diff --git a/flake.lock b/flake.lock index 8ece675..504610f 100644 --- a/flake.lock +++ b/flake.lock @@ -35,10 +35,26 @@ "type": "indirect" } }, + "nur": { + "locked": { + "lastModified": 1703791557, + "narHash": "sha256-AUzfwY6z9B/SHjILvwQYVl5tKtCoxTvti1oRuV3zlHc=", + "owner": "nix-community", + "repo": "NUR", + "rev": "d52c3b8e906cc63efe311ae6277867f7b68f3bca", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NUR", + "type": "github" + } + }, "root": { "inputs": { "home-manager": "home-manager", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs", + "nur": "nur" } } }, diff --git a/flake.nix b/flake.nix index 5c5b289..b0e9bbe 100644 --- a/flake.nix +++ b/flake.nix @@ -2,21 +2,22 @@ description = "My systems installation"; inputs = { nixpkgs.url = "nixpkgs/nixos-unstable"; + nur.url = "github:nix-community/NUR"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; }; - outputs = { self, nixpkgs, home-manager, ... }@inputs: + outputs = { self, nixpkgs, home-manager, nur, ... }@inputs: let stateVersion = "23.11"; -in rec { +in { nixosConfigurations = { morty = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { - inherit stateVersion; + inherit stateVersion inputs; hostname = "morty"; username = "ephase"; hostConfig = { @@ -31,7 +32,7 @@ in rec { mrmeeseeks = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { - inherit stateVersion; + inherit stateVersion inputs; hostname = "mrmeeseeks"; username = "ephase"; hostConfig = { @@ -46,7 +47,7 @@ in rec { luci = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { - inherit stateVersion; + inherit stateVersion inputs; hostname = "luci"; username = "ephase"; hostConfig = { diff --git a/home-manager/firefox/conf/theme.nix b/home-manager/firefox/conf/theme.nix deleted file mode 100644 index ac4dcb5..0000000 --- a/home-manager/firefox/conf/theme.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - "extensions.activeThemeID" = "firefox-compact-dark@mozilla.org"; - "browser.uidensity" = 1; -} diff --git a/home-manager/firefox/default.nix b/home-manager/firefox/default.nix deleted file mode 100644 index 010de88..0000000 --- a/home-manager/firefox/default.nix +++ /dev/null @@ -1,155 +0,0 @@ -{ pkgs, lib, ... }: -let - merge = lib.foldr (a: b: a // b) { }; -in -{ - programs.browserpass = { - enable = true; - browsers = ["firefox"]; - }; - programs.firefox = { - enable = true; - package = pkgs.wrapFirefox pkgs.firefox-unwrapped { - nativeMessagingHosts = [ - # Tridactyl native connector - pkgs.tridactyl-native - pkgs.browserpass - ]; - extraPolicies = { - DontCheckDefaultBrowser = true; - DisablePocket = true; - DisableTelemetry = true; - DisplayBookmarksToolbar = "never"; - DefaultDownloadDirectory = "\${home}/downloads"; - EnableTrackingProtection = { - Value = true; - Locked = true; - Cryptomining = true; - }; - FirefoxHome = { - Search = true; - TopSites = false; - SponsoredTopSites = false; - Highlights = false; - Pocket = false; - SponsoredPocket = false; - Snippets = false; - Locked = true; - }; - UserMessaging = { - WhatsNew = false; - ExtensionRecommendations = false; - FeatureRecommendations = false; - UrlbarInterventions = false; - SkipOnboarding = true; - MoreFromMozilla = false; - }; - NoDefaultBookmarks = true; - OfferToSaveLogins = false; - SearchSuggestEnabled = false; - OverrideFirstRunPage = ""; - OverridePostUpdatePage = ""; - ExtensionSettings = { - "uBlock0@raymondhill.net" = { - "allowed_types" = "extention"; - "installation_mode" = "force_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; - }; - "addon@darkreader.org" = { - "allowed_types" = "extension"; - "installation_mode" = "force_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/darkreader/latest.xpi"; - }; - "browserpass@maximbaz.com" = { - "allowed_types" = "extension"; - "installation_mode" = "force_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/browserpass-ce/latest.xpi"; - }; - "gdpr@cavi.au.dk" = { - "allowed_types" = "extension"; - "installation_mode" = "force_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/consent-o-matic/latest.xpi"; - }; - "jid1-BoFifL9Vbdl2zQ@jetpack" = { - "allowed_types" = "extension"; - "installation_mode" = "force_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi"; - }; - "CookieAutoDelete@kennydo.com" = { - "allowed_types" = "extension"; - "installation_mode" = "force_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/cookie-autodelete/latest.xpi"; - }; - }; - Preferences = { - "browser.crashReports.unsubmittedCheck.autoSubmit2" = { - Value = false; - Status = "locked"; - }; - "browser.selfsupport.url" = { - Value = ""; - Status = "locked"; - }; - "browser.aboutConfig.showWarning" = { - Value = false; - Status = "locked"; - }; - "browser.aboutHomeSnippets.updateUrl" = { - Value = ""; - Status = "locked"; - }; - "browser.startup.homepage_override.mstone" = { - Value = "ignore"; - Status = "locked"; - }; - "browser.startup.homepage_override.buildID" = { - Value = ""; - Status = "locked"; - }; - "browser.tabs.firefox-view" = { - Value = false; - Status = "locked"; - }; - "dom.security.https_only_mode" = { - Value = true; - Status = "locked"; - }; - "extensions.htmlaboutaddons.recommendations.enabled" = { - Value = false; - Status = "locked"; - }; - "extensions.recommendations.themeRecommendationUrl" = { - Value = ""; - Status = "locked"; - }; - "network.IDN_show_punycode" = { - Value = true; -# Status = "locked"; - }; - }; - }; - }; - profiles.ephase = { - id = 0; - name = "ephase"; - isDefault = true; - search = { - force = true; - default = "DuckDuckGo"; - }; - settings = merge [ - (import ./conf/doh.nix) - (import ./conf/drm.nix) - (import ./conf/experiments.nix) - (import ./conf/extensions.nix) - (import ./conf/preferences.nix) - (import ./conf/privacy.nix) - (import ./conf/safebrowsing.nix) - (import ./conf/suggest.nix) - (import ./conf/telemetry.nix) - (import ./conf/theme.nix) - (import ./conf/tracking.nix) - ]; - }; - }; -} diff --git a/hosts/luci/home-config.nix b/hosts/luci/home-config.nix index e94de85..169bcf1 100644 --- a/hosts/luci/home-config.nix +++ b/hosts/luci/home-config.nix @@ -1,6 +1,7 @@ { ... }: { config.modules = { video.kdenlive.enable = false; + web.firefox.enable = true; web.qutebrowser.enable = true; web.webcord.enable = true; gaming.lutris.enable = false; diff --git a/modules/home-manager/default.nix b/modules/home-manager/default.nix index e8aea27..750f0cf 100644 --- a/modules/home-manager/default.nix +++ b/modules/home-manager/default.nix @@ -1,9 +1,10 @@ -{ lib, config, pkgs, ... }: +{ ... }: { imports = [ ./desktop/sway ./gaming/lutris ./video/kdenlive + ./web/firefox ./web/qutebrowser/default.nix ./web/webcord ]; diff --git a/home-manager/firefox/conf/doh.nix b/modules/home-manager/web/firefox/conf/doh.nix similarity index 100% rename from home-manager/firefox/conf/doh.nix rename to modules/home-manager/web/firefox/conf/doh.nix diff --git a/home-manager/firefox/conf/drm.nix b/modules/home-manager/web/firefox/conf/drm.nix similarity index 100% rename from home-manager/firefox/conf/drm.nix rename to modules/home-manager/web/firefox/conf/drm.nix diff --git a/home-manager/firefox/conf/experiments.nix b/modules/home-manager/web/firefox/conf/experiments.nix similarity index 100% rename from home-manager/firefox/conf/experiments.nix rename to modules/home-manager/web/firefox/conf/experiments.nix diff --git a/home-manager/firefox/conf/extensions.nix b/modules/home-manager/web/firefox/conf/extensions.nix similarity index 87% rename from home-manager/firefox/conf/extensions.nix rename to modules/home-manager/web/firefox/conf/extensions.nix index 5ed22b5..498c96d 100644 --- a/home-manager/firefox/conf/extensions.nix +++ b/modules/home-manager/web/firefox/conf/extensions.nix @@ -8,4 +8,7 @@ # The start page with recommended addons uses google analytics. "extensions.getAddons.showPane" = false; "extensions.webservice.discoverURL" = ""; + +# disable pocket extention + "extensions.pocket.enabled" = false; } diff --git a/home-manager/firefox/conf/preferences.nix b/modules/home-manager/web/firefox/conf/preferences.nix similarity index 64% rename from home-manager/firefox/conf/preferences.nix rename to modules/home-manager/web/firefox/conf/preferences.nix index e4e6504..376d50b 100644 --- a/home-manager/firefox/conf/preferences.nix +++ b/modules/home-manager/web/firefox/conf/preferences.nix @@ -25,4 +25,22 @@ # Disables executing of JavaScript in the PDF form viewer. It is possible that # some PDFs are not rendered correctly due to missing functions. "pdfjs.enableScripting" = true; + +# Allow fullscreen in Firefox windows + "full-screen-api.ignore-widgets" = true; + +# Download preferences + "browser.download.dir" = "~/downloads"; + +# About:config show warning + "browser.aboutConfig.showWarning" = false; + +# avoid some useless recommendations + "extensions.htmlaboutaddons.recommendations.enabled" = false; + "extensions.recommendations.themeRecommendationUrl" = ""; + +# Do not senf FF buid ID for ste statup page + "browser.startup.homepage_override.mstone" = "ignore"; + + "browser.aboutHomeSnippets.updateUrl" = ""; } diff --git a/home-manager/firefox/conf/privacy.nix b/modules/home-manager/web/firefox/conf/privacy.nix similarity index 95% rename from home-manager/firefox/conf/privacy.nix rename to modules/home-manager/web/firefox/conf/privacy.nix index 55cfd61..20fa927 100644 --- a/home-manager/firefox/conf/privacy.nix +++ b/modules/home-manager/web/firefox/conf/privacy.nix @@ -116,4 +116,10 @@ # When you type "something" in the urlbar and press enter, Firefox tries # "something.com", if Fixup URLs is enabled. "browser.fixup.alternate.enabled" = true; + +# Tracking protection + "privacy.trackingprotection.enabled" = true; + "privacy.trackingprotection.pbmode.enabled" = true; + "privacy.trackingprotection.cryptomining.enabled" = true; + "privacy.trackingprotection.fingerprinting.enabled" = true; } diff --git a/home-manager/firefox/conf/safebrowsing.nix b/modules/home-manager/web/firefox/conf/safebrowsing.nix similarity index 100% rename from home-manager/firefox/conf/safebrowsing.nix rename to modules/home-manager/web/firefox/conf/safebrowsing.nix diff --git a/home-manager/firefox/conf/suggest.nix b/modules/home-manager/web/firefox/conf/suggest.nix similarity index 100% rename from home-manager/firefox/conf/suggest.nix rename to modules/home-manager/web/firefox/conf/suggest.nix diff --git a/home-manager/firefox/conf/telemetry.nix b/modules/home-manager/web/firefox/conf/telemetry.nix similarity index 99% rename from home-manager/firefox/conf/telemetry.nix rename to modules/home-manager/web/firefox/conf/telemetry.nix index 4245101..602a8db 100644 --- a/home-manager/firefox/conf/telemetry.nix +++ b/modules/home-manager/web/firefox/conf/telemetry.nix @@ -35,4 +35,5 @@ "browser.crashReports.unsubmittedCheck.enabled" = false; "browser.crashReports.unsubmittedCheck.autoSubmit" = false; "browser.crashReports.unsubmittedCheck.autoSubmit2" = false; + } diff --git a/modules/home-manager/web/firefox/conf/theme.nix b/modules/home-manager/web/firefox/conf/theme.nix new file mode 100644 index 0000000..6ef7039 --- /dev/null +++ b/modules/home-manager/web/firefox/conf/theme.nix @@ -0,0 +1,34 @@ +{ + "extensions.activeThemeID" = "firefox-compact-dark@mozilla.org"; + "browser.uidensity" = 1; + +# New tab behaviour + "browser.newtabpage.activity-stream.showSearch" = false; + "browser.newtabpage.activity-stream.feeds.topsites" = false; + "browser.newtabpage.activity-stream.feeds.section.highlights" = false; + "browser.newtabpage.activity-stream.feeds.topstories" = false; + "browser.newtabpage.activity-stream.snippets" = false; + "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; + "browser.newtabpage.activity-stream.showSponsored" = false; + +# Mozilla messages and recommandations + "browser.messaging-system.whatsNewPanel.enabled" = false; + "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons" = false; + "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features" = false; + "browser.aboutwelcome.enabled" = false; + "browser.preferences.moreFromMozilla" = false; + +# Do not save my logins + "signon.rememberSignons" = true; + +# Do not suggest some research + "browser.urlbar.suggest.searches" = true; + "browser.search.suggest.enabled" = true; + +# do not override startus page + "startup.homepage_override_url" = ""; + "startup.homepage_welcome_url" = ""; + +# do not show bookmark page + "browser.toolbars.bookmarks.visibility" = "never"; +} diff --git a/home-manager/firefox/conf/tracking.nix b/modules/home-manager/web/firefox/conf/tracking.nix similarity index 100% rename from home-manager/firefox/conf/tracking.nix rename to modules/home-manager/web/firefox/conf/tracking.nix diff --git a/modules/home-manager/web/firefox/default.nix b/modules/home-manager/web/firefox/default.nix new file mode 100644 index 0000000..67d6e4f --- /dev/null +++ b/modules/home-manager/web/firefox/default.nix @@ -0,0 +1,62 @@ +{ lib, config, pkgs, ... }: +with lib; +let + merge = foldr (a: b: a // b) { }; + cfg = config.modules.web.firefox; +in +{ + options.modules.web.firefox = { + enable = mkEnableOption "enable Firefox web browser"; + }; + config = mkIf cfg.enable { + + nixpkgs.overlays = [ + inputs.nur.overlay + ]; + programs.browserpass = { + enable = true; + browsers = ["firefox"]; + }; + programs.firefox = { + package = pkgs.wrapFirefox pkgs.firefox-unwrapped { + nativeMessagingHosts = [ + # Tridactyl native connector + pkgs.tridactyl-native + pkgs.browserpass + ]; + }; + enable = true; + profiles.ephase = { + id = 0; + name = "ephase"; + isDefault = true; + extensions = with pkgs.nur.repos.rycee.firefox-addons; [ + browserpass + consent-o-matic + cookie-autodelete + darkreader + decentraleyes + tridactyl + ublock-origin + ]; + search = { + force = true; + default = "DuckDuckGo"; + }; + settings = merge [ + (import ./conf/doh.nix) + (import ./conf/drm.nix) + (import ./conf/experiments.nix) + (import ./conf/extensions.nix) + (import ./conf/preferences.nix) + (import ./conf/privacy.nix) + (import ./conf/safebrowsing.nix) + (import ./conf/suggest.nix) + (import ./conf/telemetry.nix) + (import ./conf/theme.nix) + (import ./conf/tracking.nix) + ]; + }; + }; + }; +} diff --git a/nixos/default.nix b/nixos/default.nix index 9dd66b4..261945c 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, stateVersion, hostname, username, hostConfig, ... }: +{ pkgs, lib, stateVersion, hostname, username, hostConfig, ... }: { imports = [ # Include the results of the hardware scan. @@ -66,7 +66,6 @@ ../home-manager/cli ] ++ (if hostConfig.desktop then [ - ../home-manager/firefox ../home-manager/foot.nix ../home-manager/zathura.nix ../home-manager/imv.nix diff --git a/nixos/includes/system/overlay.nix b/nixos/includes/system/overlay.nix index 36e2b5e..aa2cc69 100644 --- a/nixos/includes/system/overlay.nix +++ b/nixos/includes/system/overlay.nix @@ -1,3 +1,4 @@ +{ inputs, ...}: { nixpkgs.overlays = [ (final: prev: { @@ -5,5 +6,6 @@ enableWideVine = true; }; }) + inputs.nur.overlay ]; }