blob: 8e2a2204f761af69913c8151e1c089416900bfa0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
|
# Maintainer: Mark Wagie <mark dot wagie at proton dot me>
# Contributor: David Birks <david at tellus dot space>
# Contributor: Jeff Henson <jeff at henson dot io>
pkgname=mullvad-vpn-beta
_pkgver=2025.2
_channel=stable
_rel=1
#pkgver=${_pkgver}.${_channel}${_rel} # beta
pkgver=${_pkgver}.${_channel} # stable
pkgrel=1
_nodeversion=20
pkgdesc="The Mullvad VPN client app for desktop (beta channel)"
arch=('x86_64')
url="https://www.mullvad.net"
license=('GPL-3.0-or-later')
depends=(
'alsa-lib'
'gtk3'
'iputils'
'libnftnl'
'libnotify'
'nss'
)
makedepends=(
'cargo'
'git'
'go'
'libxcrypt-compat'
'nvm'
'protobuf'
)
optdepends=('libappindicator-gtk3: tray icon')
provides=("${pkgname%-beta}")
conflicts=("${pkgname%-beta}")
install="${pkgname%-beta}.install"
_ab_commit=049d5d3bc0c86c29c20f2073460186a83c1d7094
_wg_commit=3957ef94034a9cbb47f323b3290620bb849d58e3
_mn_commit=d40056adfa854d86e1d515d56e9a703090e2473c
source=(
# "git+https://github.com/mullvad/mullvadvpn-app.git#tag=${_pkgver}-${_channel}${_rel}?signed" # beta
"git+https://github.com/mullvad/mullvadvpn-app.git#tag=${_pkgver}?signed" # stable
"git+https://github.com/mullvad/mullvadvpn-app-binaries.git#commit=${_ab_commit}?signed"
"git+https://github.com/mullvad/wireguard-go.git#commit=${_wg_commit}?signed"
"git+https://github.com/mullvad/maybenot.git#commit=${_mn_commit}"
'no-rpm.diff'
'no-publish.diff'
"${pkgname%-beta}.sh"
)
sha256sums=('3a8220d1724c683d9854118837c4ce12bdb4cfdbe31a09b2ed16bab3a289f761'
'2f7ff0d5c2c5bab63b9babc6c91d921ef9965413b0b92996be8c9fd5a9c0d862'
'6e0f55d43fbf016d989ff5571de9c3b8c2f3611e957e807f5ffcbda2c4d274c6'
'6547c6d7c1d3ffd0b65a025ac5e6f76cd3046059cb10da7f1e99f5e436378bd2'
'ea35edffea2cbbb05586abce19581fdd9f133801ed47e6af30fa64a29c5cf116'
'968967efff8e9588f15c382825b609cf89d54c47e0632e92e9ef2354aa46f31b'
'2262346cb57deb187fe32a88ccd873dab669598889269088e749197c6e88954f')
validpgpkeys=('225E40C8F1C8DEB7977ABF59F293063FECE2E8ED' # Linus Färnstrand <linus@mullvad.net>
'8339C7D2942EB854E3F27CE5AEE9DECFD582E984' # David Lönnhager (code signing) <david.l@mullvad.net>
'1D0026CBD1F1858DF8DB54DFCB87E2B919A6454C' # Oskar Nyberg <oskar@mullvad.net>
'049F58CC80D9C78452151EE6EF0CCD68D0E5B9B1' # Emīls Piņķis <emils@mullvad.net>
)
_ensure_local_nvm() {
# let's be sure we are starting clean
which nvm >/dev/null 2>&1 && nvm deactivate && nvm unload
export NVM_DIR="$srcdir/.nvm"
# The init script returns 3 if version specified
# in ./.nvrc is not (yet) installed in $NVM_DIR
# but nvm itself still gets loaded ok
source /usr/share/nvm/init-nvm.sh || [[ $? != 1 ]]
}
prepare() {
cd mullvadvpn-app
git submodule init
git config submodule.dist-assets/binaries.url "$srcdir/mullvadvpn-app-binaries"
git config submodule.wireguard-go-rs/libwg/wireguard-go.url "$srcdir/wireguard-go"
git -c protocol.file.allow=always submodule update
pushd wireguard-go-rs/libwg/wireguard-go
git submodule init
git config submodule.maybenot.url "$srcdir/maybenot"
git -c protocol.file.allow=always submodule update
popd
# Disable building rpm
patch --strip=1 desktop/packages/${pkgname%-beta}/tasks/distribution.js < ../no-rpm.diff
# Disable publishing for CIs
patch --strip=1 desktop/packages/${pkgname%-beta}/tasks/distribution.js < ../no-publish.diff
# Create wireguard-go build directory
mkdir -p "build/lib/$CARCH-unknown-linux-gnu"
# Create shell-completions output directory
mkdir -p build/shell-completions
export RUSTUP_TOOLCHAIN=stable
cargo fetch --locked --target "$(rustc -vV | sed -n 's/host: //p')"
pushd "desktop/packages/${pkgname%-beta}"
echo "Installing JavaScript dependencies..."
export npm_config_cache="$srcdir/npm_cache"
_ensure_local_nvm
nvm install "${_nodeversion}"
npm ci --no-audit --no-fund
popd
}
build() {
cd mullvadvpn-app
CFLAGS+=" -ffat-lto-objects"
export RUSTUP_TOOLCHAIN=stable
export CARGO_TARGET_DIR=target
local RUSTC_VERSION=$(rustc --version)
local PRODUCT_VERSION=$(cargo run -q --bin mullvad-version)
echo "Building Mullvad VPN ${PRODUCT_VERSION}..."
echo "Building wireguard-go..."
pushd wireguard-go-rs/libwg
export GOPATH="$srcdir/gopath"
export CGO_CPPFLAGS="${CPPFLAGS}"
export CGO_CFLAGS="${CFLAGS}"
export CGO_CXXFLAGS="${CXXFLAGS}"
export CGO_LDFLAGS="${LDFLAGS}"
export GOFLAGS="-buildmode=pie -trimpath -ldflags=-linkmode=external -mod=readonly -modcacherw"
go build -v -o "../../build/lib/$CARCH-unknown-linux-gnu"/libwg.a -buildmode c-archive
popd
# Clean module cache for makepkg -C
go clean -modcache
echo "Building Rust code in release mode using ${RUSTC_VERSION}..."
cargo_crates_to_build=(
-p mullvad-daemon --bin mullvad-daemon
-p mullvad-cli --bin mullvad
-p mullvad-setup --bin mullvad-setup
-p mullvad-problem-report --bin mullvad-problem-report
-p talpid-openvpn-plugin --lib
-p mullvad-exclude --bin mullvad-exclude
)
cargo build --frozen --release "${cargo_crates_to_build[@]}"
echo "Preparing for packaging Mullvad VPN ${PRODUCT_VERSION}..."
for sh in bash zsh fish; do
echo "Generating shell completion script for ${sh}..."
cargo run --bin mullvad --frozen --release -- shell-completions "${sh}" \
build/shell-completions/
done
echo "Updating relays.json..."
cargo run --bin relay_list "${CARGO_ARGS[@]}" > build/relays.json
# Move binaries to correct locations in dist-assets
binaries=(
mullvad-daemon
mullvad
mullvad-problem-report
libtalpid_openvpn_plugin.so
mullvad-setup
mullvad-exclude
)
for binary in ${binaries[*]}; do
cp "target/release/${binary}" "dist-assets/${binary}"
done
# Build Electron GUI
pushd "desktop/packages/${pkgname%-beta}"
echo "Packing Mullvad VPN ${PRODUCT_VERSION} artifact(s)..."
export npm_config_cache="$srcdir/npm_cache"
_ensure_local_nvm
npm run pack:linux --release
popd
}
package() {
cd mullvadvpn-app
# Install main files
install -d "$pkgdir/opt/Mullvad VPN"
cp -r dist/linux-unpacked/* "$pkgdir/opt/Mullvad VPN/"
chmod 4755 "$pkgdir/opt/Mullvad VPN/chrome-sandbox"
# Install services
install -Dm644 dist-assets/linux/mullvad{-daemon,-early-boot-blocking}.service -t \
"$pkgdir/usr/lib/systemd/system/"
# Install binaries
install -Dm755 dist-assets/{mullvad,mullvad{-daemon,-exclude}} -t "$pkgdir/usr/bin/"
# Link to the problem report binary
ln -s "/opt/Mullvad VPN/resources/mullvad-problem-report" "$pkgdir/usr/bin/"
# Link to the GUI binary
install -m755 "$srcdir/${pkgname%-beta}.sh" "$pkgdir/usr/bin/${pkgname%-beta}"
# Install completions
install -Dm644 build/shell-completions/mullvad.bash \
"$pkgdir/usr/share/bash-completion/completions/mullvad"
install -Dm644 build/shell-completions/_mullvad -t \
"$pkgdir/usr/share/zsh/site-functions/"
install -Dm644 build/shell-completions/mullvad.fish -t \
"$pkgdir/usr/share/fish/vendor_completions.d/"
# Install desktop file & icons from deb
cd dist
ar x *.deb
bsdtar -xf data.tar.xz
install -Dm644 "usr/share/applications/${pkgname%-beta}.desktop" -t \
"$pkgdir/usr/share/applications/"
for icon_size in 16 32 48 64 128 256 512 1024; do
icons_dir="usr/share/icons/hicolor/${icon_size}x${icon_size}/apps"
install -Dm644 "${icons_dir}/${pkgname%-beta}.png" -t "$pkgdir/${icons_dir}/"
done
# Symlink apparmor profile to allow Electron sandbox to work
install -d "$pkgdir/etc/apparmor.d"
ln -s /opt/Mullvad\ VPN/resources/apparmor_mullvad "$pkgdir/etc/apparmor.d/mullvad"
}
|