tjh.dev / nixpkgs
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / pkgs / by-name / _1 / _1password-gui / linux.nix
at python-updates 154 lines 3.8 kB view raw
1{ 2 lib, 3 stdenv, 4 pname, 5 version, 6 src, 7 meta, 8 makeShellWrapper, 9 wrapGAppsHook3, 10 alsa-lib, 11 at-spi2-atk, 12 at-spi2-core, 13 atk, 14 cairo, 15 cups, 16 dbus, 17 expat, 18 gdk-pixbuf, 19 glib, 20 gtk3, 21 libX11, 22 libXcomposite, 23 libXdamage, 24 libXext, 25 libXfixes, 26 libXrandr, 27 libdrm, 28 libxcb, 29 libxkbcommon, 30 libxshmfence, 31 libGL, 32 libappindicator-gtk3, 33 libgbm, 34 nspr, 35 nss, 36 pango, 37 systemd, 38 udev, 39 xdg-utils, 40 41 # The 1Password polkit file requires a list of users for whom polkit 42 # integrations should be enabled. This should be a list of strings that 43 # correspond to usernames. 44 polkitPolicyOwners ? [ ], 45}: 46let 47 # Convert the polkitPolicyOwners variable to a polkit-compatible string for the polkit file. 48 policyOwners = lib.concatStringsSep " " (map (user: "unix-user:${user}") polkitPolicyOwners); 49 50in 51stdenv.mkDerivation { 52 inherit 53 pname 54 version 55 src 56 meta 57 ; 58 59 nativeBuildInputs = [ 60 makeShellWrapper 61 wrapGAppsHook3 62 ]; 63 buildInputs = [ glib ]; 64 65 dontConfigure = true; 66 dontBuild = true; 67 dontPatchELF = true; 68 dontWrapGApps = true; 69 70 installPhase = 71 let 72 rpath = 73 lib.makeLibraryPath [ 74 alsa-lib 75 at-spi2-atk 76 at-spi2-core 77 atk 78 cairo 79 cups 80 dbus 81 expat 82 gdk-pixbuf 83 glib 84 gtk3 85 libX11 86 libXcomposite 87 libXdamage 88 libXext 89 libXfixes 90 libXrandr 91 libdrm 92 libxcb 93 libxkbcommon 94 libxshmfence 95 libGL 96 libappindicator-gtk3 97 libgbm 98 nspr 99 nss 100 pango 101 systemd 102 ] 103 + ":${lib.getLib stdenv.cc.cc}/lib64"; 104 in 105 '' 106 runHook preInstall 107 108 mkdir -p $out/bin $out/share/1password 109 cp -a * $out/share/1password 110 111 # Desktop file 112 install -Dt $out/share/applications resources/1password.desktop 113 substituteInPlace $out/share/applications/1password.desktop \ 114 --replace-fail 'Exec=/opt/1Password/1password' 'Exec=1password' 115 116 '' 117 + (lib.optionalString (polkitPolicyOwners != [ ]) '' 118 # Polkit file 119 mkdir -p $out/share/polkit-1/actions 120 substitute com.1password.1Password.policy.tpl $out/share/polkit-1/actions/com.1password.1Password.policy --replace-fail "\''${POLICY_OWNERS}" "${policyOwners}" 121 '') 122 + '' 123 124 # Icons 125 cp -a resources/icons $out/share 126 127 interp="$(cat $NIX_CC/nix-support/dynamic-linker)" 128 patchelf --set-interpreter $interp $out/share/1password/{1password,1Password-BrowserSupport,1Password-LastPass-Exporter,op-ssh-sign} 129 patchelf --set-rpath ${rpath}:$out/share/1password $out/share/1password/{1password,1Password-BrowserSupport,1Password-LastPass-Exporter,op-ssh-sign} 130 for file in $(find $out -type f -name \*.so\* ); do 131 patchelf --set-rpath ${rpath}:$out/share/1password $file 132 done 133 134 ln -s $out/share/1password/op-ssh-sign $out/bin/op-ssh-sign 135 136 runHook postInstall 137 ''; 138 139 preFixup = '' 140 # makeWrapper defaults to makeBinaryWrapper due to wrapGAppsHook 141 # but we need a shell wrapper specifically for `NIXOS_OZONE_WL`. 142 # Electron is trying to open udev via dlopen() 143 # and for some reason that doesn't seem to be impacted from the rpath. 144 # Adding udev to LD_LIBRARY_PATH fixes that. 145 # Make xdg-open overrideable at runtime. 146 makeShellWrapper $out/share/1password/1password $out/bin/1password \ 147 "''${gappsWrapperArgs[@]}" \ 148 --suffix PATH : ${lib.makeBinPath [ xdg-utils ]} \ 149 --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ udev ]} \ 150 --add-flags "\''${NIXOS_OZONE_WL:+--ozone-platform-hint=auto}" 151 ''; 152 153 passthru.updateScript = ./update.sh; 154}