New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
citrix_receiver: allow custom certs and hooks for the installation #44522
Conversation
Note: I'm currently testing against older Citrix versions, it currently works with 13.10 though. |
No attempt on aarch64-linux (full log) The following builds were skipped because they don't evaluate on aarch64-linux: citrix_receiver Partial log (click to expand)
|
No attempt on x86_64-linux (full log) The following builds were skipped because they don't evaluate on x86_64-linux: citrix_receiver Partial log (click to expand)
|
just tested my patch with the oldest citrix version available in nixpkgs (13.4.0) and it works fine as well |
e7e81a0
to
1b02958
Compare
No attempt on aarch64-linux (full log) The following builds were skipped because they don't evaluate on aarch64-linux: citrix_receiver Partial log (click to expand)
|
No attempt on x86_64-linux (full log) The following builds were skipped because they don't evaluate on x86_64-linux: citrix_receiver Partial log (click to expand)
|
@@ -156,7 +156,7 @@ let | |||
''; | |||
}; | |||
|
|||
phases = [ "unpackPhase" "installPhase" ]; | |||
phases = [ "unpackPhase" "installPhase" "fixupPhase" ]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
dontBuild = true;
seems more economical here.
pkgs/top-level/all-packages.nix
Outdated
citrix_receiver_unwrapped_13_7_0 = citrix_receiver_unwrapped.override { version = "13.7.0"; }; | ||
citrix_receiver_unwrapped_13_6_0 = citrix_receiver_unwrapped.override { version = "13.6.0"; }; | ||
citrix_receiver_unwrapped_13_5_0 = citrix_receiver_unwrapped.override { version = "13.5.0"; }; | ||
citrix_receiver_unwrapped_13_4_0 = citrix_receiver_unwrapped.override { version = "13.4.0"; }; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For the next release we should drop versions older then 13.8, since their support will be dropped before 19.03: https://www.citrix.co.uk/support/product-lifecycle/milestones/receiver.html
Sometimes it's required to modify some parts of the Citrix build on their own which is why `{pre,post}Install` hooks can be quite helpful. Additionally some corporate clients use their own certificates that aren't stored as trusted ones in the `cacert` package with all of the trusted certs by Mozilla. Now it's possible to add custom certs like this: ``` nix with import <nixpkgs> { config.allowUnfree = true; }; let path = ../../Downloads/custom-corporate-cert.pem; in citrix_receiver.override { extraCerts = [ path ]; } ```
All Citrix versions until 13.7 will be EOLed during the lifetime of 18.09: https://www.citrix.co.uk/support/product-lifecycle/milestones/receiver.html
1b02958
to
3d7b147
Compare
thanks for pointing out the obsoleteness of citrix 13.4-7, pushed a second commit which references the Citrix support/lifetime page and drops the affected versions from the package set. |
No attempt on x86_64-linux (full log) The following builds were skipped because they don't evaluate on x86_64-linux: citrix_receiver Partial log (click to expand)
|
No attempt on aarch64-linux (full log) The following builds were skipped because they don't evaluate on aarch64-linux: citrix_receiver Partial log (click to expand)
|
Since NixOS#44522 it's possible to specify custom certificates for the Citrix receiver. As it took me some time to create a proper setup Citrix can behave fairly unexpected. I mostly covered two aspects: * Don't install Citrix with `nix run`: when `citrix.desktop` is linked to $XDG_CONFIG_DIRS, it's possible to start a session directly from the browser when loading `.ica` files which makes the usage *way* easier. * It's possible to add custom certificates using the Citrix wrapper. A new store path with the original derivation and the certificates will be created and therefore no rebuild of the package is needed when adding new certs.
…OS#44635) Since NixOS#44522 it's possible to specify custom certificates for the Citrix receiver. As it took me some time to create a proper setup Citrix can behave fairly unexpected. I mostly covered two aspects: * Don't install Citrix with `nix run`: when `citrix.desktop` is linked to $XDG_CONFIG_DIRS, it's possible to start a session directly from the browser when loading `.ica` files which makes the usage *way* easier. * It's possible to add custom certificates using the Citrix wrapper. A new store path with the original derivation and the certificates will be created and therefore no rebuild of the package is needed when adding new certs.
Motivation for this change
Sometimes it's required to modify some parts of the Citrix build on
their own which is why
{pre,post}Install
hooks can be quite helpful.Additionally some corporate clients use their own certificates that
aren't stored as trusted ones in the
cacert
package with all of thetrusted certs by Mozilla.
Now it's possible to add custom certs like this:
Things done
sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)nix path-info -S
before and after)