{ config, inputs, lib, pkgs, ... }: with lib; let cfg = config.myOptions.programs.firefox; username = config.myOptions.other.system.username; buildFirefoxXpiAddon = lib.makeOverridable ({ stdenv ? pkgs.stdenv, fetchurl ? pkgs.fetchurl, pname, version, addonId, url, sha256, ... }: stdenv.mkDerivation { name = "${pname}-${version}"; src = fetchurl {inherit url sha256;}; preferLocalBuild = true; allowSubstitutes = true; buildCommand = '' dst="$out/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9397384}" mkdir -p "$dst" install -v -m644 "$src" "$dst/${addonId}.xpi" ''; }); extra-addons = { yomichan = buildFirefoxXpiAddon { pname = "yomichan"; version = "20.5.22.1"; addonId = "{a9226ee9-7998-47bd-b72e-a1b56df7f77b}"; url = "https://addons.mozilla.org/firefox/downloads/file/3585060/yomichan-20.5.22.1.xpi"; sha256 = "sha256-/icvPD/nCJYS31owfYMD25QzFjsxAqapy/UAehhxsy8="; }; }; searxng-name = "NotASearx"; searxng = { urls = [{ template = "https://search.notashelf.dev/search?q={searchTerms}"; }]; iconUpdateURL = "https://search.notashelf.dev/favicon.ico"; updateInterval = 24 * 60 * 60 * 1000; definedAliases = [ "@sx" ]; }; logo = pkgs.fetchurl { url = "https://raw.githubusercontent.com/schizofox/assets/main/logo/logo.png"; sha256 = "1wjzivdmppbzrwdxhza5dzzljl3z59vfgggxim9xjb2rzr0wqyyf"; }; in { options.myOptions.programs.firefox = { enable = mkEnableOption "enable firefox"; defaultSearchEngine = mkOption { description = "name of the default search engine"; type = types.str; }; searchEngines = mkOption { default = [{ url = "https://startpage.com"; name = "Startpage"; aliases = [ "@sp" ]; }]; description = "search engines"; type = with types; attrsOf (submodule { options = { url = mkOption { description = "url for the search engine, params placeholder and all"; type = str; }; faviconPath = mkOption { default = ""; description = "path to favicon"; type = str; }; faviconUrl = mkOption { default = ""; description = "url to favicon"; type = str; }; aliases = mkOption { description = "aliases for the search engine"; type = listOf str; }; }; }); }; }; config = mkIf cfg.enable { nixpkgs.overlays = [ inputs.nur.overlay ]; environment.sessionVariables = { MOZ_ENABLE_WAYLAND = "1"; MOZ_DRM_DEVICE = "/dev/dri/card0"; }; services.psd = { enable = true; resyncTimer = "30m"; }; home-manager.users.${username} = { xdg.desktopEntries = { firefox-schizo = { name = "Schizofox"; genericName = "Web Browser"; exec = "firefox-devedition --name firefox-schizo --profile /home/jacek/.mozilla/firefox/schizo %U"; icon = "${logo}"; terminal = false; categories = [ "Network" "WebBrowser" ]; mimeType = [ "text/html" "text/xml" "application/xhtml+xml" "application/vnd.mozilla.xul+xml" "x-scheme-handler/http" "x-scheme-handler/https" ]; type = "Application"; startupNotify = true; settings = { StartupWMClass = "firefox-schizo"; }; }; firefox-unschizo = { name = "Sanefox"; genericName = "Web Browser"; exec = "firefox-devedition --name firefox-sane --profile /home/jacek/.mozilla/firefox/unschizo %U"; icon = "${logo}"; terminal = false; categories = [ "Network" "WebBrowser" ]; mimeType = [ "text/html" "text/xml" "application/xhtml+xml" "application/vnd.mozilla.xul+xml" "x-scheme-handler/http" "x-scheme-handler/https" ]; type = "Application"; startupNotify = true; settings = { StartupWMClass = "firefox-sane"; }; }; }; programs.firefox = { enable = true; package = pkgs.firefox-devedition; profiles = { "schizo" = { id = 0; isDefault = true; search = { default = cfg.defaultSearchEngine; force = true; engines = (mapAttrs (name: value: { ${name} = { urls = [{ template = value.url; }]; icon = mkIf (value.faviconPath != "") value.faviconPath; iconUpdateURL = mkIf (value.faviconUrl != "") value.faviconUrl; updateInterval = mkIf (value.faviconUrl != "") (24 * 60 * 60 * 1000); definedAliases = value.aliases; }; }) cfg.searchEngines) // { # GTFO "Google".metaData.hidden = true; "Bing".metaData.hidden = true; "DuckDuckGo".metaData.hidden = true; "Amazon.com".metaData.hidden = true; }; order = mapAttrsToList (name: _value: name) cfg.searchEngines; }; extensions = with pkgs.nur.repos.rycee.firefox-addons; [ ublock-origin tridactyl violentmonkey darkreader keepassxc-browser redirector auto-tab-discard extra-addons.yomichan ]; settings = { "browser.aboutConfig.showWarning" = false; "browser.startup.page" = 0; "browser.startup.homepage" = "about:home"; "browser.newtabpage.enabled" = true; "browser.newtabpage.activity-stream.showSponsored" = false; "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; "browser.newtabpage.activity-stream.default.sites" = ""; "geo.provider.network.url" = ""; "geo.provider.network.logging.enabled" = false; "geo.provider.ms-windows-location" = false; "geo.provider.use_corelocation" = false; "geo.provider.use_gpsd" = false; "geo.provider.use_geoclue" = false; "intl.accept_langauges" = "en-US"; "javascript.use_us_english_locale" = true; "extensions.getAddons.showPane" = false; "extensions.htmlaboutaddons.recommendations.enabled" = false; "browser.discovery.enabled" = false; # this shit doesn't work thanks to firefox's # fucking retarded ass decisions # but I'm gonna keep it anyway "extensions.unifiedExtensions.enabled" = false; "datareporting.policy.dataSubmissionEnabled" = false; "datareporting.healthreport.uploadEnabled" = false; "toolkit.telemetry.unified" = false; "toolkit.telemetry.enabled" = false; "toolkit.telemetry.server" = "data:,"; "toolkit.telemetry.archive.enabled" = false; "toolkit.telemetry.newProfilePing.enabled" = false; "toolkit.telemetry.shutdownPingSender.enabled" = false; "toolkit.telemetry.updatePing.enabled" = false; "toolkit.telemetry.bhrPing.enabled" = false; "toolkit.telemetry.firstShutdownPing.enabled" = false; "toolkit.telemetry.coverage.opt-out" = true; "toolkit.coverage.endpoint.base" = ""; "browser.ping-centre.telemetry" = false; "browser.newtabpage.activity-stream.feeds.telemetry" = false; "browser.newtabpage.activity-stream.telemetry" = false; "app.shield.optoutstudies.enabled" = false; "app.normandy.enabled" = false; "app.normandy.api_url" = ""; "breakpad.reportURL" = ""; "browser.tabs.crashReporting.sendReport" = false; "browser.crashReports.unsubmittedCheck.enabled" = false; "browser.crashReports.unsubmittedCheck.autoSubmit2" = false; "captivedetect.canonicalURL" = ""; "network.captive-portal-service.enabled" = false; "network.connectivity-service.enabled" = false; "browser.safebrowsing.malware.enabled" = false; "browser.safebrowsing.phishing.enabled" = false; "browser.safebrowsing.downloads.enabled" = false; "browser.safebrowsing.downloads.remote.enabled" = false; "browser.safebrowsing.downloads.remote.url" = ""; "browser.safebrowsing.downloads.remote.block_potentially_unwanted" = false; "browser.safebrowsing.downloads.remote.block_uncommon" = false; "browser.safebrowsing.allowOverride" = false; "network.prefetch-next" = false; "network.dns.disablePrefetch" = true; "network.dns.disablePrefetchFromHTTPS" = true; "network.predictor.enabled" = false; "network.predictor.enable-prefetch" = false; "network.http.speculative.parallel-limit" = 0; "browser.places.speculativeConnect.enabled" = false; "browser.send_pings" = false; "network.dns.disableIPv6" = true; "network.proxy.socks_remote_dns" = true; "network.file.disable_unc_paths" = true; "network.gio.supported-protocols" = ""; "network.proxy.failover_direct" = false; "network.proxy.allow_bypass" = false; # "network.trr.mode" = 5; TODO read about this "browser.fixup.alternate.enabled" = false; # TODO do I want this "browser.search.suggest.enabled" = true; "browser.urlbar.suggest.searches" = true; "browser.urlbar.speculativeConnect.enabled" = false; "browser.urlbar.dnsResolveSingleWordsAfterSearch" = 0; "browser.urlbar.suggest.quicksuggest.nonsponsored" = false; "browser.urlbar.suggest.quicksuggest.sponsored" = false; "browser.formfill.enable" = false; "layout.css.visited_links_enabled" = false; "signon.autofillForms" = false; "signon.formlessCapture.enabled" = false; # TODO find some info about this "network.auth.subresource-http-auth-allow" = 0; "network.http.windows-sso.enabled" = false; # TODO read about these until... "browser.cache.disk.enable" = true; "browser.privatebrowsing.forceMediaMemoryCache" = true; "media.memory_cache_max_size" = 65536; "browser.sessionstore.privacy_level" = 2; # here "toolkit.winRegisterApplicationRestart" = false; # TODO favicons might be cool though "browser.shell.shortcutFavicons" = false; "security.ssl.require_safe_negotiation" = true; "security.tls.enable_0rtt_data" = true; # TODO read and think about it "security.OCSP.enabled" = 1; "security.OCSP.require" = true; "security.family_safety.mode" = 0; "security.cert_pinning.enforcement_level" = 2; # TODO read about the next 2 "security.remote_settings.crlite_filters.enabled" = true; "security.pki.crlite_mode" = 2; # TODO if images break it's probably this "security.mixed_content.block_display_content" = true; "dom.security.https_only_mode" = true; "dom.security.https_only_mode_pbm" = true; "dom.security.https_only_mode.upgrade_local" = true; "dom.security.https_only_mode_send_http_background_request" = false; "security.ssl.treat_unsafe_negotiation_as_broken" = true; "browser.xul.error_pages.expert_bad_cert" = true; "network.http.referer.XOriginPolicy" = 2; "network.http.referer.XOriginTrimmingPolicy" = 2; "privacy.userContext.enabled" = true; "privacy.userContext.ui.enabled" = true; "privacy.userContext.newTabContainerOnLeftClick.enabled" = true; # TODO read about these 2 "media.peerconnection.ice.proxy_only_if_behind_proxy" = true; "media.peerconnection.ice.default_address_only" = true; "media.peerconnection.ice.no_host" = true; # TODO remove this if some codecs or shit don't work "media.gmp-provider.enabled" = false; # I think this is for netflix and shit "media.gmp-widevinecdm.enabled" = false; # disables DRM in general "media.eme.enabled" = false; # and the ui for it just in case "browser.eme.ui.enabled" = false; "dom.disable_window_move_resize" = true; "accessibility.force_disabled" = 1; "browser.helperApps.deleteTempFileOnExit" = true; # TODO what the fuck is uitour "browser.uitour.enabled" = false; "browser.uitour.url" = ""; "devtools.debugger.remote-enabled" = false; "middlemouse.contentLoadURL" = false; "permissions.default.shortcuts" = 2; "permissions.manager.defaultsUrl" = ""; # TODO what is this "webchannel.allowObject.urlWhitelist" = ""; "network.IDN_show_punycode" = true; "pdfjs.disabled" = false; "pdfjs.enableScripting" = false; "network.protocol-handler.external.ms-windows-store" = false; "permissions.delegation.enabled" = false; "browser.download.useDownloadDir" = true; "browser.download.alwaysOpenPanel" = false; "browser.download.manager.addToRecentDocs" = true; "browser.download.always_ask_before_handling_new_types" = true; # if extensions break go here "extensions.enabledScopes" = 5; "extensions.autoDisableScopes" = 15; # TODO rethink this "extensions.postDownloadThirdPartyPrompt" = true; "extensions.webextensions.restrictedDomains" = ""; "browser.contentblocking.category" = "strict"; "privacy.antitracking.enableWebcompat" = false; "privacy.partition.serviceWorkers" = true; "privacy.partition.always_partition_third_party_non_cookie_storage" = true; "privacy.partition.always_partition_third_party_non_cookie_storage.exempt_sessionstorage" = false; "privacy.sanitize.sanitizeOnShutdown" = true; "privacy.clearOnShutdown.cache" = true; "privacy.clearOnShutdown.downloads" = true; "privacy.clearOnShutdown.formdata" = true; "privacy.clearOnShutdown.history" = true; "privacy.clearOnShutdown.sessions" = true; "privacy.clearOnShutdown.siteSettings" = true; # if true I can't recover from crashes according to arkenfox "privacy.clearOnShutdown.openWindows" = false; "privacy.clearOnShutdown.cookies" = true; "privacy.clearOnShutdown.offlineApps" = true; "privacy.clearsitedata.cache.enabled" = true; "privacy.cpd.cache" = true; "privacy.cpd.formdata" = true; "privacy.cpd.history" = true; "privacy.cpd.sessions" = true; "privacy.cpd.offlineApps" = true; "privacy.cpd.cookies" = true; "privacy.cpd.downloads" = true; "privacy.cpd.openWindows" = false; "privacy.cpd.passwords" = true; "privacy.cpd.siteSettings" = true; "privacy.sanitize.timeSpan" = 0; "privacy.resistFingerprint" = false; # we won't be installing extensions through mozilla's website I don't think "privacy.resistFingerprinting.block_mozAddonManager" = true; "privacy.resistFingerprinting.letterboxing" = true; "layout.css.font-visibility.resistFingerprinting" = 1; "browser.display.use_system_colors" = false; "widget.non-native-theme.enabled" = true; "browser.link.open_newwindow" = 3; "browser.link.open_newwindow.restriction" = 0; "webgl.disabled" = false; "signon.rememberSignons" = false; "permissions.memory_only" = true; "security.nocertdb" = true; "browser.chrome.site_icons" = true; "browser.session.max_tabs_undo" = 0; "browser.sessionstore.resume_from_crash" = true; "browser.urlbar.autoFill" = false; "places.history.enabled" = false; "extensions.formautofill.addresses.enabled" = false; "extensions.formautofill.creditCards.enabled" = false; "extensions.formautofill.heuristics.enabled" = false; "dom.popup_allowed_events" = "click dblclick mousedown pointerdown"; "javascript.options.ion" = false; "javascript.options.baselinejit" = false; "javascript.options.jit_trustedprincipals" = true; "javascript.options.wasm" = false; "extensions.blocklist.enabled" = true; "network.http.referer.spoofSource" = false; "security.dialog_enable_delay" = 1000; "privacy.firstparty.isolate" = false; "extensions.webcompat.enable_shims" = true; "security.tls.version.enable-deprecated" = false; "extensions.webcompat-reporter.enabled" = false; "gfx.webrender.all" = true; "media.ffmpeg.vaapi.enabled" = true; "identity.sync.tokenserver.uri" = "https://ffsync.jacekpoz.pl/1.0/sync/1.5"; }; }; "unschizo" = { id = 1; isDefault = false; search = { default = "${searxng-name}"; force = true; engines = { "${searxng-name}" = searxng; # GTFO "Google".metaData.hidden = true; "Bing".metaData.hidden = true; "DuckDuckGo".metaData.hidden = true; "Amazon.com".metaData.hidden = true; }; }; extensions = with pkgs.nur.repos.rycee.firefox-addons; [ ublock-origin dearrow tridactyl violentmonkey darkreader keepassxc-browser auto-tab-discard extra-addons.yomichan ]; settings = { "browser.aboutConfig.showWarning" = false; "browser.startup.page" = 0; "browser.startup.homepage" = "about:home"; "browser.newtabpage.enabled" = true; "browser.newtabpage.activity-stream.showSponsored" = false; "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; "browser.newtabpage.activity-stream.default.sites" = ""; "extensions.getAddons.showPane" = false; "extensions.htmlaboutaddons.recommendations.enabled" = false; "browser.discovery.enabled" = false; "extensions.unifiedExtensions.enabled" = false; "datareporting.policy.dataSubmissionEnabled" = false; "datareporting.healthreport.uploadEnabled" = false; "toolkit.telemetry.unified" = false; "toolkit.telemetry.enabled" = false; "toolkit.telemetry.server" = "data:,"; "toolkit.telemetry.archive.enabled" = false; "toolkit.telemetry.newProfilePing.enabled" = false; "toolkit.telemetry.shutdownPingSender.enabled" = false; "toolkit.telemetry.updatePing.enabled" = false; "toolkit.telemetry.bhrPing.enabled" = false; "toolkit.telemetry.firstShutdownPing.enabled" = false; "toolkit.telemetry.coverage.opt-out" = true; "toolkit.coverage.endpoint.base" = ""; "browser.ping-centre.telemetry" = false; "browser.newtabpage.activity-stream.feeds.telemetry" = false; "browser.newtabpage.activity-stream.telemetry" = false; "app.shield.optoutstudies.enabled" = false; "app.normandy.enabled" = false; "app.normandy.api_url" = ""; "breakpad.reportURL" = ""; "browser.tabs.crashReporting.sendReport" = false; "browser.crashReports.unsubmittedCheck.enabled" = false; "browser.crashReports.unsubmittedCheck.autoSubmit2" = false; "captivedetect.canonicalURL" = ""; "network.captive-portal-service.enabled" = false; "network.connectivity-service.enabled" = false; "browser.safebrowsing.malware.enabled" = false; "browser.safebrowsing.phishing.enabled" = false; "browser.safebrowsing.downloads.enabled" = false; "browser.safebrowsing.downloads.remote.enabled" = false; "browser.safebrowsing.downloads.remote.url" = ""; "browser.safebrowsing.downloads.remote.block_potentially_unwanted" = false; "browser.safebrowsing.downloads.remote.block_uncommon" = false; "browser.safebrowsing.allowOverride" = false; "privacy.resistFingerprinting.block_mozAddonManager" = true; "signon.rememberSignons" = false; "gfx.webrender.all" = true; "media.ffmpeg.vaapi.enabled" = true; "identity.sync.tokenserver.uri" = "https://ffsync.jacekpoz.pl/1.0/sync/1.5"; }; }; }; }; }; }; }