From 933a1efc720b4a6a4924a4ddd40e38aaaca38f8c Mon Sep 17 00:00:00 2001
From: Max <max@privatevoid.net>
Date: Wed, 17 Mar 2021 21:01:27 +0100
Subject: [PATCH] init

---
 .drone.yml             | 24 ++++++++++++++++++++++
 README                 |  1 +
 extensions.json        | 38 ++++++++++++++++++++++++++++++++++
 extensions/crx.nix     | 19 +++++++++++++++++
 extensions/default.nix | 18 +++++++++++++++++
 flake.lock             | 27 +++++++++++++++++++++++++
 flake.nix              | 15 ++++++++++++++
 update.py              | 46 ++++++++++++++++++++++++++++++++++++++++++
 8 files changed, 188 insertions(+)
 create mode 100644 .drone.yml
 create mode 100644 README
 create mode 100644 extensions.json
 create mode 100644 extensions/crx.nix
 create mode 100644 extensions/default.nix
 create mode 100644 flake.lock
 create mode 100644 flake.nix
 create mode 100755 update.py

diff --git a/.drone.yml b/.drone.yml
new file mode 100644
index 0000000..3247f7c
--- /dev/null
+++ b/.drone.yml
@@ -0,0 +1,24 @@
+kind: pipeline
+type: exec
+name: Update extensions
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: Update
+  commands:
+  - python3 update.py
+
+- name: Commit changes
+  environment:
+    GIT_AUTHOR_NAME: Drone
+    GIT_AUTHOR_EMAIL: drone@bots.void
+    DRONE_DEPLOY_KEY:
+      from_secret: drone-deploy-key
+  commands:
+  - git add .
+  - git commit -m '[CI] Update extensions' || exit 0
+  - git remote add pushback https://drone:$DRONE_DEPLOY_KEY@git.privatevoid.net/max/nix-crx.git
+  - git push pushback master
diff --git a/README b/README
new file mode 100644
index 0000000..1587abb
--- /dev/null
+++ b/README
@@ -0,0 +1 @@
+Chromium extensions for use with Nix
diff --git a/extensions.json b/extensions.json
new file mode 100644
index 0000000..b927457
--- /dev/null
+++ b/extensions.json
@@ -0,0 +1,38 @@
+[
+	{
+		"name": "bitwarden",
+		"id": "nngceckbapebfimnlniiiahkandclblb",
+		"updateMethod": "google"
+	},
+	{
+		"name": "ublock-origin",
+		"id": "cjpalhdlnbpafiamejdnhcphjbkeiagm",
+		"updateMethod": "google"
+	},
+	{
+		"name": "ipfs-companion",
+		"id": "nibjojkomfdiaoajekhjakgkdhaomnch",
+		"updateMethod": "google"
+	},
+	{
+		"name": "floccus-bookmark-sync",
+		"id": "fnaicdffflnofjppbagibeoednhnbjhg",
+		"updateMethod": "google"
+	},
+	{
+		"name": "h264ify",
+		"id": "aleakchihdccplidncghkekgioiakgal",
+		"updateMethod": "google"
+	},
+	{
+		"name": "i-dont-care-about-cookies",
+		"id": "fihnjjcciajhdojfnbdddfaoknhalnja",
+		"updateMethod": "google"
+	},
+	{
+		"name": "chromium-web-store",
+		"id": "ocaahdebbfolfmndjeplogmgcagdmblk",
+		"updateMethod": "github",
+		"updateUrl": "https://api.github.com/repos/NeverDecaf/chromium-web-store/releases"
+	}
+]
diff --git a/extensions/crx.nix b/extensions/crx.nix
new file mode 100644
index 0000000..b6ce1b3
--- /dev/null
+++ b/extensions/crx.nix
@@ -0,0 +1,19 @@
+{ stdenv, lib, fetchurl }: crxMeta:
+let
+  extensions = lib.importJSON ./extensions-generated.json;
+in
+  with crxMeta; stdenv.mkDerivation {
+    name = "${id}-${name}-${version}";
+    inherit version;
+
+    src = fetchurl { inherit url; inherit sha256; };
+
+    preferLocalBuild = true;
+    allowSubstitutes = false;
+
+    buildCommand = ''
+      mkdir -p "$out"
+      install -v -m644 "$src" "$out/${id}.crx"
+    '';
+    inherit id;
+  }
diff --git a/extensions/default.nix b/extensions/default.nix
new file mode 100644
index 0000000..8a1ffd3
--- /dev/null
+++ b/extensions/default.nix
@@ -0,0 +1,18 @@
+pkgs: lib:
+let
+  extensions = lib.importJSON ./extensions-generated.json;
+  enhance = ext: ext // {
+    crx = with ext; {
+      inherit id;
+      inherit version;
+      crxPath = "${outPath}/${id}.crx";
+    };
+  };
+in
+  builtins.listToAttrs (map (crxMeta:
+    { 
+      name = crxMeta.name;
+      value = enhance (pkgs.callPackage ./crx.nix {} crxMeta);
+    }
+  )
+  extensions)
diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..808e1ef
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1615797423,
+        "narHash": "sha256-5NGDZXPQzuoxf/42NiyC9YwwhwzfMfIRrz3aT0XHzSc=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "266dc8c3d052f549826ba246d06787a219533b8f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..6817586
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,15 @@
+{
+  description = "Chromium extensions as Nix derivations";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+  };
+
+  outputs = { self, nixpkgs }:
+    let
+      pkgs = import nixpkgs { system = "x86_64-linux"; };
+    in
+      {
+        packages.x86_64-linux = import ./extensions pkgs nixpkgs.lib;
+      };
+}
diff --git a/update.py b/update.py
new file mode 100755
index 0000000..8491fa2
--- /dev/null
+++ b/update.py
@@ -0,0 +1,46 @@
+#!/usr/bin/env nix-shell
+#! nix-shell -i python -p python3
+import json
+import xml.etree.ElementTree as ET
+import hashlib
+from urllib.request import urlopen
+
+from os.path import abspath, dirname
+
+JSON_PATH = dirname(abspath(__file__)) + '/extensions.json'
+JSON_OUT_PATH = dirname(abspath(__file__)) + '/extensions/extensions-generated.json'
+
+with open(JSON_PATH, 'r') as f:
+    exts = json.load(f)
+
+for ext in exts:
+    print(f"updating {ext['name']}")
+    if ext["updateMethod"] == "github":
+        with urlopen(ext["updateUrl"]) as r:
+            latest = json.load(r)[0]
+            ext["url"] = latest["assets"][0]["browser_download_url"]
+            with urlopen(ext["url"]) as blob:
+                sha256 = hashlib.new("SHA256")
+                if blob.status == 200:
+                    size, n = 0, 16384
+                    buf = bytearray(n)
+                    while n != 0:
+                        n = blob.readinto(buf)
+                        size += n
+                        if n>0:
+                            sha256.update(buf[:n])
+            ext["sha256"] = sha256.hexdigest().lower()
+            ext["version"] = latest["tag_name"].lstrip("v")
+    elif ext["updateMethod"] == "google":
+        resp = urlopen(f"https://clients2.google.com/service/update2/crx?response=updatecheck&acceptformat=crx2,crx3&prodversion=89.0.0.0&x=id%3D{ext['id']}%26uc")
+        xml = resp.read()
+        xmltree = ET.fromstring(xml)
+        app = xmltree.find("{http://www.google.com/update2/response}app").find("{http://www.google.com/update2/response}updatecheck")
+        latest = app.attrib
+        ext["url"] = latest["codebase"]
+        ext["sha256"] = latest["hash_sha256"]
+        ext["version"] = latest["version"]
+
+
+with open(JSON_OUT_PATH, 'w') as out:
+    json.dump(exts, out)