1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
|
{ lib, stdenv, requireFile, makeWrapper, autoPatchelfHook, wrapGAppsHook, which, more
, file, atk, alsa-lib, cairo, fontconfig, gdk-pixbuf, glib, gnome, gtk2-x11, gtk3
, heimdal, krb5, libsoup, libvorbis, speex, openssl, zlib, xorg, pango, gtk2
, gnome2, mesa, nss, nspr, gtk_engines, freetype, dconf, libpng12, libxml2
, libjpeg, libredirect, tzdata, cacert, systemd, libcxxabi, libcxx, e2fsprogs, symlinkJoin
, libpulseaudio, pcsclite
, homepage, version, prefix, hash
, extraCerts ? []
}:
let
openssl' = symlinkJoin {
name = "openssl-backwards-compat";
nativeBuildInputs = [ makeWrapper ];
paths = [ openssl.out ];
postBuild = ''
ln -sf $out/lib/libcrypto.so $out/lib/libcrypto.so.1.0.0
ln -sf $out/lib/libssl.so $out/lib/libssl.so.1.0.0
'';
};
in
stdenv.mkDerivation rec {
pname = "citrix-workspace";
inherit version;
src = requireFile rec {
name = "${prefix}-${version}.tar.gz";
sha256 = hash;
message = ''
In order to use Citrix Workspace, you need to comply with the Citrix EULA and download
the ${if stdenv.is64bit then "64-bit" else "32-bit"} binaries, .tar.gz from:
${homepage}
(if you do not find version ${version} there, try at
https://www.citrix.com/downloads/workspace-app/
Once you have downloaded the file, please use the following command and re-run the
installation:
nix-prefetch-url file://\$PWD/${name}
'';
};
dontBuild = true;
dontConfigure = true;
sourceRoot = ".";
preferLocalBuild = true;
passthru.icaroot = "${placeholder "out"}/opt/citrix-icaclient";
nativeBuildInputs = [
autoPatchelfHook
file
makeWrapper
more
which
wrapGAppsHook
];
buildInputs = [
alsa-lib
atk
cairo
dconf
fontconfig
freetype
gdk-pixbuf
gnome2.gtkglext
gnome.webkitgtk
gtk2
gtk2-x11
gtk3
gtk_engines
heimdal
krb5
libcxx
libcxxabi
libjpeg
libpng12
libsoup
libvorbis
libxml2
mesa
nspr
nss
openssl'
pango
speex
(lib.getLib systemd)
stdenv.cc.cc
xorg.libXaw
xorg.libXmu
xorg.libXScrnSaver
xorg.libXtst
zlib
] ++ lib.optional (lib.versionOlder version "20.04") e2fsprogs
++ lib.optional (lib.versionAtLeast version "20.10") libpulseaudio;
runtimeDependencies = [
glib
pcsclite
xorg.libX11
xorg.libXScrnSaver
xorg.libXext
xorg.libXfixes
xorg.libXinerama
xorg.libXmu
xorg.libXrender
xorg.libXtst
xorg.libxcb
];
installPhase = let
icaFlag = program:
if (builtins.match "selfservice(.*)" program) != null then "--icaroot"
else "-icaroot";
wrap = program: ''
wrapProgram $out/opt/citrix-icaclient/${program} \
--add-flags "${icaFlag program} $ICAInstDir" \
--set ICAROOT "$ICAInstDir" \
--prefix LD_LIBRARY_PATH : "$ICAInstDir:$ICAInstDir/lib" \
--set LD_PRELOAD "${libredirect}/lib/libredirect.so" \
--set NIX_REDIRECTS "/usr/share/zoneinfo=${tzdata}/share/zoneinfo:/etc/zoneinfo=${tzdata}/share/zoneinfo:/etc/timezone=$ICAInstDir/timezone"
'';
wrapLink = program: ''
${wrap program}
ln -sf $out/opt/citrix-icaclient/${program} $out/bin/${baseNameOf program}
'';
copyCert = path: ''
cp -v ${path} $out/opt/citrix-icaclient/keystore/cacerts/${baseNameOf path}
'';
mkWrappers = lib.concatMapStringsSep "\n";
toWrap = [ "wfica" "selfservice" "util/configmgr" "util/conncenter" "util/ctx_rehash" ]
++ lib.optional (lib.versionOlder version "20.06") "selfservice_old";
in ''
runHook preInstall
mkdir -p $out/{bin,share/applications}
export ICAInstDir="$out/opt/citrix-icaclient"
export HOME=$(mktemp -d)
# Run upstream installer in the store-path.
sed -i -e 's,^ANSWER="",ANSWER="$INSTALLER_YES",g' -e 's,/bin/true,true,g' ./${prefix}/hinst
${stdenv.shell} ${prefix}/hinst CDROM "$(pwd)"
if [ -f "$ICAInstDir/util/setlog" ]; then
chmod +x "$ICAInstDir/util/setlog"
ln -sf "$ICAInstDir/util/setlog" "$out/bin/citrix-setlog"
fi
${mkWrappers wrapLink toWrap}
${mkWrappers wrap [ "PrimaryAuthManager" "ServiceRecord" "AuthManagerDaemon" "util/ctxwebhelper" ]}
ln -sf $ICAInstDir/util/storebrowse $out/bin/storebrowse
# As explained in https://wiki.archlinux.org/index.php/Citrix#Security_Certificates
echo "Expanding certificates..."
pushd "$ICAInstDir/keystore/cacerts"
awk 'BEGIN {c=0;} /BEGIN CERT/{c++} { print > "cert." c ".pem"}' \
< ${cacert}/etc/ssl/certs/ca-bundle.crt
popd
${mkWrappers copyCert extraCerts}
# See https://developer-docs.citrix.com/projects/workspace-app-for-linux-oem-guide/en/latest/reference-information/#library-files
# Those files are fallbacks to support older libwekit.so and libjpeg.so
rm $out/opt/citrix-icaclient/lib/ctxjpeg_fb_8.so || true
rm $out/opt/citrix-icaclient/lib/UIDialogLibWebKit.so || true
# We support only Gstreamer 1.0
rm $ICAInstDir/util/{gst_aud_{play,read},gst_*0.10,libgstflatstm0.10.so}
ln -sf $ICAInstDir/util/gst_play1.0 $ICAInstDir/util/gst_play
ln -sf $ICAInstDir/util/gst_read1.0 $ICAInstDir/util/gst_read
echo "We arbitrarily set the timezone to UTC. No known consequences at this point."
echo UTC > "$ICAInstDir/timezone"
echo "Copy .desktop files."
cp $out/opt/citrix-icaclient/desktop/* $out/share/applications/
# We introduce a dependency on the source file so that it need not be redownloaded everytime
echo $src >> "$out/share/workspace_dependencies.pin"
runHook postInstall
'';
# Make sure that `autoPatchelfHook` is executed before
# running `ctx_rehash`.
dontAutoPatchelf = true;
postFixup = ''
autoPatchelf -- "$out"
$out/opt/citrix-icaclient/util/ctx_rehash
'';
meta = with lib; {
license = licenses.unfree;
description = "Citrix Workspace";
platforms = platforms.linux;
maintainers = with maintainers; [ pmenke ];
inherit homepage;
};
}
|