2017-09-26 03:58:12 +01:00
|
|
|
{ stdenv
|
|
|
|
, lib
|
|
|
|
, fetchurl
|
|
|
|
, fetchgit
|
2017-09-26 19:28:12 +01:00
|
|
|
, symlinkJoin
|
2017-09-26 03:58:12 +01:00
|
|
|
|
|
|
|
, tor
|
|
|
|
, tor-browser-unwrapped
|
|
|
|
|
|
|
|
# Extensions, common
|
2017-09-26 19:28:12 +01:00
|
|
|
, unzip
|
2017-09-26 03:58:12 +01:00
|
|
|
, zip
|
|
|
|
|
|
|
|
# HTTPS Everywhere
|
|
|
|
, git
|
|
|
|
, libxml2 # xmllint
|
|
|
|
, python27
|
|
|
|
, python27Packages
|
|
|
|
, rsync
|
2017-09-26 19:26:13 +01:00
|
|
|
|
|
|
|
# Customization
|
|
|
|
, extraPrefs ? ""
|
2017-09-26 03:58:12 +01:00
|
|
|
}:
|
|
|
|
|
|
|
|
let
|
|
|
|
tor-browser-build_src = fetchgit {
|
|
|
|
url = "https://git.torproject.org/builders/tor-browser-build.git";
|
|
|
|
rev = "refs/tags/tbb-7.5a5-build5";
|
|
|
|
sha256 = "0j37mqldj33fnzghxifvy6v8vdwkcz0i4z81prww64md5s8qcsa9";
|
|
|
|
};
|
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
# Each extension drv produces an output comprising an unpacked .xpi
|
|
|
|
# named after the extension uuid, as it would appear under
|
|
|
|
# `firefox/extensions'.
|
2017-09-26 03:58:12 +01:00
|
|
|
firefoxExtensions = {
|
|
|
|
https-everywhere = stdenv.mkDerivation rec {
|
|
|
|
name = "https-everywhere-${version}";
|
|
|
|
version = "5.2.21";
|
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
extid = "https-everywhere-eff@eff.org";
|
|
|
|
|
2017-09-26 03:58:12 +01:00
|
|
|
src = fetchgit {
|
|
|
|
url = "https://git.torproject.org/https-everywhere.git";
|
|
|
|
rev = "refs/tags/${version}";
|
|
|
|
sha256 = "0z9madihh4b4z4blvfmh6w1hsv8afyi0x7b243nciq9r4w55xgfa";
|
|
|
|
};
|
|
|
|
|
|
|
|
nativeBuildInputs = [
|
|
|
|
git
|
|
|
|
libxml2 # xmllint
|
|
|
|
python27
|
|
|
|
python27Packages.lxml
|
|
|
|
rsync
|
2017-09-26 19:28:12 +01:00
|
|
|
unzip
|
2017-09-26 03:58:12 +01:00
|
|
|
zip
|
|
|
|
];
|
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
unpackPhase = ''
|
2017-09-26 03:58:12 +01:00
|
|
|
cp -dR --no-preserve=mode "$src" src
|
|
|
|
cd src
|
2017-09-26 19:28:12 +01:00
|
|
|
'';
|
2017-09-26 03:58:12 +01:00
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
# Beware: the build expects translations/ to be non-empty (which it
|
|
|
|
# will be with submodules initialized).
|
|
|
|
buildPhase = ''
|
2017-09-26 03:58:12 +01:00
|
|
|
$shell ./makexpi.sh ${version} --no-recurse
|
2017-09-26 19:28:12 +01:00
|
|
|
'';
|
|
|
|
|
|
|
|
installPhase = ''
|
|
|
|
mkdir $out
|
|
|
|
unzip -d "$out/$extid" "pkg/https-everywhere-$version-eff.xpi"
|
2017-09-26 03:58:12 +01:00
|
|
|
'';
|
|
|
|
|
|
|
|
meta = {
|
|
|
|
homepage = https://gitweb.torproject.org/https-everywhere.git/;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
noscript = stdenv.mkDerivation rec {
|
|
|
|
name = "noscript-${version}";
|
|
|
|
version = "5.0.10";
|
|
|
|
|
|
|
|
extid = "{73a6fe31-595d-460b-a920-fcc0f8843232}";
|
|
|
|
|
|
|
|
src = fetchurl {
|
|
|
|
url = "https://secure.informaction.com/download/releases/noscript-${version}.xpi";
|
|
|
|
sha256 = "18k5karbaj5mhd9cyjbqgik6044bw88rjalkh6anjanxbn503j6g";
|
|
|
|
};
|
|
|
|
|
|
|
|
nativeBuildInputs = [ unzip ];
|
|
|
|
|
|
|
|
unpackPhase = ":";
|
|
|
|
|
|
|
|
installPhase = ''
|
|
|
|
mkdir $out
|
|
|
|
unzip -d "$out/$extid" "$src"
|
|
|
|
'';
|
2017-09-26 03:58:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
torbutton = stdenv.mkDerivation rec {
|
|
|
|
name = "torbutton-${version}";
|
|
|
|
version = "1.9.8.1";
|
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
extid = "torbutton@torproject.org";
|
|
|
|
|
2017-09-26 03:58:12 +01:00
|
|
|
src = fetchgit {
|
|
|
|
url = "https://git.torproject.org/torbutton.git";
|
|
|
|
rev = "refs/tags/${version}";
|
|
|
|
sha256 = "1amp0c9ky0a7fsa0bcbi6n6ginw7s2g3an4rj7kvc1lxmrcsm65l";
|
|
|
|
};
|
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
nativeBuildInputs = [ unzip zip ];
|
2017-09-26 03:58:12 +01:00
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
unpackPhase = ''
|
2017-09-26 03:58:12 +01:00
|
|
|
cp -dR --no-preserve=mode "$src" src
|
|
|
|
cd src
|
2017-09-26 19:28:12 +01:00
|
|
|
'';
|
2017-09-26 03:58:12 +01:00
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
buildPhase = ''
|
2017-09-26 03:58:12 +01:00
|
|
|
$shell ./makexpi.sh
|
|
|
|
'';
|
2017-09-26 19:28:12 +01:00
|
|
|
|
|
|
|
installPhase = ''
|
|
|
|
mkdir $out
|
|
|
|
unzip -d "$out/$extid" "pkg/torbutton-$version.xpi"
|
|
|
|
'';
|
|
|
|
|
|
|
|
meta = {
|
|
|
|
homepage = https://gitweb.torproject.org/torbutton.git/;
|
|
|
|
};
|
2017-09-26 03:58:12 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
tor-launcher = stdenv.mkDerivation rec {
|
|
|
|
name = "tor-launcher-${version}";
|
|
|
|
version = "0.2.12.3";
|
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
extid = "tor-launcher@torproject.org";
|
|
|
|
|
2017-09-26 03:58:12 +01:00
|
|
|
src = fetchgit {
|
|
|
|
url = "https://git.torproject.org/tor-launcher.git";
|
|
|
|
rev = "refs/tags/${version}";
|
|
|
|
sha256 = "0126x48pjiy2zm4l8jzhk70w24hviaz560ffp4lb9x0ar615bc9q";
|
|
|
|
};
|
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
nativeBuildInputs = [ unzip zip ];
|
2017-09-26 03:58:12 +01:00
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
unpackPhase = ''
|
2017-09-26 03:58:12 +01:00
|
|
|
cp -dR --no-preserve=mode "$src" src
|
|
|
|
cd src
|
2017-09-26 19:28:12 +01:00
|
|
|
'';
|
2017-09-26 03:58:12 +01:00
|
|
|
|
2017-09-26 19:28:12 +01:00
|
|
|
buildPhase = ''
|
2017-09-26 03:58:12 +01:00
|
|
|
make package
|
|
|
|
'';
|
2017-09-26 19:28:12 +01:00
|
|
|
|
|
|
|
installPhase = ''
|
|
|
|
mkdir $out
|
|
|
|
unzip -d "$out/$extid" "pkg/tor-launcher-$version.xpi"
|
|
|
|
'';
|
|
|
|
|
|
|
|
meta = {
|
|
|
|
homepage = https://gitweb.torproject.org/tor-launcher.git/;
|
|
|
|
};
|
2017-09-26 03:58:12 +01:00
|
|
|
};
|
|
|
|
};
|
2017-09-26 19:28:12 +01:00
|
|
|
|
|
|
|
extensionsEnv = symlinkJoin {
|
|
|
|
name = "tor-browser-extensions";
|
|
|
|
paths = with firefoxExtensions; [ https-everywhere noscript torbutton tor-launcher ];
|
|
|
|
};
|
2017-09-26 03:58:12 +01:00
|
|
|
in
|
|
|
|
stdenv.mkDerivation rec {
|
|
|
|
name = "tor-browser-bundle-${version}";
|
|
|
|
version = tor-browser-unwrapped.version;
|
|
|
|
|
|
|
|
buildInputs = [ tor-browser-unwrapped tor ];
|
|
|
|
|
|
|
|
unpackPhase = ":";
|
|
|
|
|
|
|
|
buildPhase = ":";
|
|
|
|
|
|
|
|
installPhase = ''
|
|
|
|
TBBUILD=${tor-browser-build_src}/projects/tor-browser
|
2017-09-26 19:31:27 +01:00
|
|
|
TBDATA_PATH=TorBrowser-Data
|
2017-09-26 03:58:12 +01:00
|
|
|
|
|
|
|
self=$out/lib/tor-browser
|
|
|
|
mkdir -p $self && cd $self
|
|
|
|
|
2017-09-26 19:31:27 +01:00
|
|
|
TBDATA_IN_STORE=$self/$TBDATA_PATH
|
|
|
|
|
2017-09-26 03:58:12 +01:00
|
|
|
cp -dR ${tor-browser-unwrapped}/lib"/"*"/"* .
|
|
|
|
chmod -R +w .
|
|
|
|
|
|
|
|
# Prepare for autoconfig
|
|
|
|
cat >defaults/pref/autoconfig.js <<EOF
|
|
|
|
pref("general.config.filename", "mozilla.cfg");
|
|
|
|
pref("general.config.obscure_value", 0);
|
|
|
|
EOF
|
|
|
|
|
|
|
|
# Hardcoded configuration
|
|
|
|
cat >mozilla.cfg <<EOF
|
|
|
|
// First line must be a comment
|
|
|
|
|
|
|
|
// Always update via Nixpkgs
|
|
|
|
lockPref("app.update.auto", false);
|
|
|
|
lockPref("app.update.enabled", false);
|
|
|
|
lockPref("extensions.update.autoUpdateDefault", false);
|
|
|
|
lockPref("extensions.update.enabled", false);
|
|
|
|
lockPref("extensions.torbutton.versioncheck_enabled", false);
|
|
|
|
|
|
|
|
// Where to find the Nixpkgs tor executable & config
|
|
|
|
lockPref("extensions.torlauncher.tor_path", "${tor}/bin/tor");
|
2017-09-26 19:31:27 +01:00
|
|
|
lockPref("extensions.torlauncher.torrc-defaults_path", "$TBDATA_IN_STORE/torrc-defaults");
|
2017-09-26 03:58:12 +01:00
|
|
|
|
|
|
|
// Captures store paths
|
|
|
|
clearPref("extensions.xpiState");
|
|
|
|
|
|
|
|
// Insist on using IPC for communicating with Tor
|
|
|
|
//
|
|
|
|
// Defaults to $XDG_RUNTIME_DIR/Tor/{socks,control}.socket
|
|
|
|
lockPref("extensions.torlauncher.control_port_use_ipc", true);
|
|
|
|
lockPref("extensions.torlauncher.socks_port_use_ipc", true);
|
2017-09-26 19:26:13 +01:00
|
|
|
|
|
|
|
// User customization
|
|
|
|
${extraPrefs}
|
2017-09-26 03:58:12 +01:00
|
|
|
EOF
|
|
|
|
|
|
|
|
# Preload extensions
|
2017-09-26 19:28:12 +01:00
|
|
|
# XXX: the fact that ln -s env browser/extensions fails, symlinkJoin seems a little redundant ...
|
|
|
|
ln -s -t browser/extensions ${extensionsEnv}"/"*
|
2017-09-26 03:58:12 +01:00
|
|
|
|
|
|
|
# Copy bundle data
|
2017-09-26 19:31:27 +01:00
|
|
|
bundlePlatform=linux
|
|
|
|
bundleData=$TBBUILD/Bundle-Data
|
2017-09-26 03:58:12 +01:00
|
|
|
|
2017-09-26 19:31:27 +01:00
|
|
|
mkdir -p $TBDATA_PATH
|
|
|
|
cat \
|
|
|
|
$bundleData/$bundlePlatform/Data/Tor/torrc-defaults \
|
|
|
|
>> $TBDATA_PATH/torrc-defaults
|
2017-09-26 03:58:12 +01:00
|
|
|
cat \
|
2017-09-26 19:31:27 +01:00
|
|
|
$bundleData/$bundlePlatform/Data/Browser/profile.default/preferences/extension-overrides.js \
|
2017-09-26 03:58:12 +01:00
|
|
|
>> defaults/pref/extension-overrides.js
|
|
|
|
|
|
|
|
# Generate a suitable wrapper
|
|
|
|
mkdir -p $out/bin
|
|
|
|
cat >$out/bin/tor-browser <<EOF
|
|
|
|
#! ${stdenv.shell} -e
|
|
|
|
|
|
|
|
THE_HOME=\$HOME
|
|
|
|
TBB_HOME=\''${TBB_HOME:-\''${XDG_DATA_HOME:-$HOME/.local/share}/tor-browser}
|
|
|
|
mkdir -p "\$TBB_HOME"
|
|
|
|
|
|
|
|
HOME=\$TBB_HOME
|
|
|
|
cd "\$HOME"
|
|
|
|
|
|
|
|
exec $self/firefox -no-remote about:tor
|
|
|
|
EOF
|
|
|
|
chmod +x $out/bin/tor-browser
|
|
|
|
'';
|
|
|
|
|
|
|
|
meta = with stdenv.lib; {
|
|
|
|
description = "An unofficial version of the tor browser bundle, built from source";
|
|
|
|
homepage = https://torproject.org/;
|
|
|
|
license = licenses.unfreeRedistributable; # TODO: check this
|
|
|
|
platforms = [ "x86_64-linux" ];
|
|
|
|
hydraPlatforms = [ ];
|
|
|
|
maintainers = with maintainers; [ joachifm ];
|
|
|
|
};
|
|
|
|
}
|