166 lines
4.8 KiB
Nix
166 lines
4.8 KiB
Nix
|
# NOTE TO FUTURE SELF: Nixpkgs Flatpak is currently only at 10.2, which doesn't
|
|||
|
|
# allow nested containers...no Steam.
|
|||
|
|
|
|||
|
|
{ lib, stdenv, fetchurl, fetchpatch, autoreconfHook, docbook_xml_dtd_45
|
|||
|
|
, docbook-xsl-nons, which, libxml2, gobject-introspection, gtk-doc, intltool
|
|||
|
|
, libxslt, pkg-config, xmlto, appstream-glib, substituteAll, bison
|
|||
|
|
, xdg-dbus-proxy, p11-kit, bubblewrap, bzip2, dbus, glib, gpgme, json-glib
|
|||
|
|
, libarchive, libcap, libseccomp, coreutils, socat, gettext, hicolor-icon-theme
|
|||
|
|
, shared-mime-info, desktop-file-utils, gtk3, fuse, nixosTests, libsoup, xz
|
|||
|
|
, zstd, ostree, polkit, python3, systemd, xorg, valgrind, glib-networking
|
|||
|
|
, wrapGAppsNoGuiHook, dconf, gsettings-desktop-schemas, librsvg }:
|
|||
|
|
|
|||
|
|
stdenv.mkDerivation rec {
|
|||
|
|
pname = "flatpak";
|
|||
|
|
version = "1.11.3";
|
|||
|
|
|
|||
|
|
# TODO: split out lib once we figure out what to do with triggerdir
|
|||
|
|
outputs = [ "out" "dev" "man" "doc" "devdoc" "installedTests" ];
|
|||
|
|
|
|||
|
|
src = fetchurl {
|
|||
|
|
url =
|
|||
|
|
"https://github.com/flatpak/flatpak/releases/download/${version}/${pname}-${version}.tar.xz";
|
|||
|
|
sha256 = "0v3bs4l0ijab037nabmb3f2xmwqd9pb9qr51272sxb227gcym10j";
|
|||
|
|
};
|
|||
|
|
|
|||
|
|
patches = [
|
|||
|
|
# Hardcode paths used by tests and change test runtime generation to use files from Nix store.
|
|||
|
|
# https://github.com/flatpak/flatpak/issues/1460
|
|||
|
|
(substituteAll {
|
|||
|
|
src = ./fix-test-paths.patch;
|
|||
|
|
inherit coreutils gettext socat gtk3;
|
|||
|
|
smi = shared-mime-info;
|
|||
|
|
dfu = desktop-file-utils;
|
|||
|
|
hicolorIconTheme = hicolor-icon-theme;
|
|||
|
|
})
|
|||
|
|
|
|||
|
|
# Hardcode paths used by Flatpak itself.
|
|||
|
|
(substituteAll {
|
|||
|
|
src = ./fix-paths.patch;
|
|||
|
|
p11kit = "${p11-kit.dev}/bin/p11-kit";
|
|||
|
|
})
|
|||
|
|
|
|||
|
|
# Adapt paths exposed to sandbox for NixOS.
|
|||
|
|
(substituteAll {
|
|||
|
|
src = ./bubblewrap-paths.patch;
|
|||
|
|
inherit (builtins) storeDir;
|
|||
|
|
})
|
|||
|
|
|
|||
|
|
# Allow gtk-doc to find schemas using XML_CATALOG_FILES environment variable.
|
|||
|
|
# Patch taken from gtk-doc expression.
|
|||
|
|
./respect-xml-catalog-files-var.patch
|
|||
|
|
|
|||
|
|
# Don’t hardcode flatpak binary path in launchers stored under user’s profile otherwise they will break after Flatpak update.
|
|||
|
|
# https://github.com/NixOS/nixpkgs/issues/43581
|
|||
|
|
./use-flatpak-from-path.patch
|
|||
|
|
|
|||
|
|
# Hardcode flatpak binary path for flatpak-spawn.
|
|||
|
|
# When calling the portal’s Spawn command with FLATPAK_SPAWN_FLAGS_CLEAR_ENV flag,
|
|||
|
|
# it will clear environment, including PATH, making the flatpak run fail.
|
|||
|
|
# https://github.com/flatpak/flatpak/pull/4174
|
|||
|
|
# (fetchpatch {
|
|||
|
|
# url =
|
|||
|
|
# "https://github.com/flatpak/flatpak/commit/495449daf6d3c072519a36c9e4bc6cc1da4d31db.patch";
|
|||
|
|
# sha256 = "gOX/sGupAE7Yg3MVrMhFXzWHpFn+izVyjtkuPzIckuY=";
|
|||
|
|
# })
|
|||
|
|
|
|||
|
|
# Nix environment hacks should not leak into the apps.
|
|||
|
|
# https://github.com/NixOS/nixpkgs/issues/53441
|
|||
|
|
./unset-env-vars.patch
|
|||
|
|
|
|||
|
|
# But we want the GDK_PIXBUF_MODULE_FILE from the wrapper affect the icon validator.
|
|||
|
|
./validate-icon-pixbuf.patch
|
|||
|
|
];
|
|||
|
|
|
|||
|
|
nativeBuildInputs = [
|
|||
|
|
autoreconfHook
|
|||
|
|
libxml2
|
|||
|
|
docbook_xml_dtd_45
|
|||
|
|
docbook-xsl-nons
|
|||
|
|
which
|
|||
|
|
gobject-introspection
|
|||
|
|
gtk-doc
|
|||
|
|
intltool
|
|||
|
|
libxslt
|
|||
|
|
pkg-config
|
|||
|
|
xmlto
|
|||
|
|
appstream-glib
|
|||
|
|
bison
|
|||
|
|
wrapGAppsNoGuiHook
|
|||
|
|
];
|
|||
|
|
|
|||
|
|
buildInputs = [
|
|||
|
|
bubblewrap
|
|||
|
|
bzip2
|
|||
|
|
dbus
|
|||
|
|
dconf
|
|||
|
|
gpgme
|
|||
|
|
json-glib
|
|||
|
|
libarchive
|
|||
|
|
libcap
|
|||
|
|
libseccomp
|
|||
|
|
libsoup
|
|||
|
|
xz
|
|||
|
|
zstd
|
|||
|
|
polkit
|
|||
|
|
python3
|
|||
|
|
systemd
|
|||
|
|
xorg.libXau
|
|||
|
|
fuse
|
|||
|
|
gsettings-desktop-schemas
|
|||
|
|
glib-networking
|
|||
|
|
librsvg # for flatpak-validate-icon
|
|||
|
|
];
|
|||
|
|
|
|||
|
|
# Required by flatpak.pc
|
|||
|
|
propagatedBuildInputs = [ glib ostree ];
|
|||
|
|
|
|||
|
|
checkInputs = [ valgrind ];
|
|||
|
|
|
|||
|
|
# TODO: some issues with temporary files
|
|||
|
|
doCheck = false;
|
|||
|
|
|
|||
|
|
NIX_LDFLAGS = "-lpthread";
|
|||
|
|
|
|||
|
|
enableParallelBuilding = true;
|
|||
|
|
|
|||
|
|
configureFlags = [
|
|||
|
|
"--with-system-bubblewrap=${bubblewrap}/bin/bwrap"
|
|||
|
|
"--with-system-dbus-proxy=${xdg-dbus-proxy}/bin/xdg-dbus-proxy"
|
|||
|
|
"--with-dbus-config-dir=${placeholder "out"}/share/dbus-1/system.d"
|
|||
|
|
"--localstatedir=/var"
|
|||
|
|
"--enable-gtk-doc"
|
|||
|
|
"--enable-installed-tests"
|
|||
|
|
];
|
|||
|
|
|
|||
|
|
makeFlags = [
|
|||
|
|
"installed_testdir=${
|
|||
|
|
placeholder "installedTests"
|
|||
|
|
}/libexec/installed-tests/flatpak"
|
|||
|
|
"installed_test_metadir=${
|
|||
|
|
placeholder "installedTests"
|
|||
|
|
}/share/installed-tests/flatpak"
|
|||
|
|
];
|
|||
|
|
|
|||
|
|
postPatch = let vsc-py = python3.withPackages (pp: [ pp.pyparsing ]);
|
|||
|
|
in ''
|
|||
|
|
patchShebangs buildutil
|
|||
|
|
patchShebangs tests
|
|||
|
|
PATH=${
|
|||
|
|
lib.makeBinPath [ vsc-py ]
|
|||
|
|
}:$PATH patchShebangs --build subprojects/variant-schema-compiler/variant-schema-compiler
|
|||
|
|
'';
|
|||
|
|
|
|||
|
|
passthru = {
|
|||
|
|
tests = { installedTests = nixosTests.installed-tests.flatpak; };
|
|||
|
|
};
|
|||
|
|
|
|||
|
|
meta = with lib; {
|
|||
|
|
description = "Linux application sandboxing and distribution framework";
|
|||
|
|
homepage = "https://flatpak.org/";
|
|||
|
|
license = licenses.lgpl21Plus;
|
|||
|
|
maintainers = with maintainers; [ jtojnar ];
|
|||
|
|
platforms = platforms.linux;
|
|||
|
|
};
|
|||
|
|
}
|