| blob | 3361d4e92d9c301edc31501518b8d02e109276d1 |
1 {
2 lib,
3 stdenv,
4 pname,
5 version,
6 src,
7 meta,
8 makeShellWrapper,
9 wrapGAppsHook3,
10 alsa-lib,
11 at-spi2-atk,
12 at-spi2-core,
13 atk,
14 cairo,
15 cups,
16 dbus,
17 expat,
18 gdk-pixbuf,
19 glib,
20 gtk3,
21 libX11,
22 libXcomposite,
23 libXdamage,
24 libXext,
25 libXfixes,
26 libXrandr,
27 libdrm,
28 libxcb,
29 libxkbcommon,
30 libxshmfence,
31 libGL,
32 libappindicator-gtk3,
33 mesa,
34 nspr,
35 nss,
36 pango,
37 systemd,
38 udev,
39 xdg-utils,
41 # The 1Password polkit file requires a list of users for whom polkit
42 # integrations should be enabled. This should be a list of strings that
43 # correspond to usernames.
44 polkitPolicyOwners ? [ ],
45 }:
46 let
47 # Convert the polkitPolicyOwners variable to a polkit-compatible string for the polkit file.
48 policyOwners = lib.concatStringsSep " " (map (user: "unix-user:${user}") polkitPolicyOwners);
50 in
51 stdenv.mkDerivation {
52 inherit
53 pname
54 version
55 src
56 meta
57 ;
59 nativeBuildInputs = [
60 makeShellWrapper
61 wrapGAppsHook3
62 ];
63 buildInputs = [ glib ];
65 dontConfigure = true;
66 dontBuild = true;
67 dontPatchELF = true;
68 dontWrapGApps = true;
70 installPhase =
71 let
72 rpath =
73 lib.makeLibraryPath [
74 alsa-lib
75 at-spi2-atk
76 at-spi2-core
77 atk
78 cairo
79 cups
80 dbus
81 expat
82 gdk-pixbuf
83 glib
84 gtk3
85 libX11
86 libXcomposite
87 libXdamage
88 libXext
89 libXfixes
90 libXrandr
91 libdrm
92 libxcb
93 libxkbcommon
94 libxshmfence
95 libGL
96 libappindicator-gtk3
97 mesa
98 nspr
99 nss
100 pango
101 systemd
102 ]
103 + ":${stdenv.cc.cc.lib}/lib64";
104 in
105 ''
106 runHook preInstall
108 mkdir -p $out/bin $out/share/1password
109 cp -a * $out/share/1password
111 # Desktop file
112 install -Dt $out/share/applications resources/${pname}.desktop
113 substituteInPlace $out/share/applications/${pname}.desktop \
114 --replace 'Exec=/opt/1Password/${pname}' 'Exec=${pname}'
116 ''
117 + (lib.optionalString (polkitPolicyOwners != [ ]) ''
118 # Polkit file
119 mkdir -p $out/share/polkit-1/actions
120 substitute com.1password.1Password.policy.tpl $out/share/polkit-1/actions/com.1password.1Password.policy --replace "\''${POLICY_OWNERS}" "${policyOwners}"
121 '')
122 + ''
124 # Icons
125 cp -a resources/icons $out/share
127 interp="$(cat $NIX_CC/nix-support/dynamic-linker)"
128 patchelf --set-interpreter $interp $out/share/1password/{1password,1Password-BrowserSupport,1Password-LastPass-Exporter,op-ssh-sign}
129 patchelf --set-rpath ${rpath}:$out/share/1password $out/share/1password/{1password,1Password-BrowserSupport,1Password-LastPass-Exporter,op-ssh-sign}
130 for file in $(find $out -type f -name \*.so\* ); do
131 patchelf --set-rpath ${rpath}:$out/share/1password $file
132 done
134 ln -s $out/share/1password/op-ssh-sign $out/bin/op-ssh-sign
136 runHook postInstall
137 '';
139 preFixup = ''
140 # makeWrapper defaults to makeBinaryWrapper due to wrapGAppsHook
141 # but we need a shell wrapper specifically for `NIXOS_OZONE_WL`.
142 # Electron is trying to open udev via dlopen()
143 # and for some reason that doesn't seem to be impacted from the rpath.
144 # Adding udev to LD_LIBRARY_PATH fixes that.
145 # Make xdg-open overrideable at runtime.
146 makeShellWrapper $out/share/1password/1password $out/bin/1password \
147 "''${gappsWrapperArgs[@]}" \
148 --suffix PATH : ${lib.makeBinPath [ xdg-utils ]} \
149 --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ udev ]}
150 # Currently half broken on wayland (e.g. no copy functionality)
151 # See: https://github.com/NixOS/nixpkgs/pull/232718#issuecomment-1582123406
152 # Remove this comment when upstream fixes:
153 # https://1password.community/discussion/comment/624011/#Comment_624011
154 #--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --enable-features=WaylandWindowDecorations}}"
155 '';
156 }