diff --git a/.gitignore b/.gitignore index 2faf43d..0806e16 100644 --- a/.gitignore +++ b/.gitignore @@ -1,37 +1,2 @@ -# Local .terraform directories -**/.terraform/* - -# .tfstate files -*.tfstate -*.tfstate.* - -# Crash log files -crash.log -crash.*.log - -# Exclude all .tfvars files, which are likely to contain sensitive data, such as -# password, private keys, and other secrets. These should not be part of version -# control as they are data points which are potentially sensitive and subject -# to change depending on the environment. -*.tfvars -*.tfvars.json - -# Ignore override files as they are usually used to override resources locally and so -# are not checked in -override.tf -override.tf.json -*_override.tf -*_override.tf.json - -# Ignore transient lock info files created by terraform apply -.terraform.tfstate.lock.info - -# Include override files you do wish to add to version control using negated pattern -# !example_override.tf - -# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan -# example: *tfplan* - -# Ignore CLI configuration files -.terraformrc -terraform.rc +inputs +result diff --git a/README.md b/README.md index 6210c1c..4ad8683 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,7 @@ -# ida-pro-overlay -Nix flake for IDA Pro +# Nix Flake for IDA Pro + +You can use the overlay provided by this flake along with your own IDA installer runfile to build your IDA Pro with Nix and use it on NixOS. + +## How to Use + +WIP. diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..6703be5 --- /dev/null +++ b/flake.lock @@ -0,0 +1,27 @@ +{ + "nodes": { + "nixpkgs": { + "locked": { + "lastModified": 1728538411, + "narHash": "sha256-f0SBJz1eZ2yOuKUr5CA9BHULGXVSn6miBuUWdTyhUhU=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "b69de56fac8c2b6f8fd27f2eca01dcda8e0a4221", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..dc76daf --- /dev/null +++ b/flake.nix @@ -0,0 +1,17 @@ +{ + description = "Nix flake for IDA Pro"; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; + }; + + outputs = + { + ... + }: + { + overlays.default = self: super: { + ida-pro = self.packages.x86_64-linux.ida-pro; + }; + }; +} diff --git a/packages/ida-pro.nix b/packages/ida-pro.nix new file mode 100644 index 0000000..c5ff29a --- /dev/null +++ b/packages/ida-pro.nix @@ -0,0 +1,124 @@ +{ + pkgs, + lib, + runfile, + ... +}: +let + pythonForIDA = pkgs.python3.withPackages (ps: with ps; [ rpyc ]); +in +pkgs.stdenv.mkDerivation rec { + pname = "ida-pro"; + version = "9.0.0.240925"; + + src = runfile; + + desktopItem = pkgs.makeDesktopItem { + name = "ida-pro"; + exec = "ida"; + icon = ../share/appico.png; + comment = meta.description; + desktopName = "IDA Pro"; + genericName = "Interactive Disassembler"; + categories = [ "Development" ]; + startupWMClass = "IDA"; + }; + desktopItems = [ desktopItem ]; + + nativeBuildInputs = with pkgs; [ + makeWrapper + copyDesktopItems + autoPatchelfHook + libsForQt5.wrapQtAppsHook + ]; + + # We just get a runfile in $src, so no need to unpack it. + dontUnpack = true; + + # Add everything to the RPATH, in case IDA decides to dlopen things. + runtimeDependencies = with pkgs; [ + cairo + dbus + fontconfig + freetype + glib + gtk3 + libdrm + libGL + libkrb5 + libsecret + libsForQt5.qtbase + libunwind + libxkbcommon + libsecret + openssl.out + stdenv.cc.cc + xorg.libICE + xorg.libSM + xorg.libX11 + xorg.libXau + xorg.libxcb + xorg.libXext + xorg.libXi + xorg.libXrender + xorg.xcbutilimage + xorg.xcbutilkeysyms + xorg.xcbutilrenderutil + xorg.xcbutilwm + zlib + curl + pythonForIDA + ]; + buildInputs = runtimeDependencies; + + dontWrapQtApps = true; + + installPhase = '' + runHook preInstall + + mkdir -p $out/bin $out/lib $out/opt + + # IDA depends on quite some things extracted by the runfile, so first extract everything + # into $out/opt, then remove the unnecessary files and directories. + IDADIR=$out/opt + + # Invoke the installer with the dynamic loader directly, avoiding the need + # to copy it to fix permissions and patch the executable. + $(cat $NIX_CC/nix-support/dynamic-linker) $src \ + --mode unattended --prefix $IDADIR + + # Link the exported libraries to the output. + for lib in $IDADIR/libida*; do + ln -s $lib $out/lib/$(basename $lib) + done + + # Manually patch libraries that dlopen stuff. + patchelf --add-needed libpython3.12.so $out/lib/libida.so + patchelf --add-needed libcrypto.so $out/lib/libida.so + + # Some libraries come with the installer. + addAutoPatchelfSearchPath $IDADIR + + # Link the binaries to the output. + # Also, hack the PATH so that pythonForIDA is used over the system python. + for bb in ida assistant; do + wrapProgram $IDADIR/$bb \ + --prefix QT_PLUGIN_PATH : $IDADIR/plugins/platforms \ + --prefix PYTHONPATH : $out/opt/idalib/python \ + --prefix PATH : ${pythonForIDA}/bin + ln -s $IDADIR/$bb $out/bin/$bb + done + + runHook postInstall + ''; + + meta = with lib; { + description = "The world's smartest and most feature-full disassembler"; + homepage = "https://hex-rays.com/ida-pro/"; + license = licenses.unfree; + mainProgram = "ida"; + maintainers = with maintainers; [ msanft ]; + platforms = [ "x86_64-linux" ]; # Right now, the installation script only supports Linux. + sourceProvenance = with sourceTypes; [ binaryNativeCode ]; + }; +} diff --git a/share/appico.png b/share/appico.png new file mode 100644 index 0000000..d03c97f Binary files /dev/null and b/share/appico.png differ