$XDG_DATA_HOME" \
       XDG_CACHE_HOME="\$XDG_CACHE_HOME" \
+      XDG_RUNTIME_DIR="\$HOME/run" \
       \
       XDG_DATA_DIRS="$wrapper_XDG_DATA_DIRS" \
       \
       FONTCONFIG_FILE="$TBDATA_IN_STORE/fonts.conf" \
       \
+      APULSE_PLAYBACK_DEVICE="\''${APULSE_PLAYBACK_DEVICE:-plug:dmix}" \
+      \
+      GST_PLUGIN_SYSTEM_PATH="${lib.optionalString mediaSupport gstPluginsPath}" \
+      GST_REGISTRY="/dev/null" \
+      GST_REGISTRY_UPDATE="no" \
+      \
+      TOR_SKIP_LAUNCH="\''${TOR_SKIP_LAUNCH:-}" \
+      TOR_CONTROL_PORT="\''${TOR_CONTROL_PORT:-}" \
+      TOR_SOCKS_PORT="\''${TOR_SOCKS_PORT:-}" \
+      \
       $self/firefox \
         -no-remote \
         -profile "\$HOME/TorBrowser/Data/Browser/profile.default" \