diff options
5 files changed, 46 insertions, 6 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml index 612846122a7..a2a38da2b73 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml @@ -919,6 +919,16 @@ </listitem> <listitem> <para> + The <literal>element-desktop</literal> package now has an + <literal>useKeytar</literal> option (defaults to + <literal>true</literal>), which allows disabling + <literal>keytar</literal> and in turn + <literal>libsecret</literal> usage (which binds to native + credential managers / keychain libraries). + </para> + </listitem> + <listitem> + <para> The option <literal>services.thelounge.plugins</literal> has been added to allow installing plugins for The Lounge. Plugins can be found in diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index a8017f26708..aed8f1b1dd5 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -307,6 +307,10 @@ In addition to numerous new and upgraded packages, this release has the followin using `fetchgit` or `fetchhg` if the argument `fetchSubmodules` is set to `true`. +- The `element-desktop` package now has an `useKeytar` option (defaults to `true`), + which allows disabling `keytar` and in turn `libsecret` usage + (which binds to native credential managers / keychain libraries). + - The option `services.thelounge.plugins` has been added to allow installing plugins for The Lounge. Plugins can be found in `pkgs.theLoungePlugins.plugins` and `pkgs.theLoungePlugins.themes`. - The `firmwareLinuxNonfree` package has been renamed to `linux-firmware`. diff --git a/pkgs/applications/networking/instant-messengers/element/element-desktop.nix b/pkgs/applications/networking/instant-messengers/element/element-desktop.nix index d9683740667..c9b45b2f8b6 100644 --- a/pkgs/applications/networking/instant-messengers/element/element-desktop.nix +++ b/pkgs/applications/networking/instant-messengers/element/element-desktop.nix @@ -13,12 +13,15 @@ , AppKit , CoreServices , desktopToDarwinBundle +, useKeytar ? true }: let pinData = lib.importJSON ./pin.json; executableName = "element-desktop"; electron_exec = if stdenv.isDarwin then "${electron}/Applications/Electron.app/Contents/MacOS/Electron" else "${electron}/bin/electron"; + keytar = callPackage ./keytar { inherit Security AppKit; }; + seshat = callPackage ./seshat { inherit CoreServices; }; in mkYarnPackage rec { pname = "element-desktop"; @@ -39,8 +42,7 @@ mkYarnPackage rec { nativeBuildInputs = [ makeWrapper ] ++ lib.optionals stdenv.isDarwin [ desktopToDarwinBundle ]; - seshat = callPackage ./seshat { inherit CoreServices; }; - keytar = callPackage ./keytar { inherit Security AppKit; }; + inherit seshat; buildPhase = '' runHook preBuild @@ -51,12 +53,14 @@ mkYarnPackage rec { node ./scripts/copy-res.js popd rm -rf node_modules/matrix-seshat node_modules/keytar - ln -s $keytar node_modules/keytar + ${lib.optionalString useKeytar "ln -s ${keytar} node_modules/keytar"} ln -s $seshat node_modules/matrix-seshat runHook postBuild ''; installPhase = '' + runHook preInstall + # resources mkdir -p "$out/share/element" ln -s '${element-web}' "$out/share/element/webapp" @@ -83,6 +87,8 @@ mkYarnPackage rec { --set LD_PRELOAD ${sqlcipher}/lib/libsqlcipher.so \ --add-flags "$out/share/element/electron" \ --add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--enable-features=UseOzonePlatform --ozone-platform=wayland}}" + + runHook postInstall ''; # Do not attempt generating a tarball for element-web again. @@ -107,7 +113,20 @@ mkYarnPackage rec { ''; }; - passthru.updateScript = ./update.sh; + passthru = { + updateScript = ./update.sh; + + # TL;DR: keytar is optional while seshat isn't. + # + # This prevents building keytar when `useKeytar` is set to `false`, because + # if libsecret is unavailable (e.g. set to `null` or fails to build), then + # this package wouldn't even considered for building because + # "one of the dependencies failed to build", + # although the dependency wouldn't even be used. + # + # It needs to be `passthru` anyways because other packages do depend on it. + inherit keytar; + }; meta = with lib; { description = "A feature-rich client for Matrix.org"; diff --git a/pkgs/applications/networking/instant-messengers/element/keytar/default.nix b/pkgs/applications/networking/instant-messengers/element/keytar/default.nix index ae9627afe30..292b0dfa075 100644 --- a/pkgs/applications/networking/instant-messengers/element/keytar/default.nix +++ b/pkgs/applications/networking/instant-messengers/element/keytar/default.nix @@ -28,6 +28,7 @@ in stdenv.mkDerivation rec { }; buildPhase = '' + runHook preBuild cp ${./yarn.lock} ./yarn.lock chmod u+w . ./yarn.lock export HOME=$PWD/tmp @@ -37,16 +38,19 @@ in stdenv.mkDerivation rec { yarn install --offline --frozen-lockfile --ignore-platform --ignore-scripts --no-progress --non-interactive patchShebangs node_modules/ node_modules/.bin/node-gyp rebuild + runHook postBuild ''; doCheck = false; installPhase = '' + runHook preInstall shopt -s extglob rm -rf node_modules rm -rf $HOME mkdir -p $out cp -r ./!(build) $out install -D -t $out/build/Release build/Release/keytar.node + runHook postInstall ''; } diff --git a/pkgs/applications/networking/instant-messengers/element/seshat/default.nix b/pkgs/applications/networking/instant-messengers/element/seshat/default.nix index de38c7a90ba..5017f853117 100644 --- a/pkgs/applications/networking/instant-messengers/element/seshat/default.nix +++ b/pkgs/applications/networking/instant-messengers/element/seshat/default.nix @@ -27,6 +27,7 @@ in rustPlatform.buildRustPackage rec { }; buildPhase = '' + runHook preBuild cd .. chmod u+w . ./yarn.lock export HOME=$PWD/tmp @@ -36,16 +37,18 @@ in rustPlatform.buildRustPackage rec { yarn install --offline --frozen-lockfile --ignore-platform --ignore-scripts --no-progress --non-interactive patchShebangs node_modules/ node_modules/.bin/neon build --release + runHook postBuild ''; doCheck = false; installPhase = '' + runHook preInstall shopt -s extglob rm -rf native/!(index.node) - rm -rf node_modules - rm -rf $HOME + rm -rf node_modules $HOME cp -r . $out + runHook postInstall ''; cargoSha256 = pinData.cargoHash; |