signal-desktop-from-src: clean up a bit
still doesn't run, but the build process is cleaner
This commit is contained in:
parent
4150fab10b
commit
15cade99e7
|
@ -1,67 +1,50 @@
|
|||
# arch package:
|
||||
# - <https://gitlab.archlinux.org/archlinux/packaging/packages/signal-desktop/-/blob/main/PKGBUILD?ref_type=heads>
|
||||
# - builds with `yarn generate; yarn build`
|
||||
# alpine package:
|
||||
# - <https://gitlab.alpinelinux.org/alpine/aports/-/blob/master/testing/signal-desktop/APKBUILD?ref_type=heads>
|
||||
# - more involved build process, apparently to reuse deps shared with other parts of the OS:
|
||||
# - manually build signal's webrtc using ninja
|
||||
# - manually build signal's ringrtc using yarn
|
||||
# - manually build libsignal with yarn, cargo and cbindgen
|
||||
# - yarn build:acknowledgments
|
||||
# - yarn patch-package
|
||||
# - npm rebuild esbuild # apparently esbuild is to be used later in the build process
|
||||
# - yarn build:dev
|
||||
# - yarn install
|
||||
# - then it `mv`s and `patch`s a bunch of stuff
|
||||
# - tasje pack
|
||||
#
|
||||
# signal uses typescript, javascript, and electron
|
||||
# - no node, npm
|
||||
#
|
||||
# nix provides:
|
||||
# - yarn2nix
|
||||
# - mkYarnPackage
|
||||
# - mkYarnModules, and then invoke the rest of the build manually
|
||||
# - that's what i do in browserpass-extension
|
||||
#
|
||||
# comment about the "Couldn't find any versions ..." bug:
|
||||
# - <https://discourse.nixos.org/t/mkyarnpackage-lockfile-has-incorrect-entry/21586/3>
|
||||
# - "don't use mkYarnPackage"
|
||||
#
|
||||
# build failure: "Error: Could not detect abi for version 26.4.0 and runtime electron. Updating "node-abi" might help solve this issue if it is a new release of electron"
|
||||
# - signal 6.36.0 pins node-abi to 2.21.0, which only goes up to electron 13!!
|
||||
# - signal-desktop also uses node-abi 2.21.0...
|
||||
# - this seems to actually be a recoverable error? i don't think it's the point at which it's bailing.
|
||||
#
|
||||
# build failure:
|
||||
# Fusing electron at /build/source/dist/linux-unpacked/signal-desktop inspect-arguments=false
|
||||
# ⨯ EACCES: permission denied, open '/build/source/dist/linux-unpacked/signal-desktop' failedTask=build stackTrace=Error: EACCES: permission denied, open '/build/source/dist/linux-unpacked/signal-desktop'
|
||||
# - this file DOES exist. it's executable (555).
|
||||
# - segfaults when invoked:
|
||||
# ```
|
||||
# Thread 1 "signal-desktop" received signal SIGTRAP, Trace/breakpoint trap.
|
||||
# 0x000055555c2f6eb0 in sandbox::SetuidSandboxHost::GetSandboxBinaryPath() ()
|
||||
# (gdb) c
|
||||
# Continuing.
|
||||
#
|
||||
# Thread 1 "signal-desktop" received signal SIGILL, Illegal instruction.
|
||||
# 0x000055555c2f6eb0 in sandbox::SetuidSandboxHost::GetSandboxBinaryPath() ()
|
||||
# (gdb) c
|
||||
# Continuing.
|
||||
# [Thread 0x7ffff39626c0 (LWP 1805441) exited]
|
||||
#
|
||||
# Program terminated with signal SIGILL, Illegal instruction.
|
||||
# The program no longer exists.
|
||||
# (gdb)
|
||||
# ```
|
||||
# - this file is created by the yarn build:electron invocation: it doesn't exist after build:esbuild:prod.
|
||||
# - running this step a second time produces the identical error
|
||||
# - running it a second time, with `chmod 777` in between produces identical error
|
||||
# - /build/source/dist/linux-unpacked/ is simply a copy of /nix/store/2harqvx80ddx7p9y26m1zds2hk4br298-electron-25.9.1/libexec/electron/ but with `electron` renamed `signal-desktop`.
|
||||
# - i think it's trying to do some edit-in-place thing
|
||||
#
|
||||
#
|
||||
# about build failure:
|
||||
# > Fusing electron at /build/source/release/linux-unpacked/signal-desktop inspect-arguments=false
|
||||
# > ⨯ EACCES: permission denied, open '/build/source/release/linux-unpacked/signal-desktop' failedTask=build stackTrace=Error: EACCES: permission denied, open '/build/source/release/linux-unpacked/signal-desktop'
|
||||
# - "Fusing electron" message comes from within signal-desktop repo: <ts/scripts/fuse-electron.ts>
|
||||
# - error exists for electron_25 and electron 27 (26 untested)
|
||||
# - probably happens because the file referenced is rx, not rwx
|
||||
# - call chain is (probably):
|
||||
# - package.json["afterPack"]
|
||||
# - ts/scripts/after-pack.ts:afterPack
|
||||
# - pruneMacOSRelease (succeeds)
|
||||
# - ts/scripts/fuse-electron.ts:afterPack
|
||||
# - flipFuses (from within electron library)
|
||||
# ^ EACCES
|
||||
# - copyPacks (never runs)
|
||||
# - so we lose the "fusing" (electron environment configurations), and the language packs, and that's *probably* all.
|
||||
# - but can't REALLY be sure, what steps would normally follow electron-builder?
|
||||
{ lib
|
||||
# , fetchYarnDeps
|
||||
# , mkYarnPackage
|
||||
# , mkYarnModules
|
||||
, callPackage
|
||||
# , electron_26
|
||||
, electron_25
|
||||
# , electron
|
||||
, fetchFromGitHub
|
||||
# , fetchYarnDeps
|
||||
, fixup_yarn_lock
|
||||
, makeWrapper
|
||||
, nodejs
|
||||
, python3
|
||||
, srcOnly
|
||||
, stdenv
|
||||
, yarn
|
||||
}:
|
||||
|
@ -72,46 +55,7 @@ let
|
|||
# alpine builds signal-desktop using its default electron version, i.e. 27.0.2
|
||||
# electron = electron_26;
|
||||
electron = electron_25;
|
||||
# nodeSources = srcOnly nodejs;
|
||||
in
|
||||
# mkYarnPackage rec {
|
||||
# pname = "signal-desktop-from-src";
|
||||
# version = "6.36.0";
|
||||
# src = fetchFromGitHub {
|
||||
# owner = "signalapp";
|
||||
# repo = "Signal-Desktop";
|
||||
# rev = "v${version}";
|
||||
# hash = "sha256-86x6OeQAMN5vhLaAphnAfSWeRgUh0wAeZFzxue8otDQ=";
|
||||
# };
|
||||
#
|
||||
# # to update:
|
||||
# # - `cp ~/ref/repos/signalapp/Signal-Desktop/{package.json,yarn.lock} .`
|
||||
# # - `nix run '.#yarn2nix' > yarn.nix`
|
||||
# packageJSON = ./package.json;
|
||||
# yarnLock = ./yarn.lock;
|
||||
# # yarnLock = "${src}/yarn.lock";
|
||||
# yarnNix = ./yarn.nix;
|
||||
# offlineCache = fetchYarnDeps {
|
||||
# yarnLock = "${src}/yarn.lock";
|
||||
# hash = "sha256-AXT6p5lgF0M9ckoxiAvT1HaJhUWVtwEOadY4otdeB0Q=";
|
||||
# };
|
||||
#
|
||||
# # buildPhase = ''
|
||||
# # runHook preBuild
|
||||
# # yarn --offline build
|
||||
# # runHook postBuild
|
||||
# # '';
|
||||
#
|
||||
# # doDist = false;
|
||||
# }
|
||||
# mkYarnModules rec {
|
||||
# version = "6.36.0";
|
||||
# pname = "signal-desktop-from-src-modules";
|
||||
# packageJSON = ./package.json;
|
||||
# yarnLock = ./yarn.lock;
|
||||
# yarnNix = ./yarn.nix;
|
||||
# }
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "signal-desktop-from-src";
|
||||
version = "6.36.0";
|
||||
|
@ -125,19 +69,40 @@ stdenv.mkDerivation rec {
|
|||
nativeBuildInputs = [
|
||||
fixup_yarn_lock
|
||||
makeWrapper
|
||||
nodejs
|
||||
nodejs # possibly i could instead use nodejs-slim
|
||||
python3
|
||||
yarn
|
||||
# nodejs-slim
|
||||
];
|
||||
buildInputs = [
|
||||
electron
|
||||
];
|
||||
|
||||
# to update:
|
||||
# - `cp ~/ref/repos/signalapp/Signal-Desktop/{package.json,yarn.lock} .`
|
||||
# - `nix run '.#yarn2nix' > yarn.nix`
|
||||
env.yarnOfflineCache = (callPackage ./yarn.nix {}).offline_cache;
|
||||
# alternative method, which bypasses yarn2nix
|
||||
# env.yarnOfflineCache = fetchYarnDeps {
|
||||
# # this might be IFD: if `nix run '.#check.nur'` fails then inline the lock: `yarnLock = ./yarn.lock`
|
||||
# yarnLock = "${src}/yarn.lock";
|
||||
# hash = "sha256-AXT6p5lgF0M9ckoxiAvT1HaJhUWVtwEOadY4otdeB0Q=";
|
||||
# };
|
||||
env.ELECTRON_SKIP_BINARY_DOWNLOAD = "1";
|
||||
|
||||
postPatch = ''
|
||||
# fixes build failure:
|
||||
# > Fusing electron at /build/source/release/linux-unpacked/signal-desktop inspect-arguments=false
|
||||
# > ⨯ EACCES: permission denied, open '/build/source/release/linux-unpacked/signal-desktop' failedTask=build stackTrace=Error: EACCES: permission denied, open '/build/source/release/linux-unpacked/signal-desktop'
|
||||
# electron "fusing" (electron.flipFuses) seems to be configuring which functionality electron will support at runtime.
|
||||
# notably: ELECTRON_RUN_AS_NODE, cookie encryption, NODE_OPTIONS env var, --inspect-* CLI args, app.asar validation
|
||||
# skipping the fuse process seems relatively inconsequential
|
||||
substituteInPlace ts/scripts/after-pack.ts \
|
||||
--replace 'await fuseElectron' '//await fuseElectron'
|
||||
'';
|
||||
|
||||
configurePhase = ''
|
||||
runHook preConfigure
|
||||
|
||||
export HOME=$NIX_BUILD_TOP
|
||||
yarn config --offline set yarn-offline-mirror $yarnOfflineCache
|
||||
fixup_yarn_lock yarn.lock
|
||||
|
@ -145,6 +110,8 @@ stdenv.mkDerivation rec {
|
|||
# yarn install creates the node_modules/ directory
|
||||
yarn install --offline --frozen-lockfile --ignore-scripts --ignore-engines
|
||||
patchShebangs node_modules/
|
||||
|
||||
runHook postConfigure
|
||||
'';
|
||||
|
||||
# excerpts from package.json:
|
||||
|
@ -162,22 +129,8 @@ stdenv.mkDerivation rec {
|
|||
#
|
||||
# - "build:dev": "run-s --print-label generate build:esbuild:prod"
|
||||
#
|
||||
# arch just calls `yarn generate; yarn build`.
|
||||
#
|
||||
# alpine is much more involved, to reuse their dependencies instead of duplicating stuff.
|
||||
# - manually build signal's webrtc using ninja
|
||||
# - manually build signal's ringrtc using yarn
|
||||
# - manually build libsignal with yarn, cargo and cbindgen
|
||||
# - yarn build:acknowledgments
|
||||
# - yarn patch-package
|
||||
# - npm rebuild esbuild # apparently esbuild is to be used later in the build process
|
||||
# - yarn build:dev
|
||||
# - yarn install
|
||||
# - then it `mv`s and `patch`s a bunch of stuff
|
||||
# - tasje pack
|
||||
#
|
||||
# for the electron parts, it calls npm with --nodedir=/usr/lib/electron/node_headers
|
||||
# - yarn electron-builder doesn't understand --nodedir
|
||||
# i can't call toplevel `yarn build` because it doesn't properly forward the `--offline` flags where they need to go.
|
||||
# instead i call each step individually.
|
||||
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
|
@ -188,7 +141,6 @@ stdenv.mkDerivation rec {
|
|||
ln -sfv "${nodejs}/include" "$HOME/.node-gyp/${nodejs.version}"
|
||||
export npm_config_nodedir=${nodejs}
|
||||
|
||||
# yarn build --offline --frozen-lockfile --ignore-scripts --ignore-engines
|
||||
# yarn generate:
|
||||
yarn build-module-protobuf --offline --frozen-lockfile --ignore-scripts --ignore-engines
|
||||
yarn build:esbuild --offline --frozen-lockfile --ignore-scripts --ignore-engines
|
||||
|
@ -197,34 +149,26 @@ stdenv.mkDerivation rec {
|
|||
yarn copy-components
|
||||
|
||||
yarn build:esbuild:prod --offline --frozen-lockfile --ignore-scripts --ignore-engines
|
||||
# yarn build:release --offline --frozen-lockfile --ignore-scripts --ignore-engines
|
||||
# yarn build:release
|
||||
|
||||
echo "build:electron: invocation 1"
|
||||
SIGNAL_ENV=production yarn build:electron \
|
||||
--dir \
|
||||
yarn build:release \
|
||||
${if stdenv.isDarwin then "--macos" else "--linux"} ${if stdenv.hostPlatform.isAarch64 then "--arm64" else "--x64"} \
|
||||
-c.electronDist=${electron}/libexec/electron \
|
||||
-c.electronVersion=${electron.version} || true
|
||||
-c.electronVersion=${electron.version} \
|
||||
--dir
|
||||
|
||||
# chmod 777 /build/source/dist/linux-unpacked/signal-desktop
|
||||
|
||||
# echo "build:electron: invocation 2"
|
||||
# SIGNAL_ENV=production yarn build:electron \
|
||||
# --dir
|
||||
# SIGNAL_ENV=production yarn --offline electron-builder -- \
|
||||
# ${if stdenv.isDarwin then "--macos" else "--linux"} ${if stdenv.hostPlatform.isAarch64 then "--arm64" else "--x64"} \
|
||||
# -c.electronDist=${electron}/libexec/electron \
|
||||
# -c.electronVersion=${electron.version}
|
||||
# SIGNAL_ENV=production yarn --offline --frozen-lockfile --ignore-scripts --ignore-engines electron-builder \
|
||||
# --dir ${if stdenv.isDarwin then "--macos" else "--linux"} ${if stdenv.hostPlatform.isAarch64 then "--arm64" else "--x64"} \
|
||||
# -c.electronVersion=${electron.version} \
|
||||
# --dir \
|
||||
# --config.directories.output=release \
|
||||
# --config.extraMetadata.environment=production \
|
||||
# --config.extraMetadata.environment=production
|
||||
# SIGNAL_ENV=production ./node_modules/.bin/electron-builder \
|
||||
# -c.electronDist=${electron}/libexec/electron \
|
||||
# -c.electronVersion=${electron.version}
|
||||
# SIGNAL_ENV=production electron-builder \
|
||||
# --dir ${if stdenv.isDarwin then "--macos" else "--linux"} ${if stdenv.hostPlatform.isAarch64 then "--arm64" else "--x64"} \
|
||||
# -c.electronVersion=${electron.version} \
|
||||
# --dir \
|
||||
# --config.directories.output=release \
|
||||
# --config.extraMetadata.environment=production \
|
||||
# -c.electronDist=${electron}/libexec/electron \
|
||||
# -c.electronVersion=${electron.version}
|
||||
# --config.extraMetadata.environment=production
|
||||
|
||||
runHook postBuild
|
||||
'';
|
||||
|
@ -234,8 +178,8 @@ stdenv.mkDerivation rec {
|
|||
|
||||
# directory structure follows the original `signal-desktop` nix package
|
||||
mkdir -p $out/lib/Signal
|
||||
cp -R dist/linux-unpacked/resources $out/lib/Signal/resources
|
||||
cp -R dist/linux-unpacked/locales $out/lib/Signal/locales
|
||||
cp -R release/linux-unpacked/resources $out/lib/Signal/resources
|
||||
cp -R release/linux-unpacked/locales $out/lib/Signal/locales
|
||||
|
||||
makeWrapper ${electron}/bin/electron $out/bin/signal-desktop \
|
||||
--add-flags $out/lib/Signal/resources/app.asar \
|
||||
|
|
Loading…
Reference in New Issue
Block a user