setup firefox

This commit is contained in:
Sam 2024-05-24 13:01:19 +00:00
parent 2da6205ca2
commit 55ce313df7
4 changed files with 92 additions and 90 deletions

View File

@ -11,11 +11,6 @@
inputs.nixpkgs.follows = "nixpkgs";
};
firefox-addons = {
url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
inputs.nixpkgs.follows = "nixpkgs";
};
# Declarative partitioning and formatting
disko = {
url = "github:nix-community/disko";

View File

@ -1,95 +1,101 @@
{ config, pkgs, ... }:
let
lock-false = {
Value = false;
Status = "locked";
};
lock-true = {
Value = true;
Status = "locked";
};
in
{ pkgs, inputs, config, ... }:
let
user = config.home.username;
in
{
programs = {
firefox = {
enable = true;
languagePacks = [ "gb" "en-GB" ];
programs.firefox = {
enable = true;
policies = {
DisableTelemetry = true;
DisableFirefoxStudies = true;
EnableTrackingProtection = {
Value= true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
DisablePocket = true;
DisableFirefoxAccounts = true;
DisableAccounts = true;
DisableFirefoxScreenshots = true;
OverrideFirstRunPage = "";
OverridePostUpdatePage = "";
DontCheckDefaultBrowser = true;
DisplayBookmarksToolbar = "never"; # alternatives: "always" or "newtab"
DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on"
SearchBar = "unified"; # alternative: "separate"
/* ---- EXTENSIONS ---- */
# Check about:support for extension/add-on ID strings.
# Valid strings for installation_mode are "allowed", "blocked",
# "force_installed" and "normal_installed".
ExtensionSettings = {
"*".installation_mode = "blocked"; # blocks all addons except the ones specified below
# uBlock Origin:
"uBlock0@raymondhill.net" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
installation_mode = "force_installed";
};
# Privacy Badger:
"jid1-MnnxcxisBPnSXQ@jetpack" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi";
installation_mode = "force_installed";
};
# Bitwarden
"{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
installation_mode = "force_installed";
};
# Dark Reader
"addon@darkreader.org" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/darkreader/latest.xpi";
installation_mode = "force_installed";
};
# Sponser Block
"sponsorBlocker@ajay.app" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/sponsorblock/latest.xpi";
installation_mode = "force_installed";
};
# Return Youtube Dislike
"{762f9885-5a13-4abd-9c77-433dcd38b8fd}" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/return-youtube-dislikes/latest.xpi";
installation_mode = "force_installed";
};
};
};
profiles.${user} = {
search.engines = {
"Searxng" = {
urls = [{
template = "http://10.0.10.35:8855";
}];
};
};
/* ---- POLICIES ---- */
# Check about:policies#documentation for options.
policies = {
DisableTelemetry = true;
DisableFirefoxStudies = true;
EnableTrackingProtection = {
Value= true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
DisablePocket = true;
DisableFirefoxAccounts = true;
DisableAccounts = true;
DisableFirefoxScreenshots = true;
OverrideFirstRunPage = "";
OverridePostUpdatePage = "";
DontCheckDefaultBrowser = true;
DisplayBookmarksToolbar = "never"; # alternatives: "always" or "newtab"
DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on"
SearchBar = "unified"; # alternative: "separate"
/* ---- EXTENSIONS ---- */
# Check about:support for extension/add-on ID strings.
# Valid strings for installation_mode are "allowed", "blocked",
# "force_installed" and "normal_installed".
ExtensionSettings = {
"*".installation_mode = "blocked"; # blocks all addons except the ones specified below
# uBlock Origin:
"uBlock0@raymondhill.net" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
installation_mode = "force_installed";
};
# Privacy Badger:
"jid1-MnnxcxisBPnSXQ@jetpack" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi";
installation_mode = "force_installed";
};
# 1Password:
"{d634138d-c276-4fc8-924b-40a0ea21d284}" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/1password-x-password-manager/latest.xpi";
installation_mode = "force_installed";
};
};
/* ---- PREFERENCES ---- */
# Check about:config for options.
Preferences = {
"browser.contentblocking.category" = { Value = "strict"; Status = "locked"; };
"extensions.pocket.enabled" = lock-false;
"extensions.screenshots.disabled" = lock-true;
"browser.topsites.contile.enabled" = lock-false;
"browser.formfill.enable" = lock-false;
"browser.search.suggest.enabled" = lock-false;
"browser.search.suggest.enabled.private" = lock-false;
"browser.urlbar.suggest.searches" = lock-false;
"browser.urlbar.showSearchSuggestionsFirst" = lock-false;
"browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false;
"browser.newtabpage.activity-stream.feeds.snippets" = lock-false;
"browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false;
"browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false;
"browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false;
"browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false;
"browser.newtabpage.activity-stream.showSponsored" = lock-false;
"browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
};
};
search.force = true;
bookmarks = [
{
name = "wikipedia";
tags = [ "wiki" ];
keyword = "wiki";
url = "https://en.wikipedia.org/wiki/Special:Search?search=%s&go=Go";
}
{
name = "bitlab21";
tags = [ "bitcoin" ];
keyword = "bitcoin";
url = "https://bitlab21.com";
}
];
settings = {
"dom.security.https_only_mode" = true;
"browser.download.panel.shown" = true;
"identity.fxaccounts.enabled" = false;
"signon.rememberSignons" = false;
};
};
};
}

View File

@ -15,7 +15,7 @@ in
validateSopsFiles = false;
age = {
sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sshKeyPaths = [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
};
secrets = {
"passwords/root".neededForUsers = true;

View File

@ -30,7 +30,8 @@ in
".config/dconf"
".config/cinnamon"
".config/nemo"
".local"
".mozilla"
".local"
];
files = [
];