From ffb45b18bf936562a7669d74a9e388a3013a69d5 Mon Sep 17 00:00:00 2001 From: Dmitry Chermnykh <76gh6rvso@relay.firefox.com> Date: Wed, 2 Apr 2025 20:18:24 +0500 Subject: [PATCH 1/6] rewrite --- flake.lock | 27 ++++++- flake.nix | 214 +++++++++++++++----------------------------------- hm-module.nix | 50 ++++++++++++ package.nix | 113 ++++++++++++++++++++++++++ 4 files changed, 251 insertions(+), 153 deletions(-) create mode 100644 hm-module.nix create mode 100644 package.nix diff --git a/flake.lock b/flake.lock index 0bed1f1..c31171a 100644 --- a/flake.lock +++ b/flake.lock @@ -1,12 +1,32 @@ { "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1743604125, + "narHash": "sha256-ZD61DNbsBt1mQbinAaaEqKaJk2RFo9R/j+eYWeGMx7A=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "180fd43eea296e62ae68e079fcf56aba268b9a1a", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1742288794, - "narHash": "sha256-Txwa5uO+qpQXrNG4eumPSD+hHzzYi/CdaM80M9XRLCo=", + "lastModified": 1743448293, + "narHash": "sha256-bmEPmSjJakAp/JojZRrUvNcDX2R5/nuX6bm+seVaGhs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b6eaf97c6960d97350c584de1b6dcff03c9daf42", + "rev": "77b584d61ff80b4cef9245829a6f1dfad5afdfa3", "type": "github" }, "original": { @@ -18,6 +38,7 @@ }, "root": { "inputs": { + "home-manager": "home-manager", "nixpkgs": "nixpkgs" } } diff --git a/flake.nix b/flake.nix index 1bbd718..89ef985 100644 --- a/flake.nix +++ b/flake.nix @@ -2,161 +2,75 @@ description = "Zen Browser"; inputs.nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable"; + inputs.home-manager = { + url = "github:nix-community/home-manager"; + inputs.nixpkgs.follows = "nixpkgs"; + }; - outputs = { - self, - nixpkgs, - }: let - mkZen = name: system: entry: let - pkgs = import nixpkgs {inherit system;}; - variant = (builtins.fromJSON (builtins.readFile ./sources.json)).${entry}.${system}; + outputs = + { + self, + nixpkgs, + home-manager, + }: + let + mkZen = + name: system: entry: + let + pkgs = nixpkgs.legacyPackages.${system}; + variant = (builtins.fromJSON (builtins.readFile ./sources.json)).${entry}.${system}; - runtimeLibs = with pkgs; - [ - libGL - libGLU - libevent - libffi - libjpeg - libpng - libstartup_notification - libvpx - libwebp - stdenv.cc.cc - fontconfig - libxkbcommon - zlib - freetype - gtk3 - libxml2 - dbus - xcb-util-cursor - alsa-lib - libpulseaudio - pango - atk - cairo - gdk-pixbuf - glib - udev - libva - libgbm - vulkan-loader - mesa - libnotify - cups - pciutils - ffmpeg - libglvnd - pipewire - speechd - ] - ++ (with pkgs.xorg; [ - libxcb - libX11 - libXcursor - libXrandr - libXi - libXext - libXcomposite - libXdamage - libXfixes - libXScrnSaver - ]); - - policiesJson = pkgs.writeText "firefox-policies.json" (builtins.toJSON { - # https://mozilla.github.io/policy-templates/#disableappupdates - policies = { - DisableAppUpdate = true; + desktopFile = if name == "beta" then "zen.desktop" else "zen_${name}.desktop"; + in + pkgs.callPackage ./package.nix { + inherit name desktopFile variant; }; + + mkZenWrapped = + name: system: entry: + let + pkgs = nixpkgs.legacyPackages.${system}; + in + pkgs.wrapFirefox entry { + icon = "zen-${name}"; + wmClass = "zen"; + hasMozSystemDirPatch = false; + }; + + supportedSystems = [ + "x86_64-linux" + "aarch64-linux" + ]; + + forAllSystems = nixpkgs.lib.genAttrs supportedSystems; + in + { + packages = forAllSystems (system: rec { + beta-unwrapped = mkZen "beta" system "beta"; + twilight-unwrapped = mkZen "twilight" system "twilight"; + twilight-official-unwrapped = mkZen "twilight" system "twilight-official"; + + beta = mkZenWrapped "beta" system beta-unwrapped; + twilight = mkZenWrapped "twilight" system twilight-unwrapped; + twilight-official = mkZenWrapped "twilight" system twilight-official-unwrapped; + + default = beta; }); - desktopFile = - if name == "beta" - then "zen.desktop" - else "zen_${name}.desktop"; - in - pkgs.stdenv.mkDerivation { - inherit (variant) version; - pname = "zen-browser"; - - src = builtins.fetchTarball {inherit (variant) url sha256;}; - desktopSrc = ./.; - - phases = ["installPhase" "fixupPhase"]; - - nativeBuildInputs = [pkgs.makeWrapper pkgs.copyDesktopItems pkgs.wrapGAppsHook]; - - installPhase = '' - mkdir -p $out/{bin,opt/zen,lib/zen-${variant.version}/distribution} && cp -r $src/* $out/opt/zen - ln -s $out/opt/zen/zen $out/bin/zen - ln -s ${policiesJson} "$out/lib/zen-${variant.version}/distribution/policies.json" - ln -s $out/bin/zen $out/bin/zen-${name} - - install -D $desktopSrc/zen-${name}.desktop $out/share/applications/${desktopFile} - - install -D $src/browser/chrome/icons/default/default16.png $out/share/icons/hicolor/16x16/apps/zen-${name}.png - install -D $src/browser/chrome/icons/default/default32.png $out/share/icons/hicolor/32x32/apps/zen-${name}.png - install -D $src/browser/chrome/icons/default/default48.png $out/share/icons/hicolor/48x48/apps/zen-${name}.png - install -D $src/browser/chrome/icons/default/default64.png $out/share/icons/hicolor/64x64/apps/zen-${name}.png - install -D $src/browser/chrome/icons/default/default128.png $out/share/icons/hicolor/128x128/apps/zen-${name}.png - ''; - - fixupPhase = '' - chmod 755 $out/bin/zen $out/opt/zen/* - - patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" $out/opt/zen/zen - wrapProgram $out/opt/zen/zen --set LD_LIBRARY_PATH "${ - pkgs.lib.makeLibraryPath runtimeLibs - }" \ - --set MOZ_LEGACY_PROFILES 1 --set MOZ_ALLOW_DOWNGRADE 1 --set MOZ_APP_LAUNCHER zen --prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" - - patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" $out/opt/zen/zen-bin - wrapProgram $out/opt/zen/zen-bin --set LD_LIBRARY_PATH "${ - pkgs.lib.makeLibraryPath runtimeLibs - }" \ - --set MOZ_LEGACY_PROFILES 1 --set MOZ_ALLOW_DOWNGRADE 1 --set MOZ_APP_LAUNCHER zen --prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH" - - patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" $out/opt/zen/glxtest - wrapProgram $out/opt/zen/glxtest --set LD_LIBRARY_PATH "${ - pkgs.lib.makeLibraryPath runtimeLibs - }" - - patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" $out/opt/zen/updater - wrapProgram $out/opt/zen/updater --set LD_LIBRARY_PATH "${ - pkgs.lib.makeLibraryPath runtimeLibs - }" - - patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" $out/opt/zen/vaapitest - wrapProgram $out/opt/zen/vaapitest --set LD_LIBRARY_PATH "${ - pkgs.lib.makeLibraryPath runtimeLibs - }" - ''; - - meta = { - inherit desktopFile; - - description = "Experience tranquillity while browsing the web without people tracking you!"; - homepage = "https://zen-browser.app"; - downloadPage = "https://zen-browser.app/download/"; - changelog = "https://github.com/zen-browser/desktop/releases"; - platforms = pkgs.lib.platforms.linux; - mainProgram = "zen"; + homeModules = rec { + beta = import ./hm-module.nix { + inherit self home-manager; + name = "beta"; }; + twilight = import ./hm-module.nix { + inherit self home-manager; + name = "twilight"; + }; + twilight-official = import ./hm-module.nix { + inherit self home-manager; + name = "twilight-official"; + }; + default = beta; }; - - supportedSystems = [ - "x86_64-linux" - "aarch64-linux" - ]; - - forAllSystems = nixpkgs.lib.genAttrs supportedSystems; - in { - packages = forAllSystems (system: { - default = mkZen "beta" system "beta"; - beta = mkZen "beta" system "beta"; - twilight = mkZen "twilight" system "twilight"; - twilight-official = mkZen "twilight" system "twilight-official"; - }); - }; + }; } diff --git a/hm-module.nix b/hm-module.nix new file mode 100644 index 0000000..8357317 --- /dev/null +++ b/hm-module.nix @@ -0,0 +1,50 @@ +{ + home-manager, + self, + name, +}: +{ + pkgs, + config, + lib, + ... +}: +let + applicationName = "Zen Browser"; + modulePath = [ + "programs" + "zen-browser" + ]; + + mkFirefoxModule = import "${home-manager.outPath}/modules/programs/firefox/mkFirefoxModule.nix"; +in +{ + imports = [ + (mkFirefoxModule { + inherit modulePath; + name = applicationName; + wrappedPackageName = "zen-${name}-unwrapped"; + unwrappedPackageName = "zen-${name}"; + visible = true; + platforms = { + linux = { + vendorPath = ".zen"; + configPath = ".zen"; + }; + darwin = { + configPath = "Library/Application Support/Zen"; + }; + }; + }) + ]; + + config = lib.mkIf config.programs.zen-browser.enable { + programs.zen-browser = { + package = self.packages.${pkgs.stdenv.system}.${name}; + policies = { + DisableAppUpdate = true; + DisableTelemetry = true; + }; + }; + }; +} diff --git a/package.nix b/package.nix new file mode 100644 index 0000000..fdd551e --- /dev/null +++ b/package.nix @@ -0,0 +1,113 @@ +{ + name, + variant, + desktopFile, + + lib, + stdenv, + config, + wrapGAppsHook3, + autoPatchelfHook, + alsa-lib, + curl, + dbus-glib, + gtk3, + libXtst, + libva, + pciutils, + pipewire, + adwaita-icon-theme, + writeText, + patchelfUnstable, # have to use patchelfUnstable to support --no-clobber-old-sections + applicationName ? "Zen Browser", +}: + +let + binaryName = "zen-${name}"; + + mozillaPlatforms = { + x86_64-linux = "linux-x86_64"; + aarch64-linux = "linux-aarch64"; + }; + + policies = { + DisableAppUpdate = true; + } // config.firefox.policies or { }; + + policiesJson = writeText "firefox-policies.json" (builtins.toJSON { inherit policies; }); + + pname = "zen-${name}-bin-unwrapped"; +in + +stdenv.mkDerivation { + inherit pname; + inherit (variant) version; + + src = builtins.fetchTarball { inherit (variant) url sha256; }; + desktopSrc = ./.; + + nativeBuildInputs = [ + wrapGAppsHook3 + autoPatchelfHook + patchelfUnstable + ]; + buildInputs = [ + gtk3 + adwaita-icon-theme + alsa-lib + dbus-glib + libXtst + ]; + runtimeDependencies = [ + curl + libva.out + pciutils + ]; + appendRunpaths = [ + "${pipewire}/lib" + ]; + # Firefox uses "relrhack" to manually process relocations from a fixed offset + patchelfFlags = [ "--no-clobber-old-sections" ]; + + preFixup = '' + gappsWrapperArgs+=( + --set MOZ_ALLOW_DOWNGRADE 1 + --set MOZ_APP_LAUNCHER zen + ) + ''; + + installPhase = '' + mkdir -p $out/{bin,opt/zen,lib/zen-${variant.version}/distribution} && cp -r $src/* $out/opt/zen + ln -s $out/opt/zen/zen $out/bin/zen + ln -s ${policiesJson} "$out/lib/zen-${variant.version}/distribution/policies.json" + ln -s $out/bin/zen $out/bin/zen-${name} + + install -D $desktopSrc/zen-${name}.desktop $out/share/applications/${desktopFile} + + install -D $src/browser/chrome/icons/default/default16.png $out/share/icons/hicolor/16x16/apps/zen-${name}.png + install -D $src/browser/chrome/icons/default/default32.png $out/share/icons/hicolor/32x32/apps/zen-${name}.png + install -D $src/browser/chrome/icons/default/default48.png $out/share/icons/hicolor/48x48/apps/zen-${name}.png + install -D $src/browser/chrome/icons/default/default64.png $out/share/icons/hicolor/64x64/apps/zen-${name}.png + install -D $src/browser/chrome/icons/default/default128.png $out/share/icons/hicolor/128x128/apps/zen-${name}.png + ''; + + passthru = { + inherit applicationName binaryName; + libName = "zen-bin-${variant.version}"; + ffmpegSupport = true; + gssSupport = true; + gtk3 = gtk3; + }; + + meta = { + inherit desktopFile; + description = "Experience tranquillity while browsing the web without people tracking you!"; + homepage = "https://zen-browser.app"; + downloadPage = "https://zen-browser.app/download/"; + changelog = "https://github.com/zen-browser/desktop/releases"; + sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ]; + platforms = builtins.attrNames mozillaPlatforms; + hydraPlatforms = []; + mainProgram = binaryName; + }; +} From 13024d813c4a6e218078c960f1c14daaa00cf2ae Mon Sep 17 00:00:00 2001 From: Dmitry Chermnykh <76gh6rvso@relay.firefox.com> Date: Wed, 2 Apr 2025 20:38:15 +0500 Subject: [PATCH 2/6] fix mainProgram name --- package.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.nix b/package.nix index fdd551e..511322d 100644 --- a/package.nix +++ b/package.nix @@ -108,6 +108,6 @@ stdenv.mkDerivation { sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ]; platforms = builtins.attrNames mozillaPlatforms; hydraPlatforms = []; - mainProgram = binaryName; + mainProgram = "zen"; }; } From a8f6bb6854c0ede26a8ace4434436fc6c4302dc9 Mon Sep 17 00:00:00 2001 From: Dmitry Chermnykh <76gh6rvso@relay.firefox.com> Date: Wed, 2 Apr 2025 20:58:56 +0500 Subject: [PATCH 3/6] fix binary names & wrapping (follow `firefox-bin` installPhase logic) --- package.nix | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/package.nix b/package.nix index 511322d..cfeb750 100644 --- a/package.nix +++ b/package.nix @@ -77,10 +77,14 @@ stdenv.mkDerivation { ''; installPhase = '' - mkdir -p $out/{bin,opt/zen,lib/zen-${variant.version}/distribution} && cp -r $src/* $out/opt/zen - ln -s $out/opt/zen/zen $out/bin/zen + mkdir -p "$prefix/lib/zen-bin-${variant.version}" + cp -r "$src"/* "$prefix/lib/zen-bin-${variant.version}" + + mkdir -p "$out/bin" + ln -s "$prefix/lib/zen-bin-${variant.version}/zen" "$out/bin/${binaryName}" + + mkdir -p "$out/lib/zen-${variant.version}/distribution" ln -s ${policiesJson} "$out/lib/zen-${variant.version}/distribution/policies.json" - ln -s $out/bin/zen $out/bin/zen-${name} install -D $desktopSrc/zen-${name}.desktop $out/share/applications/${desktopFile} @@ -108,6 +112,6 @@ stdenv.mkDerivation { sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ]; platforms = builtins.attrNames mozillaPlatforms; hydraPlatforms = []; - mainProgram = "zen"; + mainProgram = binaryName; }; } From 8f64cd437e8effc13636a6e1ed567aa1772f15c6 Mon Sep 17 00:00:00 2001 From: Dmitry Chermnykh <76gh6rvso@relay.firefox.com> Date: Wed, 2 Apr 2025 21:06:56 +0500 Subject: [PATCH 4/6] hm module: set policy properties with lib.mkDefault --- hm-module.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hm-module.nix b/hm-module.nix index 8357317..ab0a5ca 100644 --- a/hm-module.nix +++ b/hm-module.nix @@ -42,8 +42,8 @@ in programs.zen-browser = { package = self.packages.${pkgs.stdenv.system}.${name}; policies = { - DisableAppUpdate = true; - DisableTelemetry = true; + DisableAppUpdate = lib.mkDefault true; + DisableTelemetry = lib.mkDefault true; }; }; }; From 808562590c116a65b063524dd54e55dc7e043d25 Mon Sep 17 00:00:00 2001 From: Dmitry Chermnykh <76gh6rvso@relay.firefox.com> Date: Wed, 2 Apr 2025 21:33:26 +0500 Subject: [PATCH 5/6] use the .desktop file generated via wrapFirefox --- flake.nix | 2 +- package.nix | 17 +++++++++++++---- zen-beta.desktop | 25 ------------------------- zen-twilight.desktop | 25 ------------------------- 4 files changed, 14 insertions(+), 55 deletions(-) delete mode 100644 zen-beta.desktop delete mode 100644 zen-twilight.desktop diff --git a/flake.nix b/flake.nix index 89ef985..5eacabd 100644 --- a/flake.nix +++ b/flake.nix @@ -33,7 +33,7 @@ in pkgs.wrapFirefox entry { icon = "zen-${name}"; - wmClass = "zen"; + wmClass = "zen-${name}"; hasMozSystemDirPatch = false; }; diff --git a/package.nix b/package.nix index cfeb750..98ce533 100644 --- a/package.nix +++ b/package.nix @@ -19,7 +19,18 @@ adwaita-icon-theme, writeText, patchelfUnstable, # have to use patchelfUnstable to support --no-clobber-old-sections - applicationName ? "Zen Browser", + applicationName ? + "Zen Browser" + + ( + if name == "beta" then + " (Beta)" + else if name == "twilight" then + " (Twilight)" + else if name == "twilight-official" then + " (Twilight)" + else + "" + ), }: let @@ -86,8 +97,6 @@ stdenv.mkDerivation { mkdir -p "$out/lib/zen-${variant.version}/distribution" ln -s ${policiesJson} "$out/lib/zen-${variant.version}/distribution/policies.json" - install -D $desktopSrc/zen-${name}.desktop $out/share/applications/${desktopFile} - install -D $src/browser/chrome/icons/default/default16.png $out/share/icons/hicolor/16x16/apps/zen-${name}.png install -D $src/browser/chrome/icons/default/default32.png $out/share/icons/hicolor/32x32/apps/zen-${name}.png install -D $src/browser/chrome/icons/default/default48.png $out/share/icons/hicolor/48x48/apps/zen-${name}.png @@ -111,7 +120,7 @@ stdenv.mkDerivation { changelog = "https://github.com/zen-browser/desktop/releases"; sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ]; platforms = builtins.attrNames mozillaPlatforms; - hydraPlatforms = []; + hydraPlatforms = [ ]; mainProgram = binaryName; }; } diff --git a/zen-beta.desktop b/zen-beta.desktop deleted file mode 100644 index a44e8f3..0000000 --- a/zen-beta.desktop +++ /dev/null @@ -1,25 +0,0 @@ -[Desktop Entry] -Name=Zen Browser -Exec=zen-beta %u -Icon=zen-beta -Type=Application -MimeType=text/html;text/xml;application/xhtml+xml;x-scheme-handler/http;x-scheme-handler/https;application/x-xpinstall;application/pdf;application/json; -StartupWMClass=zen-beta -Categories=Network;WebBrowser; -StartupNotify=true -Terminal=false -X-MultipleArgs=false -Keywords=Internet;WWW;Browser;Web;Explorer; -Actions=new-window;new-private-window;profilemanager; - -[Desktop Action new-window] -Name=Open a New Window -Exec=zen-beta %u - -[Desktop Action new-private-window] -Name=Open a New Private Window -Exec=zen-beta --private-window %u - -[Desktop Action profilemanager] -Name=Open the Profile Manager -Exec=zen-beta --ProfileManager %u diff --git a/zen-twilight.desktop b/zen-twilight.desktop deleted file mode 100644 index e648492..0000000 --- a/zen-twilight.desktop +++ /dev/null @@ -1,25 +0,0 @@ -[Desktop Entry] -Name=Zen Browser (Twilight) -Exec=zen-twilight %u -Icon=zen-twilight -Type=Application -MimeType=text/html;text/xml;application/xhtml+xml;x-scheme-handler/http;x-scheme-handler/https;application/x-xpinstall;application/pdf;application/json; -StartupWMClass=zen-twilight -Categories=Network;WebBrowser; -StartupNotify=true -Terminal=false -X-MultipleArgs=false -Keywords=Internet;WWW;Browser;Web;Explorer; -Actions=new-window;new-private-window;profilemanager; - -[Desktop Action new-window] -Name=Open a New Window -Exec=zen-twilight %u - -[Desktop Action new-private-window] -Name=Open a New Private Window -Exec=zen-twilight --private-window %u - -[Desktop Action profilemanager] -Name=Open the Profile Manager -Exec=zen-twilight --ProfileManager %u From c3bb78a3e4fbe37c3565be8929cb74035c15d0cb Mon Sep 17 00:00:00 2001 From: Dmitry Chermnykh <76gh6rvso@relay.firefox.com> Date: Wed, 2 Apr 2025 22:05:17 +0500 Subject: [PATCH 6/6] remove extra gappsWrapperArgs because they are inserted automatically with pkgs.wrapFirefox --- package.nix | 7 ------- 1 file changed, 7 deletions(-) diff --git a/package.nix b/package.nix index 98ce533..ceed724 100644 --- a/package.nix +++ b/package.nix @@ -80,13 +80,6 @@ stdenv.mkDerivation { # Firefox uses "relrhack" to manually process relocations from a fixed offset patchelfFlags = [ "--no-clobber-old-sections" ]; - preFixup = '' - gappsWrapperArgs+=( - --set MOZ_ALLOW_DOWNGRADE 1 - --set MOZ_APP_LAUNCHER zen - ) - ''; - installPhase = '' mkdir -p "$prefix/lib/zen-bin-${variant.version}" cp -r "$src"/* "$prefix/lib/zen-bin-${variant.version}"