diff options
Diffstat (limited to 'infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox')
3 files changed, 279 insertions, 39 deletions
diff --git a/infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox/common.nix b/infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox/common.nix index 5837ddd7efc5..1fbfdc2a7da6 100644 --- a/infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox/common.nix +++ b/infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox/common.nix @@ -4,13 +4,14 @@ { lib, stdenv, pkgconfig, pango, perl, python2, python3, zip , libjpeg, zlib, dbus, dbus-glib, bzip2, xorg -, freetype, fontconfig, file, nspr, nss, libnotify +, freetype, fontconfig, file, nspr, nss, nss_3_53, libnotify , yasm, libGLU, libGL, sqlite, unzip, makeWrapper , hunspell, libXdamage, libevent, libstartup_notification , libvpx_1_8 , icu67, libpng, jemalloc, glib -, autoconf213, which, gnused, cargo, rustc, llvmPackages +, autoconf213, which, gnused, rustPackages, rustPackages_1_45 , rust-cbindgen, nodejs, nasm, fetchpatch +, gnum4 , debugBuild ? false ### optionals @@ -22,6 +23,8 @@ , ffmpegSupport ? true , gtk3Support ? true, gtk2, gtk3, wrapGAppsHook , waylandSupport ? true, libxkbcommon +# LTO is disabled since it caused segfaults on wayland see https://github.com/NixOS/nixpkgs/issues/101429 +, ltoSupport ? false, overrideCC, buildPackages , gssSupport ? true, kerberos , pipewireSupport ? waylandSupport && webrtcSupport, pipewire @@ -71,6 +74,7 @@ assert stdenv.cc.libc or null != null; assert pipewireSupport -> !waylandSupport || !webrtcSupport -> throw "pipewireSupport requires both wayland and webrtc support."; +assert ltoSupport -> stdenv.isDarwin -> throw "LTO is broken on Darwin (see PR#19312)."; let flag = tf: x: [(if tf then "--enable-${x}" else "--disable-${x}")]; @@ -87,9 +91,26 @@ let then "/Applications/${binaryNameCapitalized}.app/Contents/MacOS" else "/bin"; + # Darwin's stdenv provides the default llvmPackages version, match that since + # clang LTO on Darwin is broken so the stdenv is not being changed. + llvmPackages = if stdenv.isDarwin + then buildPackages.llvmPackages + else buildPackages.llvmPackages_10; + + # When LTO for Darwin is fixed, the following will need updating as lld + # doesn't work on it. For now it is fine since ltoSupport implies no Darwin. + buildStdenv = if ltoSupport + then overrideCC stdenv llvmPackages.lldClang + else stdenv; + + # 78 ESR won't build with rustc 1.47 + inherit (if lib.versionAtLeast ffversion "82" then rustPackages else rustPackages_1_45) + rustc cargo; + + nss_pkg = if lib.versionOlder ffversion "83" then nss_3_53 else nss; in -stdenv.mkDerivation ({ +buildStdenv.mkDerivation ({ name = "${pname}-unwrapped-${ffversion}"; version = ffversion; @@ -97,12 +118,38 @@ stdenv.mkDerivation ({ patches = [ ./env_var_for_system_dir.patch - ] ++ lib.optional pipewireSupport + ./no-buildconfig-ffx76.patch + ] ++ + + # there are two flavors of pipewire support + # The patches for the ESR release and the patches for the current stable + # release. + # Until firefox upstream stabilizes pipewire support we will have to continue + # tracking multiple versions here. + lib.optional (pipewireSupport && lib.versionOlder ffversion "83") (fetchpatch { # https://src.fedoraproject.org/rpms/firefox/blob/master/f/firefox-pipewire-0-3.patch url = "https://src.fedoraproject.org/rpms/firefox/raw/e99b683a352cf5b2c9ff198756859bae408b5d9d/f/firefox-pipewire-0-3.patch"; sha256 = "0qc62di5823r7ly2lxkclzj9rhg2z7ms81igz44nv0fzv3dszdab"; }) + ++ + # This picks pipewire patches from fedora that are part of https://bugzilla.mozilla.org/show_bug.cgi?id=1672944 + lib.optionals (pipewireSupport && lib.versionAtLeast ffversion "83") (let + fedora_revision = "d6756537dd8cf4d9816dc63ada66ea026e0fd128"; + mkPWPatch = spec: fetchpatch { + inherit (spec) name sha256; + url = "https://src.fedoraproject.org/rpms/firefox/raw/${fedora_revision}/f/${spec.name}"; + }; + in map mkPWPatch [ + { name = "pw1.patch"; sha256 = "1a7zvngn3k7dg886zmi38kmrsdzh2rrr46aw59bhr1gfmq8wlwn0"; } + { name = "pw2.patch"; sha256 = "17irg3yb2mchcy0z0nr4k65mwvkps467cvvczr10fnm06lhkhw1l"; } + { name = "pw3.patch"; sha256 = "12p6ql5ff2lfzlni6xkpz63h2xr6n2a9zf8hhjl99fj56rif6706"; } + { name = "pw4.patch"; sha256 = "0rvysc92rdm98s47w5lvbnrklrf7d299k3918qnldniyb4b9p4mg"; } + { name = "pw5.patch"; sha256 = "0kk2yxq4qkfwc4px6m08jrn18a7a7dhrngfiaw84r9ga6sgn0z00"; } + { name = "pw6.patch"; sha256 = "12lhx9wjpw0ahbfmw07wsx76bb223mr453q9cg8cq951vyskch3s"; } + { name = "pw7.patch"; sha256 = "0afw7cfd48vn62zb9y5kd2l26fg44s3aq1kyg3gm4q3rj34xidf6"; } + ]) + ++ patches; @@ -125,28 +172,35 @@ stdenv.mkDerivation ({ # yasm can potentially be removed in future versions # https://bugzilla.mozilla.org/show_bug.cgi?id=1501796 # https://groups.google.com/forum/#!msg/mozilla.dev.platform/o-8levmLU80/SM_zQvfzCQAJ - nspr nss + nspr nss_pkg ] ++ lib.optional alsaSupport alsaLib ++ lib.optional pulseaudioSupport libpulseaudio # only headers are needed ++ lib.optional gtk3Support gtk3 ++ lib.optional gssSupport kerberos + ++ lib.optional ltoSupport llvmPackages.libunwind ++ lib.optionals waylandSupport [ libxkbcommon ] ++ lib.optionals pipewireSupport [ pipewire ] - ++ lib.optionals stdenv.isDarwin [ CoreMedia ExceptionHandling Kerberos - AVFoundation MediaToolbox CoreLocation - Foundation libobjc AddressBook cups ]; + ++ lib.optionals (lib.versionAtLeast ffversion "82") [ gnum4 ] + ++ lib.optionals buildStdenv.isDarwin [ CoreMedia ExceptionHandling Kerberos + AVFoundation MediaToolbox CoreLocation + Foundation libobjc AddressBook cups ]; + + NIX_LDFLAGS = lib.optionalString ltoSupport '' + -rpath ${placeholder "out"}/lib/${binaryName} + -rpath ${llvmPackages.libunwind.out}/lib + ''; NIX_CFLAGS_COMPILE = toString [ "-I${glib.dev}/include/gio-unix-2.0" - "-I${nss.dev}/include/nss" + "-I${nss_pkg.dev}/include/nss" ]; MACH_USE_SYSTEM_PYTHON = "1"; postPatch = '' rm -rf obj-x86_64-pc-linux-gnu - '' + lib.optionalString pipewireSupport '' + '' + lib.optionalString (pipewireSupport && lib.versionOlder ffversion "83") '' # substitute the /usr/include/ lines for the libraries that pipewire provides. # The patch we pick from fedora only contains the generated moz.build files # which hardcode the dependency paths instead of running pkg_config. @@ -179,7 +233,7 @@ stdenv.mkDerivation ({ which ] ++ lib.optional gtk3Support wrapGAppsHook - ++ lib.optionals stdenv.isDarwin [ xcbuild rsync ] + ++ lib.optionals buildStdenv.isDarwin [ xcbuild rsync ] ++ extraNativeBuildInputs; preConfigure = '' @@ -197,12 +251,12 @@ stdenv.mkDerivation ({ # included we need to look in a few places. # TODO: generalize this process for other use-cases. - BINDGEN_CFLAGS="$(< ${stdenv.cc}/nix-support/libc-crt1-cflags) \ - $(< ${stdenv.cc}/nix-support/libc-cflags) \ - $(< ${stdenv.cc}/nix-support/cc-cflags) \ - $(< ${stdenv.cc}/nix-support/libcxx-cxxflags) \ - ${lib.optionalString stdenv.cc.isClang "-idirafter ${stdenv.cc.cc}/lib/clang/${lib.getVersion stdenv.cc.cc}/include"} \ - ${lib.optionalString stdenv.cc.isGNU "-isystem ${stdenv.cc.cc}/include/c++/${lib.getVersion stdenv.cc.cc} -isystem ${stdenv.cc.cc}/include/c++/${lib.getVersion stdenv.cc.cc}/${stdenv.hostPlatform.config}"} \ + BINDGEN_CFLAGS="$(< ${buildStdenv.cc}/nix-support/libc-crt1-cflags) \ + $(< ${buildStdenv.cc}/nix-support/libc-cflags) \ + $(< ${buildStdenv.cc}/nix-support/cc-cflags) \ + $(< ${buildStdenv.cc}/nix-support/libcxx-cxxflags) \ + ${lib.optionalString buildStdenv.cc.isClang "-idirafter ${buildStdenv.cc.cc}/lib/clang/${lib.getVersion buildStdenv.cc.cc}/include"} \ + ${lib.optionalString buildStdenv.cc.isGNU "-isystem ${buildStdenv.cc.cc}/include/c++/${lib.getVersion buildStdenv.cc.cc} -isystem ${buildStdenv.cc.cc}/include/c++/${lib.getVersion buildStdenv.cc.cc}/${buildStdenv.hostPlatform.config}"} \ $NIX_CFLAGS_COMPILE" echo "ac_add_options BINDGEN_CFLAGS='$BINDGEN_CFLAGS'" >> $MOZCONFIG @@ -236,11 +290,20 @@ stdenv.mkDerivation ({ "--enable-jemalloc" "--enable-default-toolkit=${default-toolkit}" "--with-libclang-path=${llvmPackages.libclang}/lib" - "--with-clang-path=${llvmPackages.clang}/bin/clang" "--with-system-nspr" "--with-system-nss" ] - ++ lib.optional (stdenv.isDarwin) "--disable-xcode-checks" + ++ lib.optional (buildStdenv.isDarwin) "--disable-xcode-checks" + ++ lib.optional (!ltoSupport) "--with-clang-path=${llvmPackages.clang}/bin/clang" + # LTO is done using clang and lld on Linux. + # Darwin needs to use the default linker as lld is not supported (yet?): + # https://bugzilla.mozilla.org/show_bug.cgi?id=1538724 + # elf-hack is broken when using clang+lld: + # https://bugzilla.mozilla.org/show_bug.cgi?id=1482204 + ++ lib.optionals ltoSupport [ + "--enable-lto" + "--disable-elf-hack" + ] ++ lib.optional (ltoSupport && !buildStdenv.isDarwin) "--enable-linker=lld" ++ flag alsaSupport "alsa" ++ flag pulseaudioSupport "pulseaudio" @@ -270,12 +333,12 @@ stdenv.mkDerivation ({ enableParallelBuilding = true; doCheck = false; # "--disable-tests" above - installPhase = if stdenv.isDarwin then '' + installPhase = if buildStdenv.isDarwin then '' mkdir -p $out/Applications cp -LR dist/${binaryNameCapitalized}.app $out/Applications '' else null; - postInstall = lib.optionalString stdenv.isLinux '' + postInstall = lib.optionalString buildStdenv.isLinux '' # Remove SDK cruft. FIXME: move to a separate output? rm -rf $out/share/idl $out/include $out/lib/${binaryName}-devel-* @@ -283,7 +346,7 @@ stdenv.mkDerivation ({ gappsWrapperArgs+=(--argv0 "$out/bin/.${binaryName}-wrapped") ''; - postFixup = lib.optionalString stdenv.isLinux '' + postFixup = lib.optionalString buildStdenv.isLinux '' # Fix notifications. LibXUL uses dlopen for this, unfortunately; see #18712. patchelf --set-rpath "${lib.getLib libnotify }/lib:$(patchelf --print-rpath "$out"/lib/${binaryName}*/libxul.so)" \ @@ -302,6 +365,7 @@ stdenv.mkDerivation ({ version = ffversion; isFirefox3Like = true; gtk = gtk2; + inherit alsaSupport; inherit nspr; inherit ffmpegSupport; inherit gssSupport; @@ -323,4 +387,6 @@ stdenv.mkDerivation ({ # on aarch64 this is also required dontUpdateAutotoolsGnuConfigScripts = true; + + requiredSystemFeatures = [ "big-parallel" ]; }) diff --git a/infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox/packages.nix b/infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox/packages.nix index 115588c226f4..7f1d9763e424 100644 --- a/infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox/packages.nix +++ b/infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox/packages.nix @@ -1,4 +1,4 @@ -{ config, stdenv, lib, callPackage, fetchurl, nss_3_44 }: +{ stdenv, lib, callPackage, fetchurl, fetchpatch }: let common = opts: callPackage (import ./common.nix opts) {}; @@ -7,26 +7,32 @@ in rec { firefox = common rec { pname = "firefox"; - ffversion = "81.0.2"; + ffversion = "83.0"; src = fetchurl { url = "mirror://mozilla/firefox/releases/${ffversion}/source/firefox-${ffversion}.source.tar.xz"; - sha512 = "1szsj7rwpn7ggiavvnc38a75ip0r3p5bgr2kvy2hq7519abzmr3z49jg4alpsy1ndkfylvh28zjw9h5xys0bvs40f33ps90j60z8gla"; + sha512 = "3va5a9471677jfzkhqp8xkba45n0bcpphbabhqbcbnps6p85m3y98pl5jy9q7cpq3a6gxc4ax7bp90yz2nfvfq7i64iz397xpprri2a"; }; patches = [ - ./no-buildconfig-ffx76.patch + # Fix compilation on aarch64 with newer rust version + # See https://bugzilla.mozilla.org/show_bug.cgi?id=1677690 + # and https://bugzilla.redhat.com/show_bug.cgi?id=1897675 + (fetchpatch { + name = "aarch64-simd-bgz-1677690.patch"; + url = "https://github.com/mozilla/gecko-dev/commit/71597faac0fde4f608a60dd610d0cefac4972cc3.patch"; + sha256 = "1f61nsgbv2c2ylgjs7wdahxrrlgc19gjy5nzs870zr1g832ybwin"; + }) ]; meta = { description = "A web browser built from Firefox source tree"; homepage = "http://www.mozilla.com/en-US/firefox/"; - maintainers = with lib.maintainers; [ eelco andir ]; + maintainers = with lib.maintainers; [ eelco ]; platforms = lib.platforms.unix; badPlatforms = lib.platforms.darwin; broken = stdenv.buildPlatform.is32bit; # since Firefox 60, build on 32-bit platforms fails with "out of memory". # not in `badPlatforms` because cross-compilation on 64-bit machine might work. license = lib.licenses.mpl20; - timeout = 28800; # eight hours }; updateScript = callPackage ./update.nix { attrPath = "firefox-unwrapped"; @@ -36,20 +42,16 @@ rec { firefox-esr-78 = common rec { pname = "firefox-esr"; - ffversion = "78.3.1esr"; + ffversion = "78.5.0esr"; src = fetchurl { url = "mirror://mozilla/firefox/releases/${ffversion}/source/firefox-${ffversion}.source.tar.xz"; - sha512 = "10a7xfp396n81aj17fbl1b1jr8gbn5ild2ig5cfz6r5ff3wfbjs3x0iqrlwqnjfdqq2pw19k2yrv91iwymd8jwjj4p35xsfivgn0a0n"; + sha512 = "20h53cn7p4dds1yfm166iwbjdmw4fkv5pfk4z0pni6x8ddjvg19imzs6ggmpnfhaji8mnlknm7xp5j7x9vi24awvdxdds5n88rh25hd"; }; - patches = [ - ./no-buildconfig-ffx76.patch - ]; - meta = { description = "A web browser built from Firefox Extended Support Release source tree"; homepage = "http://www.mozilla.com/en-US/firefox/"; - maintainers = with lib.maintainers; [ eelco andir ]; + maintainers = with lib.maintainers; [ eelco ]; platforms = lib.platforms.unix; badPlatforms = lib.platforms.darwin; broken = stdenv.buildPlatform.is32bit; # since Firefox 60, build on 32-bit platforms fails with "out of memory". diff --git a/infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox/wrapper.nix b/infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox/wrapper.nix index 424c45d305e8..7f0b826f905e 100644 --- a/infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox/wrapper.nix +++ b/infra/libkookie/nixpkgs/pkgs/applications/networking/browsers/firefox/wrapper.nix @@ -1,10 +1,11 @@ { stdenv, lib, makeDesktopItem, makeWrapper, lndir, config +, replace, fetchurl, zip, unzip, jq ## various stuff that can be plugged in , flashplayer, hal-flash -, ffmpeg, xorg, libpulseaudio, libcanberra-gtk2, libglvnd +, ffmpeg, xorg, alsaLib, libpulseaudio, libcanberra-gtk2, libglvnd , gnome3/*.gnome-shell*/ -, browserpass, chrome-gnome-shell, uget-integrator, plasma-browser-integration, bukubrow +, browserpass, chrome-gnome-shell, uget-integrator, plasma5, bukubrow , tridactyl-native , fx_cast_bridge , udev @@ -31,6 +32,16 @@ let , forceWayland ? false , useGlvnd ? true , cfg ? config.${browserName} or {} + + ## Following options are needed for extra prefs & policies + # For more information about anti tracking (german website) + # visit https://wiki.kairaven.de/open/app/firefox + , extraPrefs ? "" + # For more information about policies visit + # https://github.com/mozilla/policy-templates#enterprisepoliciesenabled + , extraPolicies ? {} + , firefoxLibName ? "firefox" # Important for tor package or the like + , nixExtensions ? null }: assert forceWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used @@ -39,6 +50,7 @@ let enableAdobeFlash = cfg.enableAdobeFlash or false; ffmpegSupport = browser.ffmpegSupport or false; gssSupport = browser.gssSupport or false; + alsaSupport = browser.alsaSupport or false; plugins = let @@ -64,7 +76,7 @@ let ++ lib.optional (cfg.enableTridactylNative or false) tridactyl-native ++ lib.optional (cfg.enableGnomeExtensions or false) chrome-gnome-shell ++ lib.optional (cfg.enableUgetIntegrator or false) uget-integrator - ++ lib.optional (cfg.enablePlasmaBrowserIntegration or false) plasma-browser-integration + ++ lib.optional (cfg.enablePlasmaBrowserIntegration or false) plasma5.plasma-browser-integration ++ lib.optional (cfg.enableFXCastBridge or false) fx_cast_bridge ++ extraNativeMessagingHosts ); @@ -76,9 +88,67 @@ let (with xorg; [ stdenv.cc libX11 libXxf86dga libXxf86vm libXext libXt alsaLib zlib ]) ++ lib.optional (enableAdobeFlash && (cfg.enableAdobeFlashDRM or false)) hal-flash ++ lib.optional (config.pulseaudio or true) libpulseaudio + ++ lib.optional alsaSupport alsaLib ++ pkcs11Modules; gtk_modules = [ libcanberra-gtk2 ]; + ######################### + # # + # EXTRA PREF CHANGES # + # # + ######################### + policiesJson = builtins.toFile "policies.json" + (builtins.toJSON enterprisePolicies); + + usesNixExtensions = nixExtensions != null; + + extensions = builtins.map (a: + if ! (builtins.hasAttr "extid" a) then + throw "nixExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon" + else + a + ) (if usesNixExtensions then nixExtensions else []); + + enterprisePolicies = + { + policies = lib.optionalAttrs usesNixExtensions { + DisableAppUpdate = true; + } // + lib.optionalAttrs usesNixExtensions { + ExtensionSettings = { + "*" = { + blocked_install_message = "You can't have manual extension mixed with nix extensions"; + installation_mode = "blocked"; + }; + + } // lib.foldr (e: ret: + ret // { + "${e.extid}" = { + installation_mode = "allowed"; + }; + } + ) {} extensions; + } + // extraPolicies; + }; + + mozillaCfg = builtins.toFile "mozilla.cfg" '' +// First line must be a comment + + // Disables addon signature checking + // to be able to install addons that do not have an extid + // Security is maintained because only user whitelisted addons + // with a checksum can be installed + ${ lib.optionalString usesNixExtensions ''lockPref("xpinstall.signatures.required", false)'' }; + ${extraPrefs} + ''; + + ############################# + # # + # END EXTRA PREF CHANGES # + # # + ############################# + in stdenv.mkDerivation { inherit pname version; @@ -104,6 +174,7 @@ let nativeBuildInputs = [ makeWrapper lndir ]; buildInputs = lib.optional (browser ? gtk3) browser.gtk3; + buildCommand = lib.optionalString stdenv.isDarwin '' mkdir -p $out/Applications cp -R --no-preserve=mode,ownership ${browser}/Applications/${browserName}.app $out/Applications @@ -115,7 +186,66 @@ let exit 1 fi - makeWrapper "$(readlink -v --canonicalize-existing "${browser}${browser.execdir or "/bin"}/${browserName}")" \ + ######################### + # # + # EXTRA PREF CHANGES # + # # + ######################### + # Link the runtime. The executable itself has to be copied, + # because it will resolve paths relative to its true location. + # Any symbolic links have to be replicated as well. + cd "${browser}" + find . -type d -exec mkdir -p "$out"/{} \; + + find . -type f \( -not -name "${browserName}" \) -exec ln -sT "${browser}"/{} "$out"/{} \; + + find . -type f -name "${browserName}" -print0 | while read -d $'\0' f; do + cp -P --no-preserve=mode,ownership "${browser}/$f" "$out/$f" + chmod a+rwx "$out/$f" + done + + # fix links and absolute references + cd "${browser}" + + find . -type l -print0 | while read -d $'\0' l; do + target="$(readlink "$l" | ${replace}/bin/replace-literal -es -- "${browser}" "$out")" + ln -sfT "$target" "$out/$l" + done + + # This will not patch binaries, only "text" files. + # Its there for the wrapper mostly. + cd "$out" + ${replace}/bin/replace-literal -esfR -- "${browser}" "$out" + + # create the wrapper + + executablePrefix="$out${browser.execdir or "/bin"}" + executablePath="$executablePrefix/${browserName}" + + if [ ! -x "$executablePath" ] + then + echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'" + exit 1 + fi + + if [ ! -L "$executablePath" ] + then + # Careful here, the file at executablePath may already be + # a wrapper. That is why we postfix it with -old instead + # of -wrapped. + oldExe="$executablePrefix"/".${browserName}"-old + mv "$executablePath" "$oldExe" + else + oldExe="$(readlink -v --canonicalize-existing "$executablePath")" + fi + + if [ ! -x "${browser}${browser.execdir or "/bin"}/${browserName}" ] + then + echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'" + exit 1 + fi + + makeWrapper "$oldExe" \ "$out${browser.execdir or "/bin"}/${browserName}${nameSuffix}" \ --suffix-each MOZ_PLUGIN_PATH ':' "$plugins" \ --suffix LD_LIBRARY_PATH ':' "$libs" \ @@ -135,6 +265,11 @@ let --suffix XDG_DATA_DIRS : '${gnome3.adwaita-icon-theme}/share' '' } + ############################# + # # + # END EXTRA PREF CHANGES # + # # + ############################# if [ -e "${browser}/share/icons" ]; then mkdir -p "$out/share" @@ -164,6 +299,43 @@ let # For manpages, in case the program supplies them mkdir -p $out/nix-support echo ${browser} > $out/nix-support/propagated-user-env-packages + + + ######################### + # # + # EXTRA PREF CHANGES # + # # + ######################### + # user customization + mkdir -p $out/lib/${firefoxLibName} + + # creating policies.json + mkdir -p "$out/lib/${firefoxLibName}/distribution" + + POL_PATH="$out/lib/${firefoxLibName}/distribution/policies.json" + rm -f "$POL_PATH" + cat ${policiesJson} >> "$POL_PATH" + + # preparing for autoconfig + mkdir -p "$out/lib/${firefoxLibName}/defaults/pref" + + cat > "$out/lib/${firefoxLibName}/defaults/pref/autoconfig.js" <<EOF + pref("general.config.filename", "mozilla.cfg"); + pref("general.config.obscure_value", 0); + EOF + + cat > "$out/lib/${firefoxLibName}/mozilla.cfg" < ${mozillaCfg} + + mkdir -p $out/lib/${firefoxLibName}/distribution/extensions + + for i in ${toString extensions}; do + ln -s -t $out/lib/${firefoxLibName}/distribution/extensions $i/* + done + ############################# + # # + # END EXTRA PREF CHANGES # + # # + ############################# ''; preferLocalBuild = true; |