From 456db0bb425c94568123276be0e8c110fb8bde4e Mon Sep 17 00:00:00 2001 From: Colin Date: Sat, 11 Nov 2023 05:15:05 +0000 Subject: [PATCH] build for nix do: ```console $ nix develop $ reprodocible ``` and note that this is not an offline build; it will need additional work to become *packaged* for nix. --- flake.lock | 60 ++++++++++++++++ flake.nix | 198 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 258 insertions(+) create mode 100644 flake.lock create mode 100644 flake.nix diff --git a/flake.lock b/flake.lock new file mode 100644 index 000000000..5cb3bcef4 --- /dev/null +++ b/flake.lock @@ -0,0 +1,60 @@ +{ + "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1699099776, + "narHash": "sha256-X09iKJ27mGsGambGfkKzqvw5esP1L/Rf8H3u3fCqIiU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "85f1ba3e51676fa8cc604a3d863d729026a6b8eb", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 000000000..2bfb9fe18 --- /dev/null +++ b/flake.nix @@ -0,0 +1,198 @@ +# use: +# - nix develop +# - mkdir cache-yarn ; rm -rf ~/.cache/yarn ; ln -s $(pwd)/cache-yarn ~/.cache/yarn +# - mkdir cache-node-gyp ; rm -rf ~/.cache/node-gyp ; ln -s $(pwd)/cache-node-gyp ~/.cache/node-gyp +# - mkdir cache-electron ; rm -rf ~/.cache/electron ; ln -s $(pwd)/cache-electron ~/.cache/electron +# - yarn install --frozen-lockfile --ignore-engines +# - yarn generate +# - yarn start (or, `electron .`) +# - patch-signal release/linux-unpacked/signal-desktop +# +# contributing.md recommends: +# > npm install --global yarn # Make sure you have have `yarn` +# > yarn install --frozen-lockfile # Install and build dependencies (this will take a while) +# > yarn generate # Generate final JS and CSS assets +# > yarn test # A good idea to make sure tests run first +# > yarn start # Start Signal! +# +# a build process which creates `release/linux-unpacked/signal-desktop`: +# - yarn generate +# - yarn build:esbuild:prod +# - yarn build:release +# +# .github/workflows/ci.yml linux build is: +# - yarn generate +# - yarn prepare-beta-build +# - yarn build:esbuild:prod +# - DISABLE_INSPECT_FUSE=on yarn build:release -- --publish=never +# - DISABLE_INSPECT_FUSE=on yarn build:release --linux dir +# - yarn test-node +# - ARTIFACTS_DIR=artifacts/linux LANG=en_US LANGUAGE=en_US yarn test-electron +# - NODE_ENV=production yarn test-release +# +# fix for specific problems: +# - linux cannot execute required file not found +# - patchelf --set-interpreter /nix/store/gqghjch4p1s69sv4mcjksb2kb65rwqjy-glibc-2.38-23/lib/ld-linux-x86-64.so.2 /home/colin/ref/repos/signalapp/Signal-Desktop/node_modules/electron/dist/electron +# - /home/colin/.cache/electron-builder/fpm/fpm-1.9.3-2.3.1-linux-x86_64/fpm: no such file or directory +# - change fpm's interpreter from #!/bin/bash to #!/bin/sh +# - do the same with the `ruby` packaged in fpm +# +# electron flags to consider +# - --no-sandbox +# - --no-zygote (fixes Zygote could not fork: process_type gpu-process numfds 3 child_pid -1) +# - --disable-gpu +{ + inputs = { + nixpkgs.url = "nixpkgs/nixos-unstable"; + flake-utils.url = github:numtide/flake-utils; + }; + outputs = { self, nixpkgs, flake-utils }: + with flake-utils.lib; eachSystem allSystems (system: + let + pkgs = import nixpkgs { inherit system; }; + nodejs_18_15_0 = pkgs.nodejs.overrideAttrs (upstream: + let + # 18.15.0 matches the version in package.json + version = "18.15.0"; + sha256 = "sha256-jkTWUBj/lzKEGVwjGGRpoOpAgul+xCAOX1cG1VhNqjc="; + in { + inherit version; + src = builtins.fetchurl { + url = "https://nodejs.org/dist/v${version}/node-v${version}.tar.xz"; + inherit sha256; + }; + }); + electronDeps = with pkgs; [ + # packages which electron dynamically links against + alsa-lib + atk + cairo + cups + dbus + expat + glib + gtk3 + libdrm + libxkbcommon + mesa + nss + nspr + pango + xorg.libX11 + xorg.libXfixes + xorg.libXext + xorg.libXcomposite + xorg.libXdamage + xorg.libXrandr + xorg.libxcb + + systemd # fixes "Zygote could not fork: process_type gpu-process" when launching signal-desktop + ]; + _7zaDeps = with pkgs; [ + libgcc.lib + ]; + fpmDeps = with pkgs; [ + libxcrypt-legacy + ]; + patch-interpreter = with pkgs; writeShellScriptBin "patch-interpreter" '' + patchelf --set-interpreter ${glibc}/lib/ld-linux-x86-64.so.2 $1 + ''; + patch-signal = with pkgs; writeShellScriptBin "patch-signal" '' + patchelf --add-needed ${nss}/lib/libnss3.so $1 + patchelf --add-needed ${nss}/lib/libnssutil3.so $1 + patchelf --add-needed ${nss}/lib/libsmime3.so $1 + patchelf --add-needed ${lib.getLib cups}/lib/libcups.so.2 $1 + patchelf --add-needed ${cairo}/lib/libcairo.so.2 $1 + patchelf --add-needed ${lib.getLib pango}/lib/libpango-1.0.so.0 $1 + patchelf --add-needed ${at-spi2-core}/lib/libatspi.so.0 $1 + patchelf --add-needed ${alsa-lib}/lib/libasound.so.2 $1 + patchelf --add-needed ${atk}/lib/libatk-1.0.so.0 $1 + patchelf --add-needed ${atk}/lib/libatk-bridge-2.0.so.0 $1 + patchelf --add-needed ${lib.getLib glib}/lib/libgobject-2.0.so.0 $1 + patchelf --add-needed ${lib.getLib glib}/lib/libglib-2.0.so.0 $1 + patchelf --add-needed ${lib.getLib glib}/lib/libgio-2.0.so.0 $1 + patchelf --add-needed ${gtk3}/lib/libgtk-3.so.0 $1 + patchelf --add-needed ${libdrm}/lib/libdrm.so.2 $1 + patchelf --add-needed ${nspr}/lib/libnspr4.so $1 + patchelf --add-needed ${xorg.libXfixes}/lib/libXfixes.so.3 $1 + patchelf --add-needed ${xorg.libXext}/lib/libXext.so.6 $1 + patchelf --add-needed ${xorg.libXcomposite}/lib/libXcomposite.so.1 $1 + patchelf --add-needed ${xorg.libXdamage}/lib/libXdamage.so.1 $1 + patchelf --add-needed ${xorg.libXrandr}/lib/libXrandr.so.2 $1 + patchelf --add-needed ${xorg.libxcb}/lib/libxcb.so.1 $1 + patchelf --add-needed ${xorg.libX11}/lib/libX11.so.6 $1 + patchelf --add-needed ${libxkbcommon}/lib/libxkbcommon.so.0 $1 + patchelf --add-needed ${expat}/lib/libexpat.so.1 $1 + patchelf --add-needed ${lib.getLib dbus}/lib/libdbus-1.so.3 $1 + patchelf --add-needed ${lib.getLib mesa}/lib/libgbm.so.1 $1 + ''; + clean = with pkgs; writeShellScriptBin "clean" '' + rm -rf \ + cache-* \ + node_modules \ + preload.bundle.js \ + release/ \ + .eslintcache \ + bundles \ + ts/protobuf/compiled.d.ts \ + ''; + link-caches = with pkgs; writeShellScriptBin "link-caches" '' + mkdir cache-yarn ; rm -rf ~/.cache/yarn ; ln -s $(pwd)/cache-yarn ~/.cache/yarn + mkdir cache-node-gyp ; rm -rf ~/.cache/node-gyp ; ln -s $(pwd)/cache-node-gyp ~/.cache/node-gyp + mkdir cache-electron ; rm -rf ~/.cache/electron ; ln -s $(pwd)/cache-electron ~/.cache/electron + mkdir cache-ms-playwright ; rm -rf ~/.cache/ms-playwright ; ln -s $(pwd)/cache-ms-playwright ~/.cache/ms-playwright + ''; + # run this to clean state, and then build + run Signal in a way which i know WORKS. + # you should land at the Signal pairing screen at the end of the command. + reproducible = with pkgs; writeShellScriptBin "reproducible" '' + clean + link-caches + yarn install --frozen-lockfile + yarn generate + yarn build:esbuild:prod + patch-interpreter node_modules/electron/dist/electron + yarn start + ''; + in { + devShells.default = with pkgs; mkShell { + env.LD_LIBRARY_PATH = builtins.concatStringsSep ":" (builtins.map + (pkg: "${lib.getLib pkg}/lib") + (electronDeps ++ _7zaDeps ++ fpmDeps) + ); + buildInputs = [ + clean + link-caches + patch-interpreter + patch-signal + reproducible + + # yarn + (yarn.override { nodejs = nodejs_18_15_0; }) + nodejs_18_15_0 # needed for `yarn install` bettersqlite step + + # ruby # needed by fpm (?) + + # this seems to all not be needed, thanks to LD_LIBRARY_PATH above + # alsa-lib # necessary? + # at-spi2-atk + # at-spi2-core + # atk + # cups + # # electron + # flac + # gdk-pixbuf + # gtk3 + # libpulseaudio + # libwebp + # libxslt + # mesa # for libgbm + # nspr + # nss + # pango + ]; + }; + } + ) + ; +} +