diff --git a/pkgs/applications/networking/browsers/chromium/README.md b/pkgs/applications/networking/browsers/chromium/README.md index c543ded56452..ae5b4a1c97cb 100644 --- a/pkgs/applications/networking/browsers/chromium/README.md +++ b/pkgs/applications/networking/browsers/chromium/README.md @@ -31,16 +31,6 @@ update `upstream-info.nix`. After updates it is important to test at least `nixosTests.chromium` (or basic manual testing) and `google-chrome` (which reuses `upstream-info.nix`). -Note: Due to the script downloading many large tarballs it might be -necessary to adjust the available tmpfs size (it defaults to 10% of the -systems memory) - -```nix -services.logind.extraConfig = '' - RuntimeDirectorySize=4G -''; -``` - Note: The source tarball is often only available a few hours after the release was announced. The CI/CD status can be tracked here: - https://ci.chromium.org/p/infra/builders/cron/publish_tarball diff --git a/pkgs/applications/networking/browsers/chromium/common.nix b/pkgs/applications/networking/browsers/chromium/common.nix index ec355dccd193..0798be9372e9 100644 --- a/pkgs/applications/networking/browsers/chromium/common.nix +++ b/pkgs/applications/networking/browsers/chromium/common.nix @@ -1,5 +1,5 @@ { stdenv, lib, fetchurl, fetchpatch -, fetchzip, zstd +, recompressTarball , buildPackages , pkgsBuildBuild , pkgsBuildTarget @@ -148,33 +148,6 @@ let else throw "no chromium Rosetta Stone entry for os: ${platform.config}"; }; - recompressTarball = { version, hash ? "" }: fetchzip { - name = "chromium-${version}.tar.zstd"; - url = "https://commondatastorage.googleapis.com/chromium-browser-official/chromium-${version}.tar.xz"; - inherit hash; - - nativeBuildInputs = [ zstd ]; - - postFetch = '' - echo removing unused code from tarball to stay under hydra limit - rm -r $out/third_party/{rust-src,llvm} - - echo moving remains out of \$out - mv $out source - - echo recompressing final contents into new tarball - # try to make a deterministic tarball - tar \ - --use-compress-program "zstd -T$NIX_BUILD_CORES" \ - --sort name \ - --mtime 1970-01-01 \ - --owner=root --group=root \ - --numeric-owner --mode=go=rX,u+rw,a-s \ - -cf $out source - ''; - }; - - base = rec { pname = "${lib.optionalString ungoogled "ungoogled-"}${packageName}-unwrapped"; inherit (upstream-info) version; diff --git a/pkgs/applications/networking/browsers/chromium/default.nix b/pkgs/applications/networking/browsers/chromium/default.nix index f592344bdf65..9da0f725ed56 100644 --- a/pkgs/applications/networking/browsers/chromium/default.nix +++ b/pkgs/applications/networking/browsers/chromium/default.nix @@ -59,6 +59,7 @@ let inherit (upstream-info.deps.gn) url rev hash; }; }); + recompressTarball = callPackage ./recompress-tarball.nix { }; }); browser = callPackage ./browser.nix { diff --git a/pkgs/applications/networking/browsers/chromium/recompress-tarball.nix b/pkgs/applications/networking/browsers/chromium/recompress-tarball.nix new file mode 100644 index 000000000000..0e77dd230f65 --- /dev/null +++ b/pkgs/applications/networking/browsers/chromium/recompress-tarball.nix @@ -0,0 +1,47 @@ +{ zstd +, fetchurl +}: + +{ version +, hash ? "" +, ... +} @ args: + +fetchurl ({ + name = "chromium-${version}.tar.zstd"; + url = "https://commondatastorage.googleapis.com/chromium-browser-official/chromium-${version}.tar.xz"; + inherit hash; + + # chromium xz tarballs are multiple gigabytes big and are sometimes downloaded multiples + # times for different versions as part of our update script. + # We originally inherited fetchzip's default for downloadToTemp (true). + # Given the size of the /run/user tmpfs used defaults to logind's RuntimeDirectorySize=, + # which in turn defaults to 10% of the total amount of physical RAM, this often lead to + # "no space left" errors, eventually resulting in its own section in our chromium + # README.md (for users wanting to run the update script). + # Nowadays, we use fetchurl instead of fetchzip, which defaults to false instead of true. + # We just want to be explicit and provide a place to document the history and reasoning + # behind this. + downloadToTemp = false; + + nativeBuildInputs = [ zstd ]; + + postFetch = '' + cat "$downloadedFile" \ + | xz -d --threads=$NIX_BUILD_CORES \ + | tar xf - \ + --warning=no-timestamp \ + --one-top-level=source \ + --exclude=third_party/llvm \ + --exclude=third_party/rust-src \ + --strip-components=1 + + tar \ + --use-compress-program "zstd -T$NIX_BUILD_CORES" \ + --sort name \ + --mtime "1970-01-01" \ + --owner=root --group=root \ + --numeric-owner --mode=go=rX,u+rw,a-s \ + -cf $out source + ''; +} // removeAttrs args [ "version" ]) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.nix b/pkgs/applications/networking/browsers/chromium/upstream-info.nix index eadcefe71bdc..b42880020653 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.nix +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.nix @@ -15,9 +15,9 @@ version = "2023-10-23"; }; }; - hash = "sha256-+T2TOLwIwFxVDae7MFDZrjREGF+3Zx2xt/Dlu7uZggc="; - hash_deb_amd64 = "sha256-0FB1gTbsjqFRy0ocE0w5ACtD9kSJ5AMnxg+qBxqCulc="; - version = "120.0.6099.129"; + hash = "sha256-lT1CCwYj0hT4tCJb689mZwNecUsEwcfn2Ot8r9LBT+M="; + hash_deb_amd64 = "sha256-4BWLn0+gYNWG4DsolbY6WlTvXWl7tZIZrnqXlrGUGjQ="; + version = "120.0.6099.199"; }; ungoogled-chromium = { deps = { @@ -28,12 +28,12 @@ version = "2023-10-23"; }; ungoogled-patches = { - hash = "sha256-kVhAa/+RnYEGy7McysqHsb3ysPIILnxGXe6BTLbioQk="; - rev = "120.0.6099.129-1"; + hash = "sha256-B1MNo8BdjMOmTvIr4uu3kg/MO1t+YLQz2S23L4Cye3E="; + rev = "120.0.6099.199-1"; }; }; - hash = "sha256-+T2TOLwIwFxVDae7MFDZrjREGF+3Zx2xt/Dlu7uZggc="; - hash_deb_amd64 = "sha256-0FB1gTbsjqFRy0ocE0w5ACtD9kSJ5AMnxg+qBxqCulc="; - version = "120.0.6099.129"; + hash = "sha256-lT1CCwYj0hT4tCJb689mZwNecUsEwcfn2Ot8r9LBT+M="; + hash_deb_amd64 = "sha256-4BWLn0+gYNWG4DsolbY6WlTvXWl7tZIZrnqXlrGUGjQ="; + version = "120.0.6099.199"; }; }