gnu: torbrowser: Stop inheriting Icecat.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add packages/tor-browsers.scm. * gnu/packages/gnupg.scm: Remove fix for dependency loop (fixed because we use a new file). * gnu/packages/tor-browsers.scm (mozilla-locale, mozilla-locales, %torbrowser-locales, %moz-build-date, %torbrowser-version, %torbrowser-firefox-version, translation-base-browser, translation-tor-browser, torbrowser-assets, torbrowser): New variables. (make-torbrowser): New procedure, which is a merge of ‘make-torbrowser’ (from tor.scm) with ‘icecat-minimal’ (from gnuzilla.scm). * gnu/packages/tor.scm (%moz-build-date, %torbrowser-version, %torbrowser-firefox-version, %torbrowser-locales, translation-base-browser, translation-tor-browser, torbrowser-assets, torbrowser): Remove variables. Change-Id: I5fcf73e53fe4481a18e13cdeb3515c3dc4430090
This commit is contained in:
parent
c692808a5e
commit
8f9bc4e952
@ -13,7 +13,7 @@
|
||||
# Copyright © 2016-2023 Efraim Flashner <efraim@flashner.co.il>
|
||||
# Copyright © 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
|
||||
# Copyright © 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
|
||||
# Copyright © 2017, 2018, 2023 Clément Lassieur <clement@lassieur.org>
|
||||
# Copyright © 2017, 2018, 2023, 2024 Clément Lassieur <clement@lassieur.org>
|
||||
# Copyright © 2017, 2020 Mathieu Othacehe <m.othacehe@gmail.com>
|
||||
# Copyright © 2017, 2018, 2019 Gábor Boskovits <boskovits@gmail.com>
|
||||
# Copyright © 2018 Amirouche Boubekki <amirouche@hypermove.net>
|
||||
@ -633,6 +633,7 @@ GNU_SYSTEM_MODULES = \
|
||||
%D%/packages/tls.scm \
|
||||
%D%/packages/tmux.scm \
|
||||
%D%/packages/toolkits.scm \
|
||||
%D%/packages/tor-browsers.scm \
|
||||
%D%/packages/tor.scm \
|
||||
%D%/packages/tree-sitter.scm \
|
||||
%D%/packages/tv.scm \
|
||||
|
@ -71,6 +71,7 @@
|
||||
#:use-module (gnu packages swig)
|
||||
#:use-module (gnu packages texinfo)
|
||||
#:use-module (gnu packages tls)
|
||||
#:use-module (gnu packages tor)
|
||||
#:use-module (gnu packages web)
|
||||
#:use-module (gnu packages xorg)
|
||||
#:use-module (gnu packages xdisorg)
|
||||
@ -1129,7 +1130,7 @@ files, to verify signatures, and to manage the private and public keys.")
|
||||
perl-try-tiny
|
||||
perl-type-tiny
|
||||
perl-types-path-tiny
|
||||
(@ (gnu packages tor) torsocks))) ;avoid dependency loop
|
||||
torsocks))
|
||||
(native-inputs
|
||||
(list perl-file-which
|
||||
perl-gnupg-interface
|
||||
|
840
gnu/packages/tor-browsers.scm
Normal file
840
gnu/packages/tor-browsers.scm
Normal file
@ -0,0 +1,840 @@
|
||||
;;; GNU Guix --- Functional package management for GNU
|
||||
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
|
||||
;;; Copyright © 2013-2022 Ludovic Courtès <ludo@gnu.org>
|
||||
;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 Mark H Weaver <mhw@netris.org>
|
||||
;;; Copyright © 2015 Sou Bunnbu <iyzsong@gmail.com>
|
||||
;;; Copyright © 2016, 2017, 2018, 2019, 2021 Efraim Flashner <efraim@flashner.co.il>
|
||||
;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
|
||||
;;; Copyright © 2017, 2023, 2024 Clément Lassieur <clement@lassieur.org>
|
||||
;;; Copyright © 2017, 2018 Nikita <nikita@n0.is>
|
||||
;;; Copyright © 2017, 2018, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
|
||||
;;; Copyright © 2018, 2020 Ricardo Wurmus <rekado@elephly.net>
|
||||
;;; Copyright © 2019 Ivan Petkov <ivanppetkov@gmail.com>
|
||||
;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
|
||||
;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
|
||||
;;; Copyright © 2019, 2020 Adrian Malacoda <malacoda@monarch-pass.net>
|
||||
;;; Copyright © 2020-2023 Jonathan Brielmaier <jonathan.brielmaier@web.de>
|
||||
;;; Copyright © 2020, 2022 Marius Bakke <marius@gnu.org>
|
||||
;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
|
||||
;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
|
||||
;;; Copyright © 2021, 2022, 2023 Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
||||
;;; Copyright © 2021 Baptiste Strazzul <bstrazzull@hotmail.fr>
|
||||
;;; Copyright © 2022 SeerLite <seerlite@disroot.org>
|
||||
;;; Copyright © 2024 Aleksandr Vityazev <avityazew@gmail.com>
|
||||
;;; Copyright © 2020, 2021 André Batista <nandre@riseup.net>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
;;; GNU Guix is free software; you can redistribute it and/or modify it
|
||||
;;; under the terms of the GNU General Public License as published by
|
||||
;;; the Free Software Foundation; either version 3 of the License, or (at
|
||||
;;; your option) any later version.
|
||||
;;;
|
||||
;;; GNU Guix is distributed in the hope that it will be useful, but
|
||||
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
;;; GNU General Public License for more details.
|
||||
;;;
|
||||
;;; You should have received a copy of the GNU General Public License
|
||||
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
(define-module (gnu packages tor-browsers)
|
||||
#:use-module ((guix licenses) #:prefix license:)
|
||||
#:use-module (gnu packages assembly)
|
||||
#:use-module (gnu packages base)
|
||||
#:use-module (gnu packages browser-extensions)
|
||||
#:use-module (gnu packages compression)
|
||||
#:use-module (gnu packages cups)
|
||||
#:use-module (gnu packages fontutils)
|
||||
#:use-module (gnu packages gl)
|
||||
#:use-module (gnu packages glib)
|
||||
#:use-module (gnu packages gnome)
|
||||
#:use-module (gnu packages golang)
|
||||
#:use-module (gnu packages gtk)
|
||||
#:use-module (gnu packages hunspell)
|
||||
#:use-module (gnu packages image)
|
||||
#:use-module (gnu packages kerberos)
|
||||
#:use-module (gnu packages libcanberra)
|
||||
#:use-module (gnu packages libevent)
|
||||
#:use-module (gnu packages libffi)
|
||||
#:use-module (gnu packages linux)
|
||||
#:use-module (gnu packages llvm)
|
||||
#:use-module (gnu packages m4)
|
||||
#:use-module (gnu packages node)
|
||||
#:use-module (gnu packages nss)
|
||||
#:use-module (gnu packages pciutils)
|
||||
#:use-module (gnu packages perl)
|
||||
#:use-module (gnu packages pkg-config)
|
||||
#:use-module (gnu packages pulseaudio)
|
||||
#:use-module (gnu packages python)
|
||||
#:use-module (gnu packages rust)
|
||||
#:use-module (gnu packages rust-apps)
|
||||
#:use-module (gnu packages sqlite)
|
||||
#:use-module (gnu packages tor)
|
||||
#:use-module (gnu packages video)
|
||||
#:use-module (gnu packages xdisorg)
|
||||
#:use-module (gnu packages xorg)
|
||||
#:use-module (gnu packages)
|
||||
#:use-module (guix build-system cargo)
|
||||
#:use-module (guix build-system copy)
|
||||
#:use-module (guix build-system gnu)
|
||||
#:use-module (guix build-system mozilla)
|
||||
#:use-module (guix download)
|
||||
#:use-module (guix gexp)
|
||||
#:use-module (guix git-download)
|
||||
#:use-module (guix hg-download)
|
||||
#:use-module (guix packages)
|
||||
#:use-module (ice-9 regex)
|
||||
#:use-module (guix utils))
|
||||
|
||||
(define (mozilla-locale locale changeset hash-string)
|
||||
(origin
|
||||
(method hg-fetch)
|
||||
(uri (hg-reference
|
||||
(url (string-append "https://hg.mozilla.org/l10n-central/"
|
||||
locale))
|
||||
(changeset changeset)))
|
||||
(file-name (string-append "mozilla-locale-" locale))
|
||||
(sha256 (base32 hash-string))))
|
||||
|
||||
(define-syntax-rule (mozilla-locales (hash-string changeset locale) ...)
|
||||
#~(list (cons #$locale #$(mozilla-locale locale changeset hash-string))
|
||||
...))
|
||||
|
||||
;; See tor-browser-build/rbm.conf for the list.
|
||||
;; See browser/locales/l10n-changesets.json for the changeset.
|
||||
;; See update-mozilla-locales in gnuzilla.scm to automate updating changeset.
|
||||
(define %torbrowser-locales
|
||||
(mozilla-locales
|
||||
;; sha256 changeset locale
|
||||
;;---------------------------------------------------------------------------
|
||||
("14wnjv13alaj04pd8i8ysillbr3ic2jqa867rbj5ncz8h4hxxfxc" "4c7e24ef78bd" "ar")
|
||||
("0mcc15n3p7yk4zdbr3na2fm7wq2184mbcrkk3cvppkl6p4k8654d" "24d50653ab5c" "ca")
|
||||
("0ray22hdb3nrv2yi5z98cvbmpk9kpsv96a8wzad5dr4sxy44ii0d" "0d96b6b04bfb" "cs")
|
||||
("0is7qbykv2pj0z9ll9r35vwjp0x29vmfr10yjl3s0amfaqzjqpqc" "0a0b774407cc" "da")
|
||||
("0yq7m4v7d7ayg90m66j73mflrnp709qw9n7skhpsl9h1wbhrd7q7" "633986260777" "de")
|
||||
("19g2ha32syq6rjcyl4ypmy7sc9w7xkvrpkic5lfc2yja6ll9116p" "e2f2d1541e38" "el")
|
||||
("018qi9zn24kzfcidsj9lbqfg5n97r295yr8fs953nyfdbim9jsfv" "accf5e4506c0" "es-ES")
|
||||
("11prhmh2cp95dpv6z0k479mb11zbfm541bvigs3gnkh3nazjvc8q" "37aa71d77cb6" "fa")
|
||||
("1lv9l98q88ixb0ph970yzphahgzbl97x0w069bkxa54kblkv1ch1" "dc40a4fd5d0e" "fi")
|
||||
("0wx4k7mwhvpv5w0wa4y5pca2q3jac62jv804nxqnfwh1bvi90wv0" "415c1f0e84bd" "fr")
|
||||
("17j68a6rbaphfcq38mgz6s1076fyy92fk0ldw8igql6gd85qjlaa" "d271f275cf48" "ga-IE")
|
||||
("0b7qdayljb4ryyqgalvi626lzg238gyn03m3a2f7afs9zi6px526" "46f8d7c031a6" "he")
|
||||
("14xbrzvc09fcp7qzllb65nis27hkg9pg5615y29xzwiz4g090my1" "086ac0260d6b" "hu")
|
||||
("0q5s4iz02xgmbw6nnpg6xg4pwz7n55nvxb9mj8vqdakq3faybbd5" "f03a6b3069a5" "id")
|
||||
("1lwklx3nkm56420xc3kbg892jm2b6202sjw33nvv766sm9hbvcap" "5c4b61165e1d" "is")
|
||||
("1n7l5idw9399n8ih1r1d6m8vzpzhwmnxmr9i7jvygkdc8d6adp1k" "07d5e1ff5f9b" "it")
|
||||
("1w6nw9cd92p1ndy82wwlq9xizyq3i8rq0nj7118gbxbx368mk2kj" "e6f9db9ce3e6" "ja")
|
||||
("1js99gbyc1dj33xc425wb08s1aw3bfznaacrqhw3l42yw1g1ghy4" "a15eb9feea2c" "ka")
|
||||
("116a8s0k2yvijy7qf0xpqm5w66gdzs32jhc06364sdar5v34lyhh" "805b85981696" "ko")
|
||||
("1yrjrhmmd0b810kxryja1j1md3rr2zpn1j9cbg05dgp5s8i89psk" "943a26276832" "lt")
|
||||
("08zccz7gflzpr20y0hvhmdsiz6ncags39kh83cay5ivchyib5qbi" "fbef80de5499" "mk")
|
||||
("100k4ibpwys9i4ghi5xvmgwr9api67ngav2hvb613rj6hdfd57f7" "20ec0915ec35" "ms")
|
||||
("0kk3cjlpghbi7j3ndb2s0c7g838fzd2mpzg01bp0cra8lzd0n2ac" "4ab6f0d05aa6" "my")
|
||||
("1i3r2ici95mazw07m2mrf192fc6bfa3x6j3c2pcc1zg7z9srihgh" "561b0cd86ec1" "nb-NO")
|
||||
("1c0m8jhn52h1dif5bswrdwrlzppgga01y61wlii4aaaw15imd6yd" "2a55df0cc389" "nl")
|
||||
("1gssvg306b80drp7kvc35kvcxwldb5sga0bapaxhv362irq1nya8" "a64a7dab01c4" "pl")
|
||||
("1dzh13x85a7src8szbrq5pjmrbak4isln9xdwjk7a1yq4g9h7jgs" "33bf2a9f4c49" "pt-BR")
|
||||
("0jx9y7fv44wxqapmcgr924wgb1l5cm95bgpmnhnjchp1zpmyfdl5" "a367feeadd33" "ro")
|
||||
("09x2jirf04kgc118a70z0xrb3msbm7vr4f41ig4xrwf2s5b816r3" "528b76d6aaca" "ru")
|
||||
("02y898f0ncjwka474r9lw361b0kywx1w56hj09i7im4j5jrsjnh1" "fa28d9d79cd3" "sq")
|
||||
("1cyimbd42aaq2amyhdbbx26jwsns77lsfl8g9a70bsjlpwzwzryg" "cc8e8962e59c" "sv-SE")
|
||||
("03mqrvcal7i172gf9239q9fnynfp5kg9b3r1w8gr9iz7rkr22gw5" "d361502c559e" "th")
|
||||
("12srgqkqwaidcwbz0y7zr59165f7aq5k5s3b81ql7ixdbwia91pm" "f6173aca4762" "tr")
|
||||
("1d91gfx5p6wyb455syw0b57wxl1sd4b4kcdvfk92pb050rqaqfgv" "c5ad4d4f70eb" "uk")
|
||||
("1dj8q2jw60a184f018jyldl51rfmvz1cndz3kbw0cc5l5sli7hwr" "0e75c226763d" "vi")
|
||||
("1dl2dpif4wwrlpx7zkz5qf8kk4vhxyf63016xcfpbhxizqqwc1ki" "df2d025ed631" "zh-CN")
|
||||
("1c63ngff9lsc1x3pi6lnkyxw19gdc65yc67p7alzvrka3cv292ia" "11f8d68148a4" "zh-TW")))
|
||||
|
||||
;; We copy the official build id, which can be found there:
|
||||
;; https://aus1.torproject.org/torbrowser/update_3/release/.
|
||||
(define %moz-build-date "20240115174022")
|
||||
|
||||
;; To find the last version, look at https://www.torproject.org/download/.
|
||||
(define %torbrowser-version "13.0.9")
|
||||
|
||||
;; To find the last Firefox version, browse
|
||||
;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
|
||||
;; There should be only one archive that starts with
|
||||
;; "src-firefox-tor-browser-".
|
||||
(define %torbrowser-firefox-version "115.7.0esr-13.0-1-build1")
|
||||
|
||||
;; See tor-browser-build/projects/translation/config.
|
||||
(define translation-base-browser
|
||||
(origin
|
||||
(method git-fetch)
|
||||
(uri (git-reference
|
||||
(url "https://gitlab.torproject.org/tpo/translation.git")
|
||||
(commit "cbd9b6c415ec2edb99237ef67ccd4f033a7b9c2a")))
|
||||
(file-name "translation-base-browser")
|
||||
(sha256
|
||||
(base32
|
||||
"103dj1zzc68gxzjxwcpc4sbc6qca4zg8kkhdivzpq37ma07sp9sf"))))
|
||||
|
||||
;; See tor-browser-build/projects/translation/config.
|
||||
(define translation-tor-browser
|
||||
(origin
|
||||
(method git-fetch)
|
||||
(uri (git-reference
|
||||
(url "https://gitlab.torproject.org/tpo/translation.git")
|
||||
(commit "767ab5111f065b82151275775af5ecf7a529ef48")))
|
||||
(file-name "translation-tor-browser")
|
||||
(sha256
|
||||
(base32
|
||||
"034s0ivbama497xq0904q8p6d7n2f2aa2vn2jcs9g4bvmhgwicw4"))))
|
||||
|
||||
(define torbrowser-assets
|
||||
;; This is a prebuilt Torbrowser from which we take the assets we need.
|
||||
(package
|
||||
(name "torbrowser-assets")
|
||||
(version %torbrowser-version)
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri
|
||||
(string-append
|
||||
"https://archive.torproject.org/tor-package-archive/torbrowser/"
|
||||
version "/tor-browser-linux-x86_64-" version ".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0j143r24xzmq38nd5z1xqsa9zp35lws9rvlj6hb9xn3dnl67gh59"))))
|
||||
(arguments
|
||||
(list
|
||||
#:install-plan
|
||||
''(("Browser" "." #:include-regexp
|
||||
("^\\./TorBrowser/Data/Tor/torrc-defaults"
|
||||
"^\\./fonts/"
|
||||
"^\\./fontconfig/fonts.conf")))))
|
||||
(build-system copy-build-system)
|
||||
(home-page "https://www.torproject.org")
|
||||
(synopsis "Tor Browser assets")
|
||||
(description "This package contains fonts and configuration files for Tor
|
||||
Browser.")
|
||||
(license license:silofl1.1)))
|
||||
|
||||
(define* (make-torbrowser #:key
|
||||
moz-app-name
|
||||
moz-app-remotingname
|
||||
branding-directory
|
||||
assets
|
||||
locales
|
||||
base-browser-version)
|
||||
(package
|
||||
(name "torbrowser")
|
||||
(version %torbrowser-version)
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri
|
||||
(string-append
|
||||
"https://archive.torproject.org/tor-package-archive/torbrowser/"
|
||||
version "/src-firefox-tor-browser-" %torbrowser-firefox-version
|
||||
".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0h05js9j1drzw5q98nlphsmvlp1k2a71z5jd06xk6pz29w6322pw"))))
|
||||
(build-system mozilla-build-system)
|
||||
(inputs
|
||||
(list go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
|
||||
tor-client
|
||||
alsa-lib
|
||||
bzip2
|
||||
cups
|
||||
dbus-glib
|
||||
gdk-pixbuf
|
||||
glib
|
||||
gtk+
|
||||
;; UNBUNDLE-ME! graphite2
|
||||
cairo
|
||||
pango
|
||||
freetype
|
||||
;; UNBUNDLE-ME! harfbuzz
|
||||
libcanberra
|
||||
libgnome
|
||||
libjpeg-turbo
|
||||
libpng-apng
|
||||
;; UNBUNDLE-ME! libogg
|
||||
;; UNBUNDLE-ME! libtheora ; wants theora-1.2, not yet released
|
||||
;; UNBUNDLE-ME! libvorbis
|
||||
libxft
|
||||
libevent
|
||||
libxinerama
|
||||
libxscrnsaver
|
||||
libxcomposite
|
||||
libxt
|
||||
libffi
|
||||
;; Support for FFmpeg 6 was only added in version 112 (see:
|
||||
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1819374).
|
||||
ffmpeg-5
|
||||
libvpx
|
||||
(force (@@ (gnu packages gnuzilla) icu4c-73-promise))
|
||||
pixman
|
||||
pulseaudio
|
||||
mesa
|
||||
pciutils
|
||||
mit-krb5
|
||||
hunspell
|
||||
libnotify
|
||||
nspr
|
||||
;; UNBUNDLE-ME! nss (pending upgrade of 'nss' to 3.90 or later)
|
||||
shared-mime-info
|
||||
sqlite
|
||||
eudev
|
||||
unzip
|
||||
zip
|
||||
zlib))
|
||||
(native-inputs
|
||||
(list
|
||||
rust
|
||||
`(,rust "cargo")
|
||||
rust-cbindgen-0.24
|
||||
llvm-15
|
||||
clang-15
|
||||
perl
|
||||
node-lts
|
||||
python-wrapper
|
||||
yasm
|
||||
nasm ; XXX FIXME: only needed on x86_64 and i686
|
||||
pkg-config
|
||||
m4
|
||||
which))
|
||||
(arguments
|
||||
(list
|
||||
#:tests? #f ;not worth the cost
|
||||
|
||||
;; Some dynamic lib was determined at runtime, so rpath check may fail.
|
||||
#:validate-runpath? #f
|
||||
|
||||
#:configure-flags
|
||||
#~(list
|
||||
"--without-relative-data-dir" ;store is read-only
|
||||
"--disable-base-browser-update"
|
||||
;; Default is "default", which is the same as "nightly".
|
||||
"--enable-update-channel=release"
|
||||
;; This is useless right now but it might be used in the future.
|
||||
;; (See nsAppFileLocationProvider.cpp.)
|
||||
(string-append "--with-user-appdir=." #$moz-app-name)
|
||||
(string-append "--with-branding=" #$branding-directory)
|
||||
(string-append "--prefix=" #$output)
|
||||
(string-append "--with-base-browser-version="
|
||||
#$base-browser-version)
|
||||
|
||||
"--enable-application=browser"
|
||||
"--with-distribution-id=org.gnu"
|
||||
"--enable-geckodriver"
|
||||
;; Do not require addons in the global app or system directories to
|
||||
;; be signed by Mozilla.
|
||||
"--with-unsigned-addon-scopes=app,system"
|
||||
"--allow-addon-sideload"
|
||||
|
||||
"--enable-pulseaudio"
|
||||
|
||||
"--disable-tests"
|
||||
"--disable-updater"
|
||||
"--disable-crashreporter"
|
||||
;; The --disable-eme option is not available on aarch64.
|
||||
#$(if (target-aarch64?) "" "--disable-eme")
|
||||
|
||||
;; Building with debugging symbols takes ~5GiB, so disable it.
|
||||
"--disable-debug"
|
||||
"--disable-debug-symbols"
|
||||
|
||||
"--enable-rust-simd"
|
||||
"--enable-release"
|
||||
"--enable-optimize"
|
||||
"--enable-strip"
|
||||
"--disable-elf-hack"
|
||||
|
||||
;; Clang is needed to build Stylo, Mozilla's new CSS engine. We must
|
||||
;; specify the clang paths manually, because otherwise the Mozilla
|
||||
;; build system looks in the directories returned by llvm-config
|
||||
;; --bindir and llvm-config --libdir, which return paths in the llvm
|
||||
;; package where clang is not found.
|
||||
(string-append "--with-clang-path="
|
||||
(search-input-file %build-inputs "bin/clang"))
|
||||
(string-append "--with-libclang-path="
|
||||
(dirname (search-input-file %build-inputs
|
||||
"lib/libclang.so")))
|
||||
|
||||
;; Hack to work around missing "unofficial" branding in icecat.
|
||||
"--enable-official-branding"
|
||||
|
||||
;; TODO: Add support for wasm sandboxed libraries.
|
||||
"--without-wasm-sandboxed-libraries"
|
||||
|
||||
;; Avoid bundled libraries.
|
||||
"--with-system-jpeg" ;must be libjpeg-turbo
|
||||
"--with-system-png" ;must be libpng-apng
|
||||
"--with-system-zlib"
|
||||
;; UNBUNDLE-ME! "--with-system-bz2"
|
||||
;; UNBUNDLE-ME! "--with-system-libevent"
|
||||
;; UNBUNDLE-ME! "--with-system-ogg"
|
||||
;; UNBUNDLE-ME! "--with-system-vorbis"
|
||||
;; UNBUNDLE-ME! "--with-system-theora" ; wants theora-1.2, not yet released
|
||||
;; UNBUNDLE-ME! "--with-system-libvpx"
|
||||
"--with-system-icu"
|
||||
"--with-system-nspr"
|
||||
;; UNBUNDLE-ME! "--with-system-nss" ; pending upgrade of 'nss' to 3.90
|
||||
|
||||
;; UNBUNDLE-ME! "--with-system-harfbuzz"
|
||||
;; UNBUNDLE-ME! "--with-system-graphite2"
|
||||
"--enable-system-pixman"
|
||||
"--enable-system-ffi"
|
||||
;; UNBUNDLE-ME! "--enable-system-sqlite"
|
||||
)
|
||||
|
||||
#:imported-modules %cargo-utils-modules ;for `generate-all-checksums'
|
||||
|
||||
#:modules `((ice-9 ftw)
|
||||
(ice-9 match)
|
||||
(srfi srfi-1)
|
||||
(srfi srfi-26)
|
||||
(rnrs bytevectors)
|
||||
(rnrs io ports)
|
||||
(guix elf)
|
||||
(guix build gremlin)
|
||||
,@%gnu-build-system-modules)
|
||||
#:phases
|
||||
#~(modify-phases %standard-phases
|
||||
(add-after 'unpack 'apply-guix-specific-patches
|
||||
(lambda _
|
||||
(for-each
|
||||
(lambda (file) (invoke "patch" "--force" "-p1" "-i" file))
|
||||
'(#$(local-file
|
||||
(search-patch "icecat-compare-paths.patch"))
|
||||
#$(local-file
|
||||
(search-patch "icecat-use-system-wide-dir.patch"))))))
|
||||
(add-after 'apply-guix-specific-patches 'remove-bundled-libraries
|
||||
(lambda _
|
||||
;; Remove bundled libraries that we don't use, since they may
|
||||
;; contain unpatched security flaws, they waste disk space and
|
||||
;; memory, and may cause confusion.
|
||||
(for-each (lambda (file)
|
||||
(format #t "deleting '~a'...~%" file)
|
||||
(delete-file-recursively file))
|
||||
'( ;; FIXME: Removing the bundled icu breaks configure.
|
||||
;; * The bundled icu headers are used in some places.
|
||||
;; * The version number is taken from the bundled copy.
|
||||
;;"intl/icu"
|
||||
;;
|
||||
;; FIXME: A script from the bundled nspr is used.
|
||||
;;"nsprpub"
|
||||
;;
|
||||
;; FIXME: Some of the bundled NSS sources are used
|
||||
;; to build third_party/prio.
|
||||
;;"security/nss"
|
||||
;;
|
||||
;; TODO: Use more system media libraries. See:
|
||||
;; <https://bugzilla.mozilla.org/show_bug.cgi?id=517422>
|
||||
;; * libtheora: esr60 wants v1.2, not yet released.
|
||||
;; * soundtouch: avoiding the bundled library would
|
||||
;; result in some loss of functionality. There's
|
||||
;; also an issue with exception handling
|
||||
;; configuration. It seems that this is needed in
|
||||
;; some moz.build:
|
||||
;; DEFINES['ST_NO_EXCEPTION_HANDLING'] = 1
|
||||
;; * libopus
|
||||
;; * speex
|
||||
;;
|
||||
"modules/freetype2"
|
||||
;; "media/libjpeg" ; needed for now, because media/libjpeg/moz.build is referenced from config/external/moz.build
|
||||
;; UNBUNDLE-ME! "modules/zlib"
|
||||
;; UNBUNDLE-ME! "ipc/chromium/src/third_party/libevent"
|
||||
;; UNBUNDLE-ME! "media/libvpx"
|
||||
;; UNBUNDLE-ME! "media/libogg"
|
||||
;; UNBUNDLE-ME! "media/libvorbis"
|
||||
;; UNBUNDLE-ME! "media/libtheora" ; wants theora-1.2, not yet released
|
||||
;; UNBUNDLE-ME! "media/libtremor"
|
||||
;; UNBUNDLE-ME! "gfx/harfbuzz"
|
||||
;; UNBUNDLE-ME! "gfx/graphite2"
|
||||
"js/src/ctypes/libffi"
|
||||
;; UNBUNDLE-ME! "db/sqlite3"
|
||||
))))
|
||||
(add-after 'remove-bundled-libraries 'fix-ffmpeg-runtime-linker
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
;; Arrange to load libavcodec.so by its absolute file name.
|
||||
(substitute* "dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp"
|
||||
(("libavcodec\\.so")
|
||||
(search-input-file inputs "lib/libavcodec.so")))))
|
||||
(add-after 'fix-ffmpeg-runtime-linker 'build-sandbox-whitelist
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(define (runpath-of lib)
|
||||
(call-with-input-file lib
|
||||
(compose elf-dynamic-info-runpath
|
||||
elf-dynamic-info
|
||||
parse-elf
|
||||
get-bytevector-all)))
|
||||
(define (runpaths-of-input label)
|
||||
(let* ((dir (string-append (assoc-ref inputs label) "/lib"))
|
||||
(libs (find-files dir "\\.so$")))
|
||||
(append-map runpath-of libs)))
|
||||
;; Populate the sandbox read-path whitelist as needed by ffmpeg.
|
||||
(let* ((whitelist
|
||||
(map (cut string-append <> "/")
|
||||
(delete-duplicates
|
||||
`(,(string-append (assoc-ref inputs "shared-mime-info")
|
||||
"/share/mime")
|
||||
,@(append-map runpaths-of-input
|
||||
'("mesa" "ffmpeg"))))))
|
||||
(whitelist-string (string-join whitelist ",")))
|
||||
(with-output-to-file "whitelist.txt"
|
||||
(lambda ()
|
||||
(display whitelist-string))))))
|
||||
(add-after 'patch-source-shebangs 'patch-cargo-checksums
|
||||
(lambda _
|
||||
(use-modules (guix build cargo-utils))
|
||||
(let ((null-hash "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"))
|
||||
(for-each (lambda (file)
|
||||
(format #t "patching checksums in ~a~%" file)
|
||||
(substitute* file
|
||||
(("^checksum = \".*\"")
|
||||
(string-append "checksum = \"" null-hash "\""))))
|
||||
(find-files "." "Cargo.lock$"))
|
||||
(for-each generate-all-checksums
|
||||
'("services"
|
||||
"js"
|
||||
"third_party/rust"
|
||||
"dom/media"
|
||||
"dom/webauthn"
|
||||
"toolkit"
|
||||
"gfx"
|
||||
"storage"
|
||||
"modules"
|
||||
"xpcom/rust"
|
||||
"media"
|
||||
"mozglue/static/rust"
|
||||
"netwerk"
|
||||
"remote"
|
||||
"intl"
|
||||
"servo"
|
||||
"security/manager/ssl"
|
||||
"build")))))
|
||||
(add-after 'patch-cargo-checksums 'remove-cargo-frozen-flag
|
||||
(lambda _
|
||||
;; Remove --frozen flag from cargo invokation, otherwise it'll
|
||||
;; complain that it's not able to change Cargo.lock.
|
||||
;; https://bugzilla.mozilla.org/show_bug.cgi?id=1726373
|
||||
(substitute* "build/RunCbindgen.py"
|
||||
(("\"--frozen\",") ""))))
|
||||
(delete 'bootstrap)
|
||||
(add-before 'configure 'setenv
|
||||
(lambda _
|
||||
(setenv "CONFIG_SHELL" (which "bash"))
|
||||
;; Install location is prefix/lib/$MOZ_APP_NAME. Also
|
||||
;; $MOZ_APP_NAME is the executable name. Default is
|
||||
;; "firefox".
|
||||
(setenv "MOZ_APP_NAME" #$moz-app-name)
|
||||
;; Profile location (relative to "~/."). Default is
|
||||
;; lower($MOZ_APP_VENDOR/$MOZ_APP_BASENAME), which is:
|
||||
;; ~/.tor project/firefox.
|
||||
(setenv "MOZ_APP_PROFILE" #$(in-vicinity
|
||||
moz-app-name "browser"))
|
||||
;; WM_CLASS (default is "$MOZ_APP_NAME-$MOZ_UPDATE_CHANNEL").
|
||||
(setenv "MOZ_APP_REMOTINGNAME" #$moz-app-remotingname)
|
||||
;; Persistent state directory for the build system (default is
|
||||
;; $HOME/.mozbuild).
|
||||
(setenv "MOZBUILD_STATE_PATH"
|
||||
(in-vicinity (getcwd) ".mozbuild"))
|
||||
(setenv "MOZ_CHROME_MULTILOCALE"
|
||||
(string-join (map car #$locales)))
|
||||
;; Make build reproducible.
|
||||
(setenv "MOZ_BUILD_DATE" #$%moz-build-date)))
|
||||
(add-before 'configure 'mozconfig
|
||||
(lambda* (#:key configure-flags #:allow-other-keys)
|
||||
(with-output-to-file "mozconfig"
|
||||
(lambda ()
|
||||
(format #t ". $topsrcdir/mozconfig-linux-x86_64~%")
|
||||
(for-each (lambda (flag)
|
||||
(format #t "ac_add_options ~a~%" flag))
|
||||
configure-flags)))))
|
||||
;; See tor-browser-build/projects/firefox/build.
|
||||
(add-before 'configure 'copy-firefox-locales
|
||||
(lambda _
|
||||
(let ((l10ncentral ".mozbuild/l10n-central"))
|
||||
(mkdir-p l10ncentral)
|
||||
(for-each
|
||||
(lambda (lang)
|
||||
(copy-recursively (cdr lang)
|
||||
(in-vicinity l10ncentral
|
||||
(car lang))))
|
||||
#$locales))))
|
||||
(add-after 'copy-firefox-locales 'copy-basebrowser-locales
|
||||
(lambda _
|
||||
(let ((l10ncentral ".mozbuild/l10n-central"))
|
||||
;; Temporary copy so that we can use ‘mv’ to mimic
|
||||
;; tor-browser-build/projects/firefox/build.
|
||||
(copy-recursively #$translation-base-browser
|
||||
"translation-base-browser")
|
||||
(for-each
|
||||
(lambda (lang)
|
||||
(system
|
||||
(format
|
||||
#f (string-join
|
||||
'("mv"
|
||||
"translation-base-browser/~a/base-browser.ftl"
|
||||
"~a/~a/browser/browser/"))
|
||||
lang l10ncentral lang))
|
||||
(system
|
||||
(format
|
||||
#f (string-join
|
||||
'("mv"
|
||||
"translation-base-browser/~a/*"
|
||||
"~a/~a/browser/chrome/browser/"))
|
||||
lang l10ncentral lang)))
|
||||
(map car #$locales)))))
|
||||
(add-after 'copy-basebrowser-locales 'copy-torbrowser-locales
|
||||
(lambda _
|
||||
(let ((l10ncentral ".mozbuild/l10n-central"))
|
||||
;; Temporary copy so that we can use ‘mv’ to mimic
|
||||
;; tor-browser-build/projects/firefox/build.
|
||||
(copy-recursively #$translation-tor-browser
|
||||
"translation-tor-browser")
|
||||
(for-each
|
||||
(lambda (lang)
|
||||
(system
|
||||
(format
|
||||
#f (string-join
|
||||
'("mv"
|
||||
"translation-tor-browser/~a/tor-browser.ftl"
|
||||
"~a/~a/browser/browser/"))
|
||||
lang l10ncentral lang))
|
||||
(system
|
||||
(format
|
||||
#f (string-join
|
||||
'("mv"
|
||||
"translation-tor-browser/~a/cryptoSafetyPrompt.properties"
|
||||
"~a/~a/browser/chrome/browser/"))
|
||||
lang l10ncentral lang))
|
||||
(system
|
||||
(format
|
||||
#f (string-join
|
||||
'("mv"
|
||||
"translation-tor-browser/~a"
|
||||
"toolkit/torbutton/chrome/locale/"))
|
||||
lang))
|
||||
(let ((port (open-file "toolkit/torbutton/jar.mn" "a")))
|
||||
(format port "% locale torbutton ~a %locale/~a/~%"
|
||||
lang lang)
|
||||
(format port " locale/~a/ (chrome/locale/~a/*)~%"
|
||||
lang lang)
|
||||
(close port)))
|
||||
(map car #$locales)))))
|
||||
(replace 'configure
|
||||
(lambda _
|
||||
(invoke "./mach" "configure")))
|
||||
(add-before 'build 'fix-addons-placeholder
|
||||
(lambda _
|
||||
(substitute*
|
||||
"toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
|
||||
(("addons.mozilla.org") "gnuzilla.gnu.org"))))
|
||||
(add-before 'build 'add-bridges ;see deploy.sh
|
||||
(lambda _
|
||||
(let ((port (open-file
|
||||
"browser/app/profile/000-tor-browser.js" "a")))
|
||||
(display
|
||||
"#include ../../../tools/torbrowser/bridges.js" port)
|
||||
(newline port)
|
||||
(close port))))
|
||||
(replace 'build
|
||||
(lambda* (#:key (make-flags '()) (parallel-build? #t)
|
||||
#:allow-other-keys)
|
||||
(apply invoke "./mach" "build"
|
||||
;; mach will use a wide parallel build if possible by
|
||||
;; default, so reign it in if requested.
|
||||
`(,(string-append
|
||||
"-j" (number->string (if parallel-build?
|
||||
(parallel-job-count)
|
||||
1)))
|
||||
,@make-flags))))
|
||||
;; See tor-browser-build/projects/firefox/build.
|
||||
(add-after 'build 'build-locales
|
||||
(lambda _
|
||||
(system (string-join '("./mach package-multi-locale --locales"
|
||||
"en-US $MOZ_CHROME_MULTILOCALE")))))
|
||||
(add-after 'build-locales 'neutralise-store-references
|
||||
(lambda _
|
||||
;; Mangle the store references to compilers & other build tools in
|
||||
;; about:buildconfig, reducing IceCat's closure by 1 GiB on x86-64.
|
||||
(let* ((obj-dir (match (scandir "." (cut string-prefix? "obj-" <>))
|
||||
((dir) dir)))
|
||||
(file (string-append
|
||||
obj-dir
|
||||
"/dist/bin/chrome/toolkit/content/global/buildconfig.html")))
|
||||
(substitute* file
|
||||
(("[0-9a-df-np-sv-z]{32}" hash)
|
||||
(string-append (string-take hash 8)
|
||||
"<!-- Guix: not a runtime dependency -->"
|
||||
(string-drop hash 8)))))))
|
||||
(replace 'install
|
||||
(lambda* (#:key outputs #:allow-other-keys)
|
||||
(invoke "./mach" "install")
|
||||
;; The geckodriver binary is not installed by the above, for some
|
||||
;; reason. Use 'find-files' to avoid having to deal with the
|
||||
;; system/architecture-specific file name.
|
||||
(install-file (first (find-files "." "geckodriver"))
|
||||
(string-append #$output "/bin"))))
|
||||
(add-after 'install 'wrap-program
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(let* ((gtk #$(this-package-input "gtk+"))
|
||||
(gtk-share (string-append gtk "/share"))
|
||||
(fonts.conf (format #f "~a/lib/~a/fontconfig/fonts.conf"
|
||||
#$output #$moz-app-name))
|
||||
(ld-libs '#$(cons
|
||||
(file-append
|
||||
(this-package-input "libcanberra")
|
||||
"/lib/gtk-3.0/modules")
|
||||
(map (lambda (label)
|
||||
(file-append (this-package-input label) "/lib"))
|
||||
'("libpng-apng"
|
||||
"libxscrnsaver"
|
||||
"mesa"
|
||||
"pciutils"
|
||||
"mit-krb5"
|
||||
"eudev"
|
||||
"pulseaudio"
|
||||
;; For the integration of native notifications
|
||||
;; (same reason as icedove)
|
||||
"libnotify")))))
|
||||
(wrap-program (format #f "~a/lib/~a/~a"
|
||||
#$output #$moz-app-name #$moz-app-name)
|
||||
`("XDG_DATA_DIRS" prefix (,gtk-share))
|
||||
;; The following line is commented out because the icecat
|
||||
;; package on guix has been observed to be unstable when
|
||||
;; using wayland, and the bundled extensions stop working.
|
||||
;; `("MOZ_ENABLE_WAYLAND" = ("1"))
|
||||
`("LD_LIBRARY_PATH" prefix ,ld-libs)
|
||||
`("FONTCONFIG_FILE" prefix (,fonts.conf))))))
|
||||
(add-after 'wrap-program 'install-desktop-entry
|
||||
(lambda _
|
||||
(let ((apps (in-vicinity #$output "share/applications")))
|
||||
(mkdir-p apps)
|
||||
(make-desktop-entry-file
|
||||
(string-append apps "/" #$moz-app-name ".desktop")
|
||||
#:name #$moz-app-remotingname
|
||||
#:exec (format #f "~a/bin/~a %u" #$output #$moz-app-name)
|
||||
#:categories '("Network" "WebBrowser" "Security")
|
||||
#:startup-w-m-class #$moz-app-remotingname
|
||||
#:icon #$moz-app-name))))
|
||||
(add-after 'install-desktop-entry 'install-icons
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(for-each
|
||||
(lambda (size)
|
||||
(let ((oldpath (string-append
|
||||
#$branding-directory "/default" size ".png"))
|
||||
(newpath (string-append
|
||||
#$output "/share/icons/hicolor/" size "x"
|
||||
size "/apps/" #$moz-app-name ".png")))
|
||||
(mkdir-p (dirname newpath))
|
||||
(copy-file oldpath newpath)))
|
||||
'("16" "22" "24" "32" "48" "64" "128" "256"))))
|
||||
(add-after 'install 'deploy-fonts
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(let ((lib (string-append #$output "/lib/" #$moz-app-name)))
|
||||
;; Fonts
|
||||
(copy-recursively (in-vicinity #$assets "fontconfig")
|
||||
(in-vicinity lib "fontconfig"))
|
||||
(substitute* (in-vicinity lib "fontconfig/fonts.conf")
|
||||
(("<dir>fonts</dir>")
|
||||
(format #f "<dir>~a</dir>" (in-vicinity lib "fonts"))))
|
||||
(delete-file-recursively (in-vicinity lib "fonts"))
|
||||
(copy-recursively (in-vicinity #$assets "fonts")
|
||||
(in-vicinity lib "fonts")))))
|
||||
(add-after 'deploy-fonts 'deploy-tor-assets
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(let ((lib (in-vicinity #$output "lib/torbrowser"))
|
||||
(tor #$(this-package-input "tor-client")))
|
||||
;; TorBrowser/Data/Tor/torrc-defaults
|
||||
(copy-recursively (in-vicinity #$assets "TorBrowser")
|
||||
(in-vicinity lib "TorBrowser"))
|
||||
(substitute*
|
||||
(in-vicinity lib "TorBrowser/Data/Tor/torrc-defaults")
|
||||
(("exec ./TorBrowser/Tor/PluggableTransports/lyrebird")
|
||||
(string-append
|
||||
"exec " (search-input-file inputs "bin/lyrebird"))))
|
||||
;; The geoip and geoip6 files are in the same directory as
|
||||
;; torrc-defaults. (See TorProcess.sys.mjs.)
|
||||
(mkdir-p (in-vicinity lib "TorBrowser/Data/Tor"))
|
||||
(copy-file (in-vicinity tor "share/tor/geoip6")
|
||||
(in-vicinity lib "TorBrowser/Data/Tor/geoip6"))
|
||||
(copy-file (in-vicinity tor "share/tor/geoip")
|
||||
(in-vicinity lib "TorBrowser/Data/Tor/geoip")))))
|
||||
(add-after 'install 'autoconfig
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(let ((lib (string-append #$output "/lib/" #$moz-app-name))
|
||||
(config-file (string-append #$moz-app-name ".cfg")))
|
||||
(with-output-to-file (in-vicinity
|
||||
lib "defaults/pref/autoconfig.js")
|
||||
(lambda ()
|
||||
(format #t "// first line must be a comment~%")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"general.config.filename" config-file)
|
||||
(format #t "pref(~s, ~a);~%"
|
||||
"general.config.obscure_value" "0")))
|
||||
(with-output-to-file (in-vicinity lib config-file)
|
||||
(lambda ()
|
||||
(format #t "// first line must be a comment~%")
|
||||
;; Required for Guix packaged extensions
|
||||
;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
|
||||
;; Default is 5.
|
||||
(format #t "pref(~s, ~a);~%"
|
||||
"extensions.enabledScopes" "13")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"security.sandbox.content.read_path_whitelist"
|
||||
(call-with-input-file "whitelist.txt"
|
||||
get-string-all))
|
||||
;; Add-ons pannel (see settings.js in Icecat source).
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"extensions.getAddons.search.browseURL"
|
||||
"https://gnuzilla.gnu.org/mozzarella")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"extensions.getAddons.get.url"
|
||||
"https://gnuzilla.gnu.org/mozzarella")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"extensions.getAddons.link.url"
|
||||
"https://gnuzilla.gnu.org/mozzarella")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"extensions.getAddons.discovery.api_url"
|
||||
"https://gnuzilla.gnu.org/mozzarella")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"extensions.getAddons.langpacks.url"
|
||||
"https://gnuzilla.gnu.org/mozzarella")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"lightweightThemes.getMoreURL"
|
||||
"https://gnuzilla.gnu.org/mozzarella"))))))
|
||||
(add-after 'autoconfig 'autoconfig-tor
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(let ((lib (in-vicinity #$output "lib/torbrowser"))
|
||||
(config-file (string-append #$moz-app-name ".cfg")))
|
||||
(let ((port (open-file (in-vicinity lib config-file) "a")))
|
||||
(format port "pref(~s, ~s);~%"
|
||||
"extensions.torlauncher.torrc-defaults_path"
|
||||
(in-vicinity
|
||||
lib "TorBrowser/Data/Tor/torrc-defaults"))
|
||||
(format port "pref(~s, ~s);~%"
|
||||
"extensions.torlauncher.tor_path"
|
||||
(search-input-file inputs "bin/tor"))
|
||||
(close port))))))))
|
||||
(propagated-inputs
|
||||
(list noscript/icecat))
|
||||
(native-search-paths
|
||||
(list (search-path-specification
|
||||
(variable "ICECAT_SYSTEM_DIR")
|
||||
(separator #f) ;single entry
|
||||
(files '("lib/icecat")))))
|
||||
(home-page "https://www.torproject.org")
|
||||
(synopsis "Anonymous browser derived from Mozilla Firefox")
|
||||
(description
|
||||
"Tor Browser is the Tor Project version of Firefox browser. It is the
|
||||
only recommended way to anonymously browse the web that is supported by the
|
||||
project. It modifies Firefox in order to avoid many know application level
|
||||
attacks on the privacy of Tor users.")
|
||||
(license license:mpl2.0))) ;And others, see
|
||||
;toolkit/content/license.html
|
||||
|
||||
(define-public torbrowser
|
||||
(make-torbrowser #:moz-app-name "torbrowser"
|
||||
#:moz-app-remotingname "Tor Browser"
|
||||
#:branding-directory "browser/branding/tb-release"
|
||||
#:assets torbrowser-assets
|
||||
#:locales %torbrowser-locales
|
||||
#:base-browser-version %torbrowser-version))
|
@ -13,7 +13,6 @@
|
||||
;;; Copyright © 2021-2023 Danial Behzadi <dani.behzi@ubuntu.com>
|
||||
;;; Copyright © 2022 Maxim Cournoyer <maxim.cournoyer@gmail.com>
|
||||
;;; Copyright © 2022 Jim Newsome <jnewsome@torproject.org>
|
||||
;;; Copyright © 2023, 2024 Clément Lassieur <clement@lassieur.org>
|
||||
;;;
|
||||
;;; This file is part of GNU Guix.
|
||||
;;;
|
||||
@ -37,16 +36,11 @@
|
||||
#:use-module (guix utils)
|
||||
#:use-module (guix download)
|
||||
#:use-module (guix git-download)
|
||||
#:use-module (guix hg-download)
|
||||
#:use-module (guix build-system copy)
|
||||
#:use-module (guix build-system gnu)
|
||||
#:use-module (guix build-system mozilla)
|
||||
#:use-module (guix build-system python)
|
||||
#:use-module (guix build-system pyproject)
|
||||
#:use-module (gnu packages)
|
||||
#:use-module (gnu packages base)
|
||||
#:use-module (gnu packages bash)
|
||||
#:use-module (gnu packages browser-extensions)
|
||||
#:use-module (gnu packages libevent)
|
||||
#:use-module (gnu packages linux)
|
||||
#:use-module (gnu packages check)
|
||||
@ -54,8 +48,6 @@
|
||||
#:use-module (gnu packages pcre)
|
||||
#:use-module (gnu packages freedesktop)
|
||||
#:use-module (gnu packages glib)
|
||||
#:use-module (gnu packages golang)
|
||||
#:use-module (gnu packages gnuzilla)
|
||||
#:use-module (gnu packages pkg-config)
|
||||
#:use-module (gnu packages python)
|
||||
#:use-module (gnu packages python-check)
|
||||
@ -491,457 +483,3 @@ Potential client and exit connections are scrubbed of sensitive information.")
|
||||
the onion proxy and sets up proxy in user session, so you don't have to mess
|
||||
up with TOR on your system anymore.")
|
||||
(license license:gpl3+)))
|
||||
|
||||
(define (mozilla-locale locale changeset hash-string)
|
||||
(origin
|
||||
(method hg-fetch)
|
||||
(uri (hg-reference
|
||||
(url (string-append "https://hg.mozilla.org/l10n-central/"
|
||||
locale))
|
||||
(changeset changeset)))
|
||||
(file-name (string-append "mozilla-locale-" locale))
|
||||
(sha256 (base32 hash-string))))
|
||||
|
||||
(define-syntax-rule (mozilla-locales (hash-string changeset locale) ...)
|
||||
#~(list (cons #$locale #$(mozilla-locale locale changeset hash-string))
|
||||
...))
|
||||
|
||||
;; See tor-browser-build/rbm.conf for the list.
|
||||
;; See browser/locales/l10n-changesets.json for the changeset.
|
||||
;; See update-mozilla-locales in gnuzilla.scm to automate updating changeset.
|
||||
(define %torbrowser-locales
|
||||
(mozilla-locales
|
||||
;; sha256 changeset locale
|
||||
;;---------------------------------------------------------------------------
|
||||
("14wnjv13alaj04pd8i8ysillbr3ic2jqa867rbj5ncz8h4hxxfxc" "4c7e24ef78bd" "ar")
|
||||
("0mcc15n3p7yk4zdbr3na2fm7wq2184mbcrkk3cvppkl6p4k8654d" "24d50653ab5c" "ca")
|
||||
("0ray22hdb3nrv2yi5z98cvbmpk9kpsv96a8wzad5dr4sxy44ii0d" "0d96b6b04bfb" "cs")
|
||||
("0is7qbykv2pj0z9ll9r35vwjp0x29vmfr10yjl3s0amfaqzjqpqc" "0a0b774407cc" "da")
|
||||
("0yq7m4v7d7ayg90m66j73mflrnp709qw9n7skhpsl9h1wbhrd7q7" "633986260777" "de")
|
||||
("19g2ha32syq6rjcyl4ypmy7sc9w7xkvrpkic5lfc2yja6ll9116p" "e2f2d1541e38" "el")
|
||||
("018qi9zn24kzfcidsj9lbqfg5n97r295yr8fs953nyfdbim9jsfv" "accf5e4506c0" "es-ES")
|
||||
("11prhmh2cp95dpv6z0k479mb11zbfm541bvigs3gnkh3nazjvc8q" "37aa71d77cb6" "fa")
|
||||
("1lv9l98q88ixb0ph970yzphahgzbl97x0w069bkxa54kblkv1ch1" "dc40a4fd5d0e" "fi")
|
||||
("0wx4k7mwhvpv5w0wa4y5pca2q3jac62jv804nxqnfwh1bvi90wv0" "415c1f0e84bd" "fr")
|
||||
("17j68a6rbaphfcq38mgz6s1076fyy92fk0ldw8igql6gd85qjlaa" "d271f275cf48" "ga-IE")
|
||||
("0b7qdayljb4ryyqgalvi626lzg238gyn03m3a2f7afs9zi6px526" "46f8d7c031a6" "he")
|
||||
("14xbrzvc09fcp7qzllb65nis27hkg9pg5615y29xzwiz4g090my1" "086ac0260d6b" "hu")
|
||||
("0q5s4iz02xgmbw6nnpg6xg4pwz7n55nvxb9mj8vqdakq3faybbd5" "f03a6b3069a5" "id")
|
||||
("1lwklx3nkm56420xc3kbg892jm2b6202sjw33nvv766sm9hbvcap" "5c4b61165e1d" "is")
|
||||
("1n7l5idw9399n8ih1r1d6m8vzpzhwmnxmr9i7jvygkdc8d6adp1k" "07d5e1ff5f9b" "it")
|
||||
("1w6nw9cd92p1ndy82wwlq9xizyq3i8rq0nj7118gbxbx368mk2kj" "e6f9db9ce3e6" "ja")
|
||||
("1js99gbyc1dj33xc425wb08s1aw3bfznaacrqhw3l42yw1g1ghy4" "a15eb9feea2c" "ka")
|
||||
("116a8s0k2yvijy7qf0xpqm5w66gdzs32jhc06364sdar5v34lyhh" "805b85981696" "ko")
|
||||
("1yrjrhmmd0b810kxryja1j1md3rr2zpn1j9cbg05dgp5s8i89psk" "943a26276832" "lt")
|
||||
("08zccz7gflzpr20y0hvhmdsiz6ncags39kh83cay5ivchyib5qbi" "fbef80de5499" "mk")
|
||||
("100k4ibpwys9i4ghi5xvmgwr9api67ngav2hvb613rj6hdfd57f7" "20ec0915ec35" "ms")
|
||||
("0kk3cjlpghbi7j3ndb2s0c7g838fzd2mpzg01bp0cra8lzd0n2ac" "4ab6f0d05aa6" "my")
|
||||
("1i3r2ici95mazw07m2mrf192fc6bfa3x6j3c2pcc1zg7z9srihgh" "561b0cd86ec1" "nb-NO")
|
||||
("1c0m8jhn52h1dif5bswrdwrlzppgga01y61wlii4aaaw15imd6yd" "2a55df0cc389" "nl")
|
||||
("1gssvg306b80drp7kvc35kvcxwldb5sga0bapaxhv362irq1nya8" "a64a7dab01c4" "pl")
|
||||
("1dzh13x85a7src8szbrq5pjmrbak4isln9xdwjk7a1yq4g9h7jgs" "33bf2a9f4c49" "pt-BR")
|
||||
("0jx9y7fv44wxqapmcgr924wgb1l5cm95bgpmnhnjchp1zpmyfdl5" "a367feeadd33" "ro")
|
||||
("09x2jirf04kgc118a70z0xrb3msbm7vr4f41ig4xrwf2s5b816r3" "528b76d6aaca" "ru")
|
||||
("02y898f0ncjwka474r9lw361b0kywx1w56hj09i7im4j5jrsjnh1" "fa28d9d79cd3" "sq")
|
||||
("1cyimbd42aaq2amyhdbbx26jwsns77lsfl8g9a70bsjlpwzwzryg" "cc8e8962e59c" "sv-SE")
|
||||
("03mqrvcal7i172gf9239q9fnynfp5kg9b3r1w8gr9iz7rkr22gw5" "d361502c559e" "th")
|
||||
("12srgqkqwaidcwbz0y7zr59165f7aq5k5s3b81ql7ixdbwia91pm" "f6173aca4762" "tr")
|
||||
("1d91gfx5p6wyb455syw0b57wxl1sd4b4kcdvfk92pb050rqaqfgv" "c5ad4d4f70eb" "uk")
|
||||
("1dj8q2jw60a184f018jyldl51rfmvz1cndz3kbw0cc5l5sli7hwr" "0e75c226763d" "vi")
|
||||
("1dl2dpif4wwrlpx7zkz5qf8kk4vhxyf63016xcfpbhxizqqwc1ki" "df2d025ed631" "zh-CN")
|
||||
("1c63ngff9lsc1x3pi6lnkyxw19gdc65yc67p7alzvrka3cv292ia" "11f8d68148a4" "zh-TW")))
|
||||
|
||||
;; We copy the official build id, which can be found there:
|
||||
;; https://aus1.torproject.org/torbrowser/update_3/release/.
|
||||
(define %moz-build-date "20240115174022")
|
||||
|
||||
;; To find the last version, look at https://www.torproject.org/download/.
|
||||
(define %torbrowser-version "13.0.9")
|
||||
|
||||
;; To find the last Firefox version, browse
|
||||
;; https://archive.torproject.org/tor-package-archive/torbrowser/<%torbrowser-version>
|
||||
;; There should be only one archive that starts with
|
||||
;; "src-firefox-tor-browser-".
|
||||
(define %torbrowser-firefox-version "115.7.0esr-13.0-1-build1")
|
||||
|
||||
;; See tor-browser-build/projects/translation/config.
|
||||
(define translation-base-browser
|
||||
(origin
|
||||
(method git-fetch)
|
||||
(uri (git-reference
|
||||
(url "https://gitlab.torproject.org/tpo/translation.git")
|
||||
(commit "cbd9b6c415ec2edb99237ef67ccd4f033a7b9c2a")))
|
||||
(file-name "translation-base-browser")
|
||||
(sha256
|
||||
(base32
|
||||
"103dj1zzc68gxzjxwcpc4sbc6qca4zg8kkhdivzpq37ma07sp9sf"))))
|
||||
|
||||
;; See tor-browser-build/projects/translation/config.
|
||||
(define translation-tor-browser
|
||||
(origin
|
||||
(method git-fetch)
|
||||
(uri (git-reference
|
||||
(url "https://gitlab.torproject.org/tpo/translation.git")
|
||||
(commit "767ab5111f065b82151275775af5ecf7a529ef48")))
|
||||
(file-name "translation-tor-browser")
|
||||
(sha256
|
||||
(base32
|
||||
"034s0ivbama497xq0904q8p6d7n2f2aa2vn2jcs9g4bvmhgwicw4"))))
|
||||
|
||||
(define torbrowser-assets
|
||||
;; This is a prebuilt Torbrowser from which we take the assets we need.
|
||||
(package
|
||||
(name "torbrowser-assets")
|
||||
(version %torbrowser-version)
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri
|
||||
(string-append
|
||||
"https://archive.torproject.org/tor-package-archive/torbrowser/"
|
||||
version "/tor-browser-linux-x86_64-" version ".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0j143r24xzmq38nd5z1xqsa9zp35lws9rvlj6hb9xn3dnl67gh59"))))
|
||||
(arguments
|
||||
(list
|
||||
#:install-plan
|
||||
''(("Browser" "." #:include-regexp
|
||||
("^\\./TorBrowser/Data/Tor/torrc-defaults"
|
||||
"^\\./fonts/"
|
||||
"^\\./fontconfig/fonts.conf")))))
|
||||
(build-system copy-build-system)
|
||||
(home-page "https://www.torproject.org")
|
||||
(synopsis "Tor Browser assets")
|
||||
(description "This package contains fonts and configuration files for Tor
|
||||
Browser.")
|
||||
(license license:silofl1.1)))
|
||||
|
||||
(define-public torbrowser
|
||||
(package
|
||||
(inherit icecat-minimal)
|
||||
(name "torbrowser")
|
||||
(version %torbrowser-version)
|
||||
(source
|
||||
(origin
|
||||
(method url-fetch)
|
||||
(uri
|
||||
(string-append
|
||||
"https://archive.torproject.org/tor-package-archive/torbrowser/"
|
||||
version "/src-firefox-tor-browser-" %torbrowser-firefox-version
|
||||
".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"0h05js9j1drzw5q98nlphsmvlp1k2a71z5jd06xk6pz29w6322pw"))))
|
||||
(build-system mozilla-build-system)
|
||||
(arguments
|
||||
(substitute-keyword-arguments (package-arguments icecat-minimal)
|
||||
((#:configure-flags flags '())
|
||||
#~(cons*
|
||||
"--without-relative-data-dir" ;store is read-only
|
||||
"--disable-base-browser-update"
|
||||
;; Default is "default", which is the same as "nightly".
|
||||
"--enable-update-channel=release"
|
||||
"--with-user-appdir=.torbrowser"
|
||||
"--with-branding=browser/branding/tb-release"
|
||||
(string-append "--prefix=" #$output)
|
||||
(string-append "--with-base-browser-version=" #$version)
|
||||
#$flags))
|
||||
((#:phases phases)
|
||||
#~(modify-phases #$phases
|
||||
(add-before 'configure 'setenv
|
||||
(lambda _
|
||||
(setenv "CONFIG_SHELL" (which "bash"))
|
||||
;; Install location is prefix/lib/$MOZ_APP_NAME. Also
|
||||
;; $MOZ_APP_NAME is the executable name. Default is
|
||||
;; "firefox".
|
||||
(setenv "MOZ_APP_NAME" "torbrowser")
|
||||
;; Profile location (relative to "~/."). Default is
|
||||
;; lower($MOZ_APP_VENDOR/$MOZ_APP_BASENAME), which is:
|
||||
;; ~/.tor project/firefox.
|
||||
(setenv "MOZ_APP_PROFILE" "torbrowser/browser")
|
||||
;; WM_CLASS (default is "$MOZ_APP_NAME-$MOZ_UPDATE_CHANNEL").
|
||||
(setenv "MOZ_APP_REMOTINGNAME" "Tor Browser")
|
||||
;; Persistent state directory for the build system (default is
|
||||
;; $HOME/.mozbuild).
|
||||
(setenv "MOZBUILD_STATE_PATH"
|
||||
(in-vicinity (getcwd) ".mozbuild"))
|
||||
(setenv "MOZ_CHROME_MULTILOCALE"
|
||||
(string-join (map car #$%torbrowser-locales)))
|
||||
;; Make build reproducible.
|
||||
(setenv "MOZ_BUILD_DATE" #$%moz-build-date)))
|
||||
(add-before 'configure 'mozconfig
|
||||
(lambda* (#:key configure-flags #:allow-other-keys)
|
||||
(with-output-to-file "mozconfig"
|
||||
(lambda ()
|
||||
(format #t ". $topsrcdir/mozconfig-linux-x86_64~%")
|
||||
(for-each (lambda (flag)
|
||||
(format #t "ac_add_options ~a~%" flag))
|
||||
configure-flags)))))
|
||||
(replace 'configure
|
||||
(lambda _
|
||||
(invoke "./mach" "configure")))
|
||||
;; See tor-browser-build/projects/firefox/build.
|
||||
(add-before 'configure 'copy-firefox-locales
|
||||
(lambda _
|
||||
(let ((l10ncentral ".mozbuild/l10n-central"))
|
||||
(mkdir-p l10ncentral)
|
||||
(for-each
|
||||
(lambda (lang)
|
||||
(copy-recursively (cdr lang)
|
||||
(in-vicinity l10ncentral (car lang))))
|
||||
#$%torbrowser-locales))))
|
||||
(add-after 'copy-firefox-locales 'copy-basebrowser-locales
|
||||
(lambda _
|
||||
(let ((l10ncentral ".mozbuild/l10n-central"))
|
||||
;; Temporary copy so that we can use ‘mv’ to mimic
|
||||
;; tor-browser-build/projects/firefox/build.
|
||||
(copy-recursively #$translation-base-browser
|
||||
"translation-base-browser")
|
||||
(for-each
|
||||
(lambda (lang)
|
||||
(system
|
||||
(format
|
||||
#f (string-join
|
||||
'("mv"
|
||||
"translation-base-browser/~a/base-browser.ftl"
|
||||
"~a/~a/browser/browser/"))
|
||||
lang l10ncentral lang))
|
||||
(system
|
||||
(format
|
||||
#f (string-join
|
||||
'("mv"
|
||||
"translation-base-browser/~a/*"
|
||||
"~a/~a/browser/chrome/browser/"))
|
||||
lang l10ncentral lang)))
|
||||
(map car #$%torbrowser-locales)))))
|
||||
(add-after 'copy-basebrowser-locales 'copy-torbrowser-locales
|
||||
(lambda _
|
||||
(let ((l10ncentral ".mozbuild/l10n-central"))
|
||||
;; Temporary copy so that we can use ‘mv’ to mimic
|
||||
;; tor-browser-build/projects/firefox/build.
|
||||
(copy-recursively #$translation-tor-browser
|
||||
"translation-tor-browser")
|
||||
(for-each
|
||||
(lambda (lang)
|
||||
(system
|
||||
(format
|
||||
#f (string-join
|
||||
'("mv"
|
||||
"translation-tor-browser/~a/tor-browser.ftl"
|
||||
"~a/~a/browser/browser/"))
|
||||
lang l10ncentral lang))
|
||||
(system
|
||||
(format
|
||||
#f (string-join
|
||||
'("mv"
|
||||
"translation-tor-browser/~a/cryptoSafetyPrompt.properties"
|
||||
"~a/~a/browser/chrome/browser/"))
|
||||
lang l10ncentral lang))
|
||||
(system
|
||||
(format
|
||||
#f (string-join
|
||||
'("mv"
|
||||
"translation-tor-browser/~a"
|
||||
"toolkit/torbutton/chrome/locale/"))
|
||||
lang))
|
||||
(let ((port (open-file "toolkit/torbutton/jar.mn" "a")))
|
||||
(format port "% locale torbutton ~a %locale/~a/~%"
|
||||
lang lang)
|
||||
(format port " locale/~a/ (chrome/locale/~a/*)~%"
|
||||
lang lang)
|
||||
(close port)))
|
||||
(map car #$%torbrowser-locales)))))
|
||||
(add-before 'build 'fix-addons-placeholder
|
||||
(lambda _
|
||||
(substitute*
|
||||
"toolkit/locales/en-US/toolkit/about/aboutAddons.ftl"
|
||||
(("addons.mozilla.org") "gnuzilla.gnu.org"))))
|
||||
(add-before 'build 'add-bridges ;see deploy.sh
|
||||
(lambda _
|
||||
(let ((port (open-file
|
||||
"browser/app/profile/000-tor-browser.js" "a")))
|
||||
(display
|
||||
"#include ../../../tools/torbrowser/bridges.js" port)
|
||||
(newline port)
|
||||
(close port))))
|
||||
;; See tor-browser-build/projects/firefox/build.
|
||||
(add-after 'build 'build-locales
|
||||
(lambda _
|
||||
(system (string-join '("./mach package-multi-locale --locales"
|
||||
"en-US $MOZ_CHROME_MULTILOCALE")))))
|
||||
(add-after 'install 'deploy-assets
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(let ((lib (in-vicinity #$output "lib/torbrowser"))
|
||||
(tor #$(this-package-input "tor-client")))
|
||||
;; TorBrowser/Data/Tor/torrc-defaults
|
||||
(copy-recursively (in-vicinity
|
||||
#$torbrowser-assets "TorBrowser")
|
||||
(in-vicinity lib "TorBrowser"))
|
||||
(substitute*
|
||||
(in-vicinity lib "TorBrowser/Data/Tor/torrc-defaults")
|
||||
(("exec ./TorBrowser/Tor/PluggableTransports/lyrebird")
|
||||
(string-append
|
||||
"exec " (search-input-file inputs "bin/lyrebird"))))
|
||||
;; The geoip and geoip6 files are in the same directory as
|
||||
;; torrc-defaults. (See TorProcess.sys.mjs.)
|
||||
(mkdir-p (in-vicinity lib "TorBrowser/Data/Tor"))
|
||||
(copy-file (in-vicinity tor "share/tor/geoip")
|
||||
(in-vicinity lib "TorBrowser/Data/Tor/geoip"))
|
||||
(copy-file (in-vicinity tor "share/tor/geoip6")
|
||||
(in-vicinity lib "TorBrowser/Data/Tor/geoip6"))
|
||||
;; Fonts
|
||||
(copy-recursively (in-vicinity
|
||||
#$torbrowser-assets "fontconfig")
|
||||
(in-vicinity lib "fontconfig"))
|
||||
(substitute* (in-vicinity lib "fontconfig/fonts.conf")
|
||||
(("<dir>fonts</dir>")
|
||||
(format #f "<dir>~a</dir>" (in-vicinity lib "fonts"))))
|
||||
(delete-file-recursively (in-vicinity lib "fonts"))
|
||||
(copy-recursively (in-vicinity #$torbrowser-assets "fonts")
|
||||
(in-vicinity lib "fonts")))))
|
||||
(replace 'build-sandbox-whitelist
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(define (runpath-of lib)
|
||||
(call-with-input-file lib
|
||||
(compose elf-dynamic-info-runpath
|
||||
elf-dynamic-info
|
||||
parse-elf
|
||||
get-bytevector-all)))
|
||||
(define (runpaths-of-input label)
|
||||
(let* ((dir (string-append (assoc-ref inputs label) "/lib"))
|
||||
(libs (find-files dir "\\.so$")))
|
||||
(append-map runpath-of libs)))
|
||||
;; Populate the sandbox read-path whitelist as needed by ffmpeg.
|
||||
(let* ((whitelist
|
||||
(map (cut string-append <> "/")
|
||||
(delete-duplicates
|
||||
`(,(string-append (assoc-ref inputs "shared-mime-info")
|
||||
"/share/mime")
|
||||
,@(append-map runpaths-of-input
|
||||
'("mesa" "ffmpeg"))))))
|
||||
(whitelist-string (string-join whitelist ",")))
|
||||
(with-output-to-file "whitelist.txt"
|
||||
(lambda ()
|
||||
(display whitelist-string))))))
|
||||
(add-after 'install 'autoconfig
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(let ((lib (in-vicinity #$output "lib/torbrowser"))
|
||||
(config-file "tor-browser.cfg"))
|
||||
(with-output-to-file (in-vicinity
|
||||
lib "defaults/pref/autoconfig.js")
|
||||
(lambda ()
|
||||
(format #t "// first line must be a comment~%")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"general.config.filename" config-file)
|
||||
(format #t "pref(~s, ~a);~%"
|
||||
"general.config.obscure_value" "0")))
|
||||
(with-output-to-file (in-vicinity lib config-file)
|
||||
(lambda ()
|
||||
(format #t "// first line must be a comment~%")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"extensions.torlauncher.torrc-defaults_path"
|
||||
(in-vicinity
|
||||
lib "TorBrowser/Data/Tor/torrc-defaults"))
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"extensions.torlauncher.tor_path"
|
||||
(search-input-file inputs "bin/tor"))
|
||||
;; Required for Guix packaged extensions
|
||||
;; SCOPE_PROFILE=1, SCOPE_APPLICATION=4, SCOPE_SYSTEM=8
|
||||
;; Default is 5.
|
||||
(format #t "pref(~s, ~a);~%"
|
||||
"extensions.enabledScopes" "13")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"security.sandbox.content.read_path_whitelist"
|
||||
(call-with-input-file "whitelist.txt"
|
||||
get-string-all))
|
||||
;; Add-ons pannel (see settings.js in Icecat source).
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"extensions.getAddons.search.browseURL"
|
||||
"https://gnuzilla.gnu.org/mozzarella")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"extensions.getAddons.get.url"
|
||||
"https://gnuzilla.gnu.org/mozzarella")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"extensions.getAddons.link.url"
|
||||
"https://gnuzilla.gnu.org/mozzarella")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"extensions.getAddons.discovery.api_url"
|
||||
"https://gnuzilla.gnu.org/mozzarella")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"extensions.getAddons.langpacks.url"
|
||||
"https://gnuzilla.gnu.org/mozzarella")
|
||||
(format #t "pref(~s, ~s);~%"
|
||||
"lightweightThemes.getMoreURL"
|
||||
"https://gnuzilla.gnu.org/mozzarella"))))))
|
||||
(replace 'wrap-program
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(let* ((gtk #$(this-package-input "gtk+"))
|
||||
(gtk-share (string-append gtk "/share"))
|
||||
(fonts.conf (in-vicinity
|
||||
#$output
|
||||
"lib/torbrowser/fontconfig/fonts.conf"))
|
||||
(ld-libs '#$(cons
|
||||
(file-append
|
||||
(this-package-input "libcanberra")
|
||||
"/lib/gtk-3.0/modules")
|
||||
(map
|
||||
(lambda (label)
|
||||
(file-append
|
||||
(this-package-input label) "/lib"))
|
||||
'("libpng-apng"
|
||||
"libxscrnsaver"
|
||||
"mesa"
|
||||
"pciutils"
|
||||
"mit-krb5"
|
||||
"eudev"
|
||||
"pulseaudio"
|
||||
"libnotify")))))
|
||||
(wrap-program
|
||||
(in-vicinity #$output "lib/torbrowser/torbrowser")
|
||||
`("XDG_DATA_DIRS" prefix (,gtk-share))
|
||||
`("LD_LIBRARY_PATH" prefix ,ld-libs)
|
||||
`("FONTCONFIG_FILE" prefix (,fonts.conf))))))
|
||||
(replace 'install-desktop-entry
|
||||
(lambda _
|
||||
(let ((apps (in-vicinity #$output "share/applications")))
|
||||
(mkdir-p apps)
|
||||
(make-desktop-entry-file
|
||||
(in-vicinity apps "torbrowser.desktop")
|
||||
#:name "Tor Browser"
|
||||
#:exec
|
||||
(format #f "~a %u" (in-vicinity #$output "bin/torbrowser"))
|
||||
#:comment
|
||||
"Tor Browser is +1 for privacy and -1 for mass surveillance"
|
||||
#:categories '("Network" "WebBrowser" "Security")
|
||||
#:startup-w-m-class "Tor Browser"
|
||||
#:icon "tor-browser"))))
|
||||
(replace 'install-icons
|
||||
(lambda* (#:key inputs #:allow-other-keys)
|
||||
(for-each
|
||||
(lambda (size)
|
||||
(let ((oldpath (string-append
|
||||
"browser/branding/tb-release/default"
|
||||
size ".png"))
|
||||
(newpath (string-append #$output
|
||||
"/share/icons/hicolor/"
|
||||
size "x" size "/apps")))
|
||||
(mkdir-p newpath)
|
||||
(copy-file oldpath
|
||||
(in-vicinity newpath "tor-browser.png"))))
|
||||
'("16" "22" "24" "32" "48" "64" "128" "256"))))))))
|
||||
(inputs
|
||||
(modify-inputs (package-inputs icecat-minimal)
|
||||
(append go-gitlab-torproject-org-tpo-anti-censorship-pluggable-transports-lyrebird
|
||||
tor-client)))
|
||||
(propagated-inputs
|
||||
(list noscript/icecat))
|
||||
(home-page "https://www.torproject.org")
|
||||
(synopsis "Anonymous browser derived from Mozilla Firefox")
|
||||
(description
|
||||
"Tor Browser is the Tor Project version of Firefox browser. It is the
|
||||
only recommended way to anonymously browse the web that is supported by the
|
||||
project. It modifies Firefox in order to avoid many know application level
|
||||
attacks on the privacy of Tor users.")
|
||||
(license license:mpl2.0))) ;And others, see
|
||||
;toolkit/content/license.html
|
||||
|
Loading…
Reference in New Issue
Block a user