From 2af6d9e2fb9dd462c5f53e9fc76554919286d44e Mon Sep 17 00:00:00 2001 From: oddlama Date: Fri, 8 Sep 2023 16:59:17 +0200 Subject: [PATCH] feat(firefox): add about:config settings, betterfox and search engine definitions --- users/myuser/graphical/firefox.nix | 251 +++++++++++++++++++++++++++-- 1 file changed, 239 insertions(+), 12 deletions(-) diff --git a/users/myuser/graphical/firefox.nix b/users/myuser/graphical/firefox.nix index 3914a0c..14059a4 100644 --- a/users/myuser/graphical/firefox.nix +++ b/users/myuser/graphical/firefox.nix @@ -16,19 +16,246 @@ NVD_BACKEND = "direct"; }; envStr = concatStringsSep " " (mapAttrsToList (n: v: "${n}=${escapeShellArg v}") env); -in { - programs.firefox.enable = true; - programs.firefox.package = pkgs.firefox.overrideAttrs (old: { - buildCommand = - old.buildCommand - + '' - substituteInPlace $out/bin/firefox \ - --replace "exec -a" ${escapeShellArg envStr}" exec -a" - ''; - }); - # TODO userChrome - # TODO settings if they can coexist with non declarative stuff + betterfox = pkgs.fetchFromGitHub { + owner = "yokoffing"; + repo = "Betterfox"; + rev = "116.1"; + hash = "sha256-Ai8Szbrk/4FhGhS4r5gA2DqjALFRfQKo2a/TwWCIA6g="; + }; +in { + programs.firefox = { + enable = true; + package = pkgs.firefox.overrideAttrs (old: { + buildCommand = + old.buildCommand + + '' + substituteInPlace $out/bin/firefox \ + --replace "exec -a" ${escapeShellArg envStr}" exec -a" + ''; + }); + + profiles.default = { + id = 0; + isDefault = true; + + # Hide tab bar because we have tree style tabs + userChrome = '' + #TabsToolbar { + visibility: collapse !important; + } + + #titlebar-buttonbox { + height: 32px !important; + } + ''; + + extraConfig = builtins.concatStringsSep "\n" [ + (builtins.readFile "${betterfox}/Securefox.js") + (builtins.readFile "${betterfox}/Fastfox.js") + (builtins.readFile "${betterfox}/Peskyfox.js") + ]; + + settings = { + # General + "intl.accept_languages" = "en-us,en"; + "browser.startup.page" = 3; # Resume previous session on startup + "browser.aboutConfig.showWarning" = false; # I sometimes know what I'm doing + "browser.ctrlTab.recentlyUsedOrder" = false; # Who want's that? + "browser.download.useDownloadDir" = false; # Ask where to save stuff + "privacy.clearOnShutdown.history" = false; # We want to save history on exit + # Hi-DPI + "layout.css.devPixelsPerPx" = "1.5"; + # Allow executing JS in the dev console + "devtools.chrome.enabled" = true; + # Disable browser crash reporting + "browser.tabs.crashReporting.sendReport" = false; + # Allow userCrome.css + "toolkit.legacyUserProfileCustomizations.stylesheets" = true; + + # Hardware acceleration + # See https://github.com/elFarto/nvidia-vaapi-driver?tab=readme-ov-file#firefox + "gfx.webrender.all" = true; + "media.ffmpeg.vaapi.enabled" = true; + "media.rdd-ffmpeg.enabled" = true; + "widget.dmabuf.force-enabled" = true; + "media.av1.enabled" = false; # XXX: change once I've upgraded my GPU + # XXX: what is this? + "media.ffvpx.enabled" = false; + "media.rdd-vpx.enabled" = false; + + # Privacy + "privacy.donottrackheader.enabled" = true; + "privacy.trackingprotection.enabled" = true; + "privacy.trackingprotection.socialtracking.enabled" = true; + "privacy.userContext.enabled" = true; + "privacy.userContext.ui.enabled" = true; + + "browser.send_pings" = false; # Don't respect + + # This allows firefox devs changing options for a small amount of users to test out stuff. + # Not with me please ... + "app.normandy.enabled" = false; + "app.shield.optoutstudies.enabled" = false; + + "beacon.enabled" = false; # No bluetooth location BS in my webbrowser please + "device.sensors.enabled" = false; # This isn't a phone + "geo.enabled" = false; # Disable geolocation alltogether + + # Enable certificate pinning via HPKP + "security.cert_pinning.hpkp.enabled" = true; + + # Encrypted SNI (domain nanme) when using SSL + "network.security.esni.enabled" = true; + + # Disable telemetry for privacy reasons + "toolkit.telemetry.archive.enabled" = false; + "toolkit.telemetry.enabled" = false; + "toolkit.telemetry.prompted" = 2; + "toolkit.telemetry.rejected" = true; + "toolkit.telemetry.server" = ""; + "toolkit.telemetry.unified" = false; + "extensions.webcompat-reporter.enabled" = false; # don't report compability problems to mozilla + "datareporting.policy.dataSubmissionEnabled" = false; + "datareporting.healthreport.uploadEnabled" = false; + "browser.ping-centre.telemetry" = false; + "browser.urlbar.eventTelemetry.enabled" = false; + + # Disable some useless stuff + "extensions.pocket.enabled" = false; # disable pocket, save links, send tabs + "extensions.abuseReport.enabled" = false; # don't show 'report abuse' in extensions + "extensions.fxmonitor.firstAlertShown" = false; # don't show advertisement for breach detection + "extensions.formautofill.creditCards.enabled" = false; # don't auto-fill credit card information + "identity.fxaccounts.enabled" = false; # disable firefox login + "identity.fxaccounts.toolbar.enabled" = false; + "identity.fxaccounts.pairing.enabled" = false; + "identity.fxaccounts.commands.enabled" = false; + "browser.contentblocking.report.lockwise.enabled" = false; # don't use firefox password manger + "browser.uitour.enabled" = false; # no tutorial please + "browser.newtabpage.activity-stream.showSponsored" = false; + "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; + + # disable EME encrypted media extension (Providers can get DRM + # through this if they include a decryption black-box program) + "browser.eme.ui.enabled" = false; + "media.eme.enabled" = false; + + # don't predict network requests + "network.predictor.enabled" = false; + "browser.urlbar.speculativeConnect.enabled" = false; + "browser.urlbar.usepreloadedtopurls.enabled" = false; + + # disable annoying web features + "dom.push.enabled" = false; # no notifications, really... + "dom.push.connection.enabled" = false; + "dom.battery.enabled" = false; # you don't need to see my battery... + "dom.event.clipboardevents.enabled" = false; # the clipboard is mine, no info leak, except when i want to paste + "dom.event.contextmenu.enabled" = false; # no disabling right-clicking.. + }; + + search = { + force = true; + default = "DuckDuckGo"; + order = ["DuckDuckGo" "Youtube" "Nix Packages" "GitHub" "HackerNews"]; + + engines = { + "Bing".metaData.hidden = true; + "Amazon.com".metaData.hidden = true; + "Google".metaData.hidden = true; + + "YouTube" = { + iconUpdateURL = "https://youtube.com/favicon.ico"; + updateInterval = 24 * 60 * 60 * 1000; + definedAliases = ["@yt"]; + urls = [ + { + template = "https://www.youtube.com/results"; + params = [ + { + name = "search_query"; + value = "{searchTerms}"; + } + ]; + } + ]; + }; + + "Nix Packages" = { + icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; + definedAliases = ["@np"]; + urls = [ + { + template = "https://search.nixos.org/packages"; + params = [ + { + name = "type"; + value = "packages"; + } + { + name = "query"; + value = "{searchTerms}"; + } + ]; + } + ]; + }; + + "GitHub" = { + iconUpdateURL = "https://github.com/favicon.ico"; + updateInterval = 24 * 60 * 60 * 1000; + definedAliases = ["@gh"]; + + urls = [ + { + template = "https://github.com/search"; + params = [ + { + name = "q"; + value = "{searchTerms}"; + } + ]; + } + ]; + }; + + "Home Manager" = { + icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; + definedAliases = ["@hm"]; + + url = [ + { + template = "https://mipmip.github.io/home-manager-option-search/"; + params = [ + { + name = "query"; + value = "{searchTerms}"; + } + ]; + } + ]; + }; + + "HackerNews" = { + iconUpdateURL = "https://hn.algolia.com/favicon.ico"; + updateInterval = 24 * 60 * 60 * 1000; + definedAliases = ["@hn"]; + + url = [ + { + template = "https://hn.algolia.com/"; + params = [ + { + name = "query"; + value = "{searchTerms}"; + } + ]; + } + ]; + }; + }; + }; + }; + }; home.persistence."/state".directories = [ "Downloads"