setup firefox

flake.nix

@@ -11,11 +11,6 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
-    firefox-addons = {
-      url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
     # Declarative partitioning and formatting
     disko = {
       url = "github:nix-community/disko";

home/common/optional/firefox.nix

@@ -1,95 +1,101 @@
-{ config, pkgs, ... }:
-
-  let
-    lock-false = {
-      Value = false;
-      Status = "locked";
-    };
-    lock-true = {
-      Value = true;
-      Status = "locked";
-    };
-  in
+{ pkgs, inputs, config, ... }:
+let
+  user = config.home.username;
+in
 {
-  programs = {
-    firefox = {
-      enable = true;
-      languagePacks = [ "gb" "en-GB" ];
+  programs.firefox = {
+    enable = true;
+    policies = {
+      DisableTelemetry = true;
+      DisableFirefoxStudies = true;
+      EnableTrackingProtection = {
+        Value= true;
+        Locked = true;
+        Cryptomining = true;
+        Fingerprinting = true;
+      };
+     DisablePocket = true;
+     DisableFirefoxAccounts = true;
+     DisableAccounts = true;
+     DisableFirefoxScreenshots = true;
+     OverrideFirstRunPage = "";
+     OverridePostUpdatePage = "";
+     DontCheckDefaultBrowser = true;
+     DisplayBookmarksToolbar = "never"; # alternatives: "always" or "newtab"
+     DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on"
+     SearchBar = "unified"; # alternative: "separate"
+     /* ---- EXTENSIONS ---- */
+     # Check about:support for extension/add-on ID strings.
+     # Valid strings for installation_mode are "allowed", "blocked",
+     # "force_installed" and "normal_installed".
+     ExtensionSettings = {
+       "*".installation_mode = "blocked"; # blocks all addons except the ones specified below
+       # uBlock Origin:
+       "uBlock0@raymondhill.net" = {
+         install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
+         installation_mode = "force_installed";
+       };
+       # Privacy Badger:
+       "jid1-MnnxcxisBPnSXQ@jetpack" = {
+         install_url = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi";
+         installation_mode = "force_installed";
+       };
+       # Bitwarden
+       "{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
+         install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
+         installation_mode = "force_installed";
+       };
+       # Dark Reader
+       "addon@darkreader.org" = {
+         install_url = "https://addons.mozilla.org/firefox/downloads/latest/darkreader/latest.xpi";
+         installation_mode = "force_installed";
+       };
+       # Sponser Block
+       "sponsorBlocker@ajay.app" = {
+         install_url = "https://addons.mozilla.org/firefox/downloads/latest/sponsorblock/latest.xpi";
+         installation_mode = "force_installed";
+       };
+       # Return Youtube Dislike
+       "{762f9885-5a13-4abd-9c77-433dcd38b8fd}" = {
+         install_url = "https://addons.mozilla.org/firefox/downloads/latest/return-youtube-dislikes/latest.xpi";
+         installation_mode = "force_installed";
+       };
+     };
+    };
+    profiles.${user} = {
+
       search.engines = {
         "Searxng" = {
           urls = [{
             template = "http://10.0.10.35:8855";
           }];
-        };
-      };
-      /* ---- POLICIES ---- */
-      # Check about:policies#documentation for options.
-      policies = {
-        DisableTelemetry = true;
-        DisableFirefoxStudies = true;
-        EnableTrackingProtection = {
-          Value= true;
-          Locked = true;
-          Cryptomining = true;
-          Fingerprinting = true;
-        };
-        DisablePocket = true;
-        DisableFirefoxAccounts = true;
-        DisableAccounts = true;
-        DisableFirefoxScreenshots = true;
-        OverrideFirstRunPage = "";
-        OverridePostUpdatePage = "";
-        DontCheckDefaultBrowser = true;
-        DisplayBookmarksToolbar = "never"; # alternatives: "always" or "newtab"
-        DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on"
-        SearchBar = "unified"; # alternative: "separate"
 
-        /* ---- EXTENSIONS ---- */
-        # Check about:support for extension/add-on ID strings.
-        # Valid strings for installation_mode are "allowed", "blocked",
-        # "force_installed" and "normal_installed".
-        ExtensionSettings = {
-          "*".installation_mode = "blocked"; # blocks all addons except the ones specified below
-          # uBlock Origin:
-          "uBlock0@raymondhill.net" = {
-            install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
-            installation_mode = "force_installed";
-          };
-          # Privacy Badger:
-          "jid1-MnnxcxisBPnSXQ@jetpack" = {
-            install_url = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi";
-            installation_mode = "force_installed";
-          };
-          # 1Password:
-          "{d634138d-c276-4fc8-924b-40a0ea21d284}" = {
-            install_url = "https://addons.mozilla.org/firefox/downloads/latest/1password-x-password-manager/latest.xpi";
-            installation_mode = "force_installed";
-          };
-        };
-  
-        /* ---- PREFERENCES ---- */
-        # Check about:config for options.
-        Preferences = { 
-          "browser.contentblocking.category" = { Value = "strict"; Status = "locked"; };
-          "extensions.pocket.enabled" = lock-false;
-          "extensions.screenshots.disabled" = lock-true;
-          "browser.topsites.contile.enabled" = lock-false;
-          "browser.formfill.enable" = lock-false;
-          "browser.search.suggest.enabled" = lock-false;
-          "browser.search.suggest.enabled.private" = lock-false;
-          "browser.urlbar.suggest.searches" = lock-false;
-          "browser.urlbar.showSearchSuggestionsFirst" = lock-false;
-          "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false;
-          "browser.newtabpage.activity-stream.feeds.snippets" = lock-false;
-          "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false;
-          "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false;
-          "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false;
-          "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false;
-          "browser.newtabpage.activity-stream.showSponsored" = lock-false;
-          "browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
-          "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
         };
       };
+      search.force = true;
+
+      bookmarks = [
+        {
+          name = "wikipedia";
+          tags = [ "wiki" ];
+          keyword = "wiki";
+          url = "https://en.wikipedia.org/wiki/Special:Search?search=%s&go=Go";
+        }
+        {
+          name = "bitlab21";
+          tags = [ "bitcoin" ];
+          keyword = "bitcoin";
+          url = "https://bitlab21.com";
+        }
+      ];
+
+      settings = {
+        "dom.security.https_only_mode" = true;
+        "browser.download.panel.shown" = true;
+        "identity.fxaccounts.enabled" = false;
+        "signon.rememberSignons" = false;
+      };
+
     };
   };
 }

hosts/common/core/sops.nix

@@ -15,7 +15,7 @@ in
     validateSopsFiles = false;
 
     age = {
-      sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+      sshKeyPaths = [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
     };
     secrets =  {
         "passwords/root".neededForUsers = true;

hosts/common/users/media/default.nix

@@ -30,7 +30,8 @@ in
           ".config/dconf"
           ".config/cinnamon"
           ".config/nemo"
-          ".local"
+	  ".mozilla"
+	  ".local"
         ];
         files = [
         ];