tjh.dev
nixpkgs mirror (for testing)
github.com/NixOS/nixpkgs
nix
1{
2 lib,
3 stdenv,
4
5 buildGoModule,
6 fetchFromGitHub,
7 fetchurl,
8 makeDesktopItem,
9
10 protobuf,
11 protoc-gen-go,
12 protorpc,
13
14 cmake,
15 copyDesktopItems,
16 ninja,
17
18 qt6Packages,
19
20 # override if you want to have more up-to-date rulesets
21 throne-srslist ? fetchurl {
22 url = "https://raw.githubusercontent.com/throneproj/routeprofiles/0fca735ff2759422c407ac04fac819aef2fc88f9/srslist.h";
23 hash = "sha256-G2WUStxFtN0fbZm/KoD9ldUvkMWf9cDA+9fvYt8dcqo=";
24 },
25}:
26
27stdenv.mkDerivation (finalAttrs: {
28 pname = "throne";
29 version = "1.0.13";
30
31 src = fetchFromGitHub {
32 owner = "throneproj";
33 repo = "Throne";
34 # the release CI job was triggered on the xhttp branch (https://github.com/throneproj/Throne/actions/runs/20588046213),
35 # but the 1.0.13 tag was wrongly created on the dev branch
36 # we'll use the revision that was used for the job as well
37 rev = "3b737ec8cf29e03e4b7d5a09b1f502bdb8ef52e2";
38 hash = "sha256-OVgmhiKL4BaFYBeUqIX3LRNa54zq5oYyNMUYwKNvo1A=";
39 };
40
41 strictDeps = true;
42
43 nativeBuildInputs = [
44 cmake
45 copyDesktopItems
46 ninja
47 qt6Packages.wrapQtAppsHook
48 ];
49
50 buildInputs = [
51 qt6Packages.qtbase
52 qt6Packages.qttools
53 ];
54
55 env.INPUT_VERSION = finalAttrs.version;
56
57 cmakeFlags = [
58 # makes sure the app uses the user's config directory to store it's non-static content
59 # it's essentially the same as always setting the -appdata flag when running the program
60 (lib.cmakeBool "NKR_PACKAGE" true)
61 ];
62
63 patches = [
64 # disable suid request as it cannot be applied to throne-core in nix store
65 # and prompt users to use NixOS module instead. And use throne-core from PATH
66 # to make use of security wrappers
67 ./nixos-disable-setuid-request.patch
68 ];
69
70 preBuild = ''
71 ln -s ${throne-srslist} ./srslist.h
72 '';
73
74 installPhase = ''
75 runHook preInstall
76
77 install -Dm755 Throne -t "$out/share/throne/"
78 install -Dm644 "$src/res/public/Throne.png" -t "$out/share/icons/hicolor/512x512/apps/"
79
80 mkdir -p "$out/bin"
81 ln -s "$out/share/throne/Throne" "$out/bin/"
82
83 ln -s ${finalAttrs.passthru.core}/bin/Core "$out/share/throne/Core"
84
85 runHook postInstall
86 '';
87
88 desktopItems = [
89 (makeDesktopItem {
90 name = "throne";
91 desktopName = "Throne";
92 exec = "Throne";
93 icon = "Throne";
94 comment = finalAttrs.meta.description;
95 terminal = false;
96 categories = [ "Network" ];
97 })
98 ];
99
100 passthru.core = buildGoModule {
101 pname = "throne-core";
102 inherit (finalAttrs) version src;
103 sourceRoot = "${finalAttrs.src.name}/core/server";
104
105 patches = [
106 # also check cap_net_admin so we don't have to set suid
107 ./core-also-check-capabilities.patch
108 ];
109
110 proxyVendor = true;
111 vendorHash = "sha256-cPo/2bUXEF9jomr0Pnty7ZutAaC0TFG397FSIqefrjw=";
112
113 nativeBuildInputs = [
114 protobuf
115 protoc-gen-go
116 protorpc
117 ];
118
119 # taken from script/build_go.sh
120 preBuild = ''
121 pushd gen
122 protoc -I . --go_out=. --protorpc_out=. libcore.proto
123 popd
124
125 VERSION_SINGBOX=$(go list -m -f '{{.Version}}' github.com/sagernet/sing-box)
126 ldflags+=("-X 'github.com/sagernet/sing-box/constant.Version=$VERSION_SINGBOX'")
127 '';
128
129 # ldflags and tags are taken from script/build_go.sh
130 ldflags = [
131 "-w"
132 "-s"
133 ];
134
135 tags = [
136 "with_clash_api"
137 "with_gvisor"
138 "with_quic"
139 "with_wireguard"
140 "with_utls"
141 "with_dhcp"
142 "with_tailscale"
143 ];
144 };
145
146 # this tricks nix-update into also updating the vendorHash of throne-core
147 passthru.goModules = finalAttrs.passthru.core.goModules;
148
149 meta = {
150 description = "Qt based cross-platform GUI proxy configuration manager";
151 homepage = "https://github.com/throneproj/Throne";
152 license = lib.licenses.gpl3Plus;
153 mainProgram = "Throne";
154 maintainers = with lib.maintainers; [
155 tomasajt
156 aleksana
157 ];
158 platforms = lib.platforms.linux;
159 };
160})