forked from poz/niksos
487 lines
27 KiB
Nix
487 lines
27 KiB
Nix
{
|
|
config,
|
|
inputs,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}: with lib; let
|
|
cfg = config.myOptions.programs.firefox;
|
|
username = config.myOptions.other.system.username;
|
|
|
|
buildFirefoxXpiAddon = lib.makeOverridable ({
|
|
stdenv ? pkgs.stdenv,
|
|
fetchurl ? pkgs.fetchurl,
|
|
pname,
|
|
version,
|
|
addonId,
|
|
url,
|
|
sha256,
|
|
...
|
|
}:
|
|
stdenv.mkDerivation {
|
|
name = "${pname}-${version}";
|
|
src = fetchurl {inherit url sha256;};
|
|
preferLocalBuild = true;
|
|
allowSubstitutes = true;
|
|
buildCommand = ''
|
|
dst="$out/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9397384}"
|
|
mkdir -p "$dst"
|
|
install -v -m644 "$src" "$dst/${addonId}.xpi"
|
|
'';
|
|
});
|
|
|
|
extra-addons = {
|
|
yomichan = buildFirefoxXpiAddon {
|
|
pname = "yomichan";
|
|
version = "20.5.22.1";
|
|
addonId = "{a9226ee9-7998-47bd-b72e-a1b56df7f77b}";
|
|
url = "https://addons.mozilla.org/firefox/downloads/file/3585060/yomichan-20.5.22.1.xpi";
|
|
sha256 = "sha256-/icvPD/nCJYS31owfYMD25QzFjsxAqapy/UAehhxsy8=";
|
|
};
|
|
};
|
|
|
|
searxng-name = "NotASearx";
|
|
|
|
searxng = {
|
|
urls = [{ template = "https://search.notashelf.dev/search?q={searchTerms}"; }];
|
|
iconUpdateURL = "https://search.notashelf.dev/favicon.ico";
|
|
updateInterval = 24 * 60 * 60 * 1000;
|
|
definedAliases = [ "@sx" ];
|
|
};
|
|
|
|
logo = builtins.fetchurl {
|
|
url = "https://raw.githubusercontent.com/schizofox/assets/main/logo/logo.png";
|
|
sha256 = "1wjzivdmppbzrwdxhza5dzzljl3z59vfgggxim9xjb2rzr0wqyyf";
|
|
};
|
|
in {
|
|
options.myOptions.programs.firefox = {
|
|
enable = mkEnableOption "enable firefox";
|
|
defaultSearchEngine = mkOption {
|
|
description = "name of the default search engine";
|
|
type = types.str;
|
|
};
|
|
searchEngines = mkOption {
|
|
default = [{
|
|
url = "https://startpage.com";
|
|
name = "Startpage";
|
|
aliases = [ "@sp" ];
|
|
}];
|
|
description = "search engines";
|
|
type = with types; attrsOf (submodule {
|
|
options = {
|
|
url = mkOption {
|
|
description = "url for the search engine, params placeholder and all";
|
|
type = str;
|
|
};
|
|
faviconPath = mkOption {
|
|
default = "";
|
|
description = "path to favicon";
|
|
type = str;
|
|
};
|
|
faviconUrl = mkOption {
|
|
default = "";
|
|
description = "url to favicon";
|
|
type = str;
|
|
};
|
|
aliases = mkOption {
|
|
description = "aliases for the search engine";
|
|
type = listOf str;
|
|
};
|
|
};
|
|
});
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
nixpkgs.overlays = [ inputs.nur.overlay ];
|
|
|
|
environment.sessionVariables = {
|
|
MOZ_ENABLE_WAYLAND = "1";
|
|
};
|
|
|
|
services.psd = {
|
|
enable = true;
|
|
resyncTimer = "30m";
|
|
};
|
|
|
|
home-manager.users.${username} = {
|
|
xdg.desktopEntries = {
|
|
firefox-schizo = {
|
|
name = "Schizofox";
|
|
genericName = "Web Browser";
|
|
exec = "firefox-devedition --name firefox-schizo --profile /home/jacek/.mozilla/firefox/schizo %U";
|
|
icon = "${logo}";
|
|
terminal = false;
|
|
categories = [ "Network" "WebBrowser" ];
|
|
mimeType = [ "text/html" "text/xml" "application/xhtml+xml" "application/vnd.mozilla.xul+xml" "x-scheme-handler/http" "x-scheme-handler/https" ];
|
|
type = "Application";
|
|
startupNotify = true;
|
|
settings = {
|
|
StartupWMClass = "firefox-schizo";
|
|
};
|
|
};
|
|
firefox-unschizo = {
|
|
name = "Sanefox";
|
|
genericName = "Web Browser";
|
|
exec = "firefox-devedition --name firefox-sane --profile /home/jacek/.mozilla/firefox/unschizo %U";
|
|
icon = "${logo}";
|
|
terminal = false;
|
|
categories = [ "Network" "WebBrowser" ];
|
|
mimeType = [ "text/html" "text/xml" "application/xhtml+xml" "application/vnd.mozilla.xul+xml" "x-scheme-handler/http" "x-scheme-handler/https" ];
|
|
type = "Application";
|
|
startupNotify = true;
|
|
settings = {
|
|
StartupWMClass = "firefox-sane";
|
|
};
|
|
};
|
|
};
|
|
|
|
programs.firefox = {
|
|
enable = true;
|
|
package = pkgs.firefox-devedition;
|
|
profiles = {
|
|
"schizo" = {
|
|
id = 0;
|
|
isDefault = true;
|
|
search = {
|
|
default = cfg.defaultSearchEngine;
|
|
force = true;
|
|
engines = (mapAttrs (name: value: {
|
|
${name} = {
|
|
urls = [{ template = value.url; }];
|
|
icon = mkIf (value.faviconPath != "") value.faviconPath;
|
|
iconUpdateURL = mkIf (value.faviconUrl != "") value.faviconUrl;
|
|
updateInterval = mkIf (value.faviconUrl != "") (24 * 60 * 60 * 1000);
|
|
definedAliases = value.aliases;
|
|
};
|
|
}) cfg.searchEngines)
|
|
// {
|
|
# GTFO
|
|
"Google".metaData.hidden = true;
|
|
"Bing".metaData.hidden = true;
|
|
"DuckDuckGo".metaData.hidden = true;
|
|
"Amazon.com".metaData.hidden = true;
|
|
};
|
|
order = mapAttrsToList (name: _value: name) cfg.searchEngines;
|
|
};
|
|
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
|
|
ublock-origin
|
|
tridactyl
|
|
violentmonkey
|
|
darkreader
|
|
keepassxc-browser
|
|
redirector
|
|
auto-tab-discard
|
|
extra-addons.yomichan
|
|
];
|
|
settings = {
|
|
"browser.aboutConfig.showWarning" = false;
|
|
"browser.startup.page" = 0;
|
|
"browser.startup.homepage" = "about:home";
|
|
"browser.newtabpage.enabled" = true;
|
|
"browser.newtabpage.activity-stream.showSponsored" = false;
|
|
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
|
|
"browser.newtabpage.activity-stream.default.sites" = "";
|
|
"geo.provider.network.url" = "";
|
|
"geo.provider.network.logging.enabled" = false;
|
|
"geo.provider.ms-windows-location" = false;
|
|
"geo.provider.use_corelocation" = false;
|
|
"geo.provider.use_gpsd" = false;
|
|
"geo.provider.use_geoclue" = false;
|
|
"intl.accept_langauges" = "en-US";
|
|
"javascript.use_us_english_locale" = true;
|
|
"extensions.getAddons.showPane" = false;
|
|
"extensions.htmlaboutaddons.recommendations.enabled" = false;
|
|
"browser.discovery.enabled" = false;
|
|
# this shit doesn't work thanks to firefox's
|
|
# fucking retarded ass decisions
|
|
# but I'm gonna keep it anyway
|
|
"extensions.unifiedExtensions.enabled" = false;
|
|
"datareporting.policy.dataSubmissionEnabled" = false;
|
|
"datareporting.healthreport.uploadEnabled" = false;
|
|
"toolkit.telemetry.unified" = false;
|
|
"toolkit.telemetry.enabled" = false;
|
|
"toolkit.telemetry.server" = "data:,";
|
|
"toolkit.telemetry.archive.enabled" = false;
|
|
"toolkit.telemetry.newProfilePing.enabled" = false;
|
|
"toolkit.telemetry.shutdownPingSender.enabled" = false;
|
|
"toolkit.telemetry.updatePing.enabled" = false;
|
|
"toolkit.telemetry.bhrPing.enabled" = false;
|
|
"toolkit.telemetry.firstShutdownPing.enabled" = false;
|
|
"toolkit.telemetry.coverage.opt-out" = true;
|
|
"toolkit.coverage.endpoint.base" = "";
|
|
"browser.ping-centre.telemetry" = false;
|
|
"browser.newtabpage.activity-stream.feeds.telemetry" = false;
|
|
"browser.newtabpage.activity-stream.telemetry" = false;
|
|
"app.shield.optoutstudies.enabled" = false;
|
|
"app.normandy.enabled" = false;
|
|
"app.normandy.api_url" = "";
|
|
"breakpad.reportURL" = "";
|
|
"browser.tabs.crashReporting.sendReport" = false;
|
|
"browser.crashReports.unsubmittedCheck.enabled" = false;
|
|
"browser.crashReports.unsubmittedCheck.autoSubmit2" = false;
|
|
"captivedetect.canonicalURL" = "";
|
|
"network.captive-portal-service.enabled" = false;
|
|
"network.connectivity-service.enabled" = false;
|
|
"browser.safebrowsing.malware.enabled" = false;
|
|
"browser.safebrowsing.phishing.enabled" = false;
|
|
"browser.safebrowsing.downloads.enabled" = false;
|
|
"browser.safebrowsing.downloads.remote.enabled" = false;
|
|
"browser.safebrowsing.downloads.remote.url" = "";
|
|
"browser.safebrowsing.downloads.remote.block_potentially_unwanted" = false;
|
|
"browser.safebrowsing.downloads.remote.block_uncommon" = false;
|
|
"browser.safebrowsing.allowOverride" = false;
|
|
"network.prefetch-next" = false;
|
|
"network.dns.disablePrefetch" = true;
|
|
"network.dns.disablePrefetchFromHTTPS" = true;
|
|
"network.predictor.enabled" = false;
|
|
"network.predictor.enable-prefetch" = false;
|
|
"network.http.speculative.parallel-limit" = 0;
|
|
"browser.places.speculativeConnect.enabled" = false;
|
|
"browser.send_pings" = false;
|
|
"network.dns.disableIPv6" = true;
|
|
"network.proxy.socks_remote_dns" = true;
|
|
"network.file.disable_unc_paths" = true;
|
|
"network.gio.supported-protocols" = "";
|
|
"network.proxy.failover_direct" = false;
|
|
"network.proxy.allow_bypass" = false;
|
|
# "network.trr.mode" = 5; TODO read about this
|
|
"browser.fixup.alternate.enabled" = false;
|
|
# TODO do I want this
|
|
"browser.search.suggest.enabled" = true;
|
|
"browser.urlbar.suggest.searches" = true;
|
|
"browser.urlbar.speculativeConnect.enabled" = false;
|
|
"browser.urlbar.dnsResolveSingleWordsAfterSearch" = 0;
|
|
"browser.urlbar.suggest.quicksuggest.nonsponsored" = false;
|
|
"browser.urlbar.suggest.quicksuggest.sponsored" = false;
|
|
"browser.formfill.enable" = false;
|
|
"layout.css.visited_links_enabled" = false;
|
|
"signon.autofillForms" = false;
|
|
"signon.formlessCapture.enabled" = false;
|
|
# TODO find some info about this
|
|
"network.auth.subresource-http-auth-allow" = 0;
|
|
"network.http.windows-sso.enabled" = false;
|
|
# TODO read about these until...
|
|
"browser.cache.disk.enable" = true;
|
|
"browser.privatebrowsing.forceMediaMemoryCache" = true;
|
|
"media.memory_cache_max_size" = 65536;
|
|
"browser.sessionstore.privacy_level" = 2;
|
|
# here
|
|
"toolkit.winRegisterApplicationRestart" = false;
|
|
# TODO favicons might be cool though
|
|
"browser.shell.shortcutFavicons" = false;
|
|
"security.ssl.require_safe_negotiation" = true;
|
|
"security.tls.enable_0rtt_data" = true;
|
|
# TODO read and think about it
|
|
"security.OCSP.enabled" = 1;
|
|
"security.OCSP.require" = true;
|
|
"security.family_safety.mode" = 0;
|
|
"security.cert_pinning.enforcement_level" = 2;
|
|
# TODO read about the next 2
|
|
"security.remote_settings.crlite_filters.enabled" = true;
|
|
"security.pki.crlite_mode" = 2;
|
|
# TODO if images break it's probably this
|
|
"security.mixed_content.block_display_content" = true;
|
|
"dom.security.https_only_mode" = true;
|
|
"dom.security.https_only_mode_pbm" = true;
|
|
"dom.security.https_only_mode.upgrade_local" = true;
|
|
"dom.security.https_only_mode_send_http_background_request" = false;
|
|
"security.ssl.treat_unsafe_negotiation_as_broken" = true;
|
|
"browser.xul.error_pages.expert_bad_cert" = true;
|
|
"network.http.referer.XOriginPolicy" = 2;
|
|
"network.http.referer.XOriginTrimmingPolicy" = 2;
|
|
"privacy.userContext.enabled" = true;
|
|
"privacy.userContext.ui.enabled" = true;
|
|
"privacy.userContext.newTabContainerOnLeftClick.enabled" = true;
|
|
# TODO read about these 2
|
|
"media.peerconnection.ice.proxy_only_if_behind_proxy" = true;
|
|
"media.peerconnection.ice.default_address_only" = true;
|
|
"media.peerconnection.ice.no_host" = true;
|
|
# TODO remove this if some codecs or shit don't work
|
|
"media.gmp-provider.enabled" = false;
|
|
# I think this is for netflix and shit
|
|
"media.gmp-widevinecdm.enabled" = false;
|
|
# disables DRM in general
|
|
"media.eme.enabled" = false;
|
|
# and the ui for it just in case
|
|
"browser.eme.ui.enabled" = false;
|
|
"dom.disable_window_move_resize" = true;
|
|
"accessibility.force_disabled" = 1;
|
|
"browser.helperApps.deleteTempFileOnExit" = true;
|
|
# TODO what the fuck is uitour
|
|
"browser.uitour.enabled" = false;
|
|
"browser.uitour.url" = "";
|
|
"devtools.debugger.remote-enabled" = false;
|
|
"middlemouse.contentLoadURL" = false;
|
|
"permissions.default.shortcuts" = 2;
|
|
"permissions.manager.defaultsUrl" = "";
|
|
# TODO what is this
|
|
"webchannel.allowObject.urlWhitelist" = "";
|
|
"network.IDN_show_punycode" = true;
|
|
"pdfjs.disabled" = false;
|
|
"pdfjs.enableScripting" = false;
|
|
"network.protocol-handler.external.ms-windows-store" = false;
|
|
"permissions.delegation.enabled" = false;
|
|
"browser.download.useDownloadDir" = true;
|
|
"browser.download.alwaysOpenPanel" = false;
|
|
"browser.download.manager.addToRecentDocs" = true;
|
|
"browser.download.always_ask_before_handling_new_types" = true;
|
|
# if extensions break go here
|
|
"extensions.enabledScopes" = 5;
|
|
"extensions.autoDisableScopes" = 15;
|
|
# TODO rethink this
|
|
"extensions.postDownloadThirdPartyPrompt" = true;
|
|
"extensions.webextensions.restrictedDomains" = "";
|
|
"browser.contentblocking.category" = "strict";
|
|
"privacy.antitracking.enableWebcompat" = false;
|
|
"privacy.partition.serviceWorkers" = true;
|
|
"privacy.partition.always_partition_third_party_non_cookie_storage" = true;
|
|
"privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage" = false;
|
|
"privacy.sanitize.sanitizeOnShutdown" = true;
|
|
"privacy.clearOnShutdown.cache" = true;
|
|
"privacy.clearOnShutdown.downloads" = true;
|
|
"privacy.clearOnShutdown.formdata" = true;
|
|
"privacy.clearOnShutdown.history" = true;
|
|
"privacy.clearOnShutdown.sessions" = true;
|
|
"privacy.clearOnShutdown.siteSettings" = true;
|
|
# if true I can't recover from crashes according to arkenfox
|
|
"privacy.clearOnShutdown.openWindows" = false;
|
|
"privacy.clearOnShutdown.cookies" = true;
|
|
"privacy.clearOnShutdown.offlineApps" = true;
|
|
"privacy.clearsitedata.cache.enabled" = true;
|
|
"privacy.cpd.cache" = true;
|
|
"privacy.cpd.formdata" = true;
|
|
"privacy.cpd.history" = true;
|
|
"privacy.cpd.sessions" = true;
|
|
"privacy.cpd.offlineApps" = true;
|
|
"privacy.cpd.cookies" = true;
|
|
"privacy.cpd.downloads" = true;
|
|
"privacy.cpd.openWindows" = false;
|
|
"privacy.cpd.passwords" = true;
|
|
"privacy.cpd.siteSettings" = true;
|
|
"privacy.sanitize.timeSpan" = 0;
|
|
"privacy.resistFingerprint" = false;
|
|
# we won't be installing extensions through mozilla's website I don't think
|
|
"privacy.resistFingerprinting.block_mozAddonManager" = true;
|
|
"privacy.resistFingerprinting.letterboxing" = true;
|
|
"layout.css.font-visibility.resistFingerprinting" = 1;
|
|
"browser.display.use_system_colors" = false;
|
|
"widget.non-native-theme.enabled" = true;
|
|
"browser.link.open_newwindow" = 3;
|
|
"browser.link.open_newwindow.restriction" = 0;
|
|
"webgl.disabled" = false;
|
|
"signon.rememberSignons" = false;
|
|
"permissions.memory_only" = true;
|
|
"security.nocertdb" = true;
|
|
"browser.chrome.site_icons" = true;
|
|
"browser.session.max_tabs_undo" = 0;
|
|
"browser.sessionstore.resume_from_crash" = true;
|
|
"browser.urlbar.autoFill" = false;
|
|
"places.history.enabled" = false;
|
|
"extensions.formautofill.addresses.enabled" = false;
|
|
"extensions.formautofill.creditCards.enabled" = false;
|
|
"extensions.formautofill.heuristics.enabled" = false;
|
|
"dom.popup_allowed_events" = "click dblclick mousedown pointerdown";
|
|
"javascript.options.ion" = false;
|
|
"javascript.options.baselinejit" = false;
|
|
"javascript.options.jit_trustedprincipals" = true;
|
|
"javascript.options.wasm" = false;
|
|
"extensions.blocklist.enabled" = true;
|
|
"network.http.referer.spoofSource" = false;
|
|
"security.dialog_enable_delay" = 1000;
|
|
"privacy.firstparty.isolate" = false;
|
|
"extensions.webcompat.enable_shims" = true;
|
|
"security.tls.version.enable-deprecated" = false;
|
|
"extensions.webcompat-reporter.enabled" = false;
|
|
|
|
"gfx.webrender.all" = true;
|
|
"media.ffmpeg.vaapi.enabled" = true;
|
|
|
|
"identity.sync.tokenserver.uri" = "https://ffsync.jacekpoz.pl/1.0/sync/1.5";
|
|
};
|
|
};
|
|
"unschizo" = {
|
|
id = 1;
|
|
isDefault = false;
|
|
search = {
|
|
default = "${searxng-name}";
|
|
force = true;
|
|
engines = {
|
|
"${searxng-name}" = searxng;
|
|
# GTFO
|
|
"Google".metaData.hidden = true;
|
|
"Bing".metaData.hidden = true;
|
|
"DuckDuckGo".metaData.hidden = true;
|
|
"Amazon.com".metaData.hidden = true;
|
|
};
|
|
};
|
|
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
|
|
ublock-origin
|
|
dearrow
|
|
tridactyl
|
|
violentmonkey
|
|
darkreader
|
|
keepassxc-browser
|
|
auto-tab-discard
|
|
extra-addons.yomichan
|
|
];
|
|
settings = {
|
|
"browser.aboutConfig.showWarning" = false;
|
|
"browser.startup.page" = 0;
|
|
"browser.startup.homepage" = "about:home";
|
|
"browser.newtabpage.enabled" = true;
|
|
"browser.newtabpage.activity-stream.showSponsored" = false;
|
|
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
|
|
"browser.newtabpage.activity-stream.default.sites" = "";
|
|
"extensions.getAddons.showPane" = false;
|
|
"extensions.htmlaboutaddons.recommendations.enabled" = false;
|
|
"browser.discovery.enabled" = false;
|
|
"extensions.unifiedExtensions.enabled" = false;
|
|
"datareporting.policy.dataSubmissionEnabled" = false;
|
|
"datareporting.healthreport.uploadEnabled" = false;
|
|
"toolkit.telemetry.unified" = false;
|
|
"toolkit.telemetry.enabled" = false;
|
|
"toolkit.telemetry.server" = "data:,";
|
|
"toolkit.telemetry.archive.enabled" = false;
|
|
"toolkit.telemetry.newProfilePing.enabled" = false;
|
|
"toolkit.telemetry.shutdownPingSender.enabled" = false;
|
|
"toolkit.telemetry.updatePing.enabled" = false;
|
|
"toolkit.telemetry.bhrPing.enabled" = false;
|
|
"toolkit.telemetry.firstShutdownPing.enabled" = false;
|
|
"toolkit.telemetry.coverage.opt-out" = true;
|
|
"toolkit.coverage.endpoint.base" = "";
|
|
"browser.ping-centre.telemetry" = false;
|
|
"browser.newtabpage.activity-stream.feeds.telemetry" = false;
|
|
"browser.newtabpage.activity-stream.telemetry" = false;
|
|
"app.shield.optoutstudies.enabled" = false;
|
|
"app.normandy.enabled" = false;
|
|
"app.normandy.api_url" = "";
|
|
"breakpad.reportURL" = "";
|
|
"browser.tabs.crashReporting.sendReport" = false;
|
|
"browser.crashReports.unsubmittedCheck.enabled" = false;
|
|
"browser.crashReports.unsubmittedCheck.autoSubmit2" = false;
|
|
"captivedetect.canonicalURL" = "";
|
|
"network.captive-portal-service.enabled" = false;
|
|
"network.connectivity-service.enabled" = false;
|
|
"browser.safebrowsing.malware.enabled" = false;
|
|
"browser.safebrowsing.phishing.enabled" = false;
|
|
"browser.safebrowsing.downloads.enabled" = false;
|
|
"browser.safebrowsing.downloads.remote.enabled" = false;
|
|
"browser.safebrowsing.downloads.remote.url" = "";
|
|
"browser.safebrowsing.downloads.remote.block_potentially_unwanted" = false;
|
|
"browser.safebrowsing.downloads.remote.block_uncommon" = false;
|
|
"browser.safebrowsing.allowOverride" = false;
|
|
"privacy.resistFingerprinting.block_mozAddonManager" = true;
|
|
"signon.rememberSignons" = false;
|
|
|
|
"gfx.webrender.all" = true;
|
|
"media.ffmpeg.vaapi.enabled" = true;
|
|
|
|
"identity.sync.tokenserver.uri" = "https://ffsync.jacekpoz.pl/1.0/sync/1.5";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|