firefox: move policies to nixos config

alyraffauf · Jun 24, 2024 · 1057d5b · 1057d5b
1 parent 6ef302d
commit 1057d5b
Show file tree

Hide file tree

Showing 4 changed files with 120 additions and 105 deletions.
diff --git a/homeManagerModules/apps/firefox/default.nix b/homeManagerModules/apps/firefox/default.nix
@@ -8,110 +8,6 @@
     programs.firefox = {
       enable = true;
       #      nativeMessagingHosts = lib.optionals (config.alyraffauf.apps.keepassxc.enable) [pkgs.keepassxc];
-
-      policies = {
-        Cookies.Behavior = "reject-foreign";
-        DisableAppUpdate = true;
-        DisableFirefoxStudies = true;
-        DisableMasterPasswordCreation = true;
-        DisablePocket = true;
-        DisableProfileImport = true;
-        DisableSetDesktopBackground = true;
-        DisableTelemetry = true;
-        DisplayBookmarksToolbar = "newtab";
-
-        DNSOverHTTPS = {
-          Enabled = true;
-          Fallback = true;
-        };
-
-        DontCheckDefaultBrowser = true;
-
-        EnableTrackingProtection = {
-          Cryptomining = true;
-          Fingerprinting = true;
-          EmailTracking = true;
-          Locked = false;
-          Value = true;
-        };
-
-        EncryptedMediaExtensions = {
-          Enabled = true;
-          Locked = false;
-        };
-
-        ExtensionSettings =
-          {
-            "uBlock0@raymondhill.net" = {
-              install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
-              installation_mode = "normal_installed";
-            };
-            "jid1-BoFifL9Vbdl2zQ@jetpack" = {
-              install_url = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi";
-              installation_mode = "normal_installed";
-            };
-          }
-          // lib.attrsets.optionalAttrs (config.alyraffauf.apps.keepassxc.enable) {
-            "keepassxc-browser@keepassxc.org" = {
-              install_url = "https://addons.mozilla.org/firefox/downloads/latest/keepassxc-browser/latest.xpi";
-              installation_mode = "normal_installed";
-            };
-          };
-
-        FirefoxHome = {
-          Highlights = false;
-          Locked = false;
-          Pocket = false;
-          Search = true;
-          Snippets = false;
-          SponsoredPocket = false;
-          SponsoredTopSites = false;
-          TopSites = false;
-        };
-
-        FirefoxSuggest = {
-          ImproveSuggest = false;
-          Locked = false;
-          SponsoredSuggestions = false;
-          WebSuggestions = false;
-        };
-
-        HardwareAcceleration = true;
-
-        Homepage = {
-          Locked = false;
-          StartPage = "previous-session";
-        };
-
-        NewTabPage = false;
-        NoDefaultBookmarks = true;
-        OfferToSaveLoginsDefault = false;
-        OverrideFirstRunPage = "";
-        OverridePostUpdatePage = "";
-
-        PDFjs = {
-          Enabled = true;
-          EnablePermissions = false;
-        };
-
-        Preferences = {
-          "browser.aboutConfig.showWarning" = false;
-          "browser.bookmarks.addedImportButton" = false;
-          "datareporting.healthreport.uploadEnabled" = false;
-          "datareporting.policy.dataSubmissionPolicyAccepted" = true;
-          "dom.security.https_only_mode" = true;
-          "extensions.autoDisableScopes" = 0;
-        };
-
-        UserMessaging = {
-          ExtensionRecommendations = false;
-          FeatureRecommendations = false;
-          MoreFromMozilla = false;
-          SkipOnboarding = true;
-        };
-
-        UseSystemPrintDialog = true;
-      };
     };
   };
 }
diff --git a/nixosModules/apps/default.nix b/nixosModules/apps/default.nix
@@ -4,5 +4,5 @@
   config,
   ...
 }: {
-  imports = [./nicotine-plus ./steam ./podman ./virt-manager];
+  imports = [./firefox ./nicotine-plus ./steam ./podman ./virt-manager];
 }
diff --git a/nixosModules/apps/firefox/default.nix b/nixosModules/apps/firefox/default.nix
@@ -0,0 +1,114 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  config = lib.mkIf config.alyraffauf.apps.firefox.enable {
+    programs.firefox = {
+      policies = {
+        Cookies.Behavior = "reject-foreign";
+        DisableAppUpdate = true;
+        DisableFirefoxStudies = true;
+        DisableMasterPasswordCreation = true;
+        DisablePocket = true;
+        DisableProfileImport = true;
+        DisableSetDesktopBackground = true;
+        DisableTelemetry = true;
+        DisplayBookmarksToolbar = "newtab";
+
+        DNSOverHTTPS = {
+          Enabled = true;
+          Fallback = true;
+        };
+
+        DontCheckDefaultBrowser = true;
+
+        EnableTrackingProtection = {
+          Cryptomining = true;
+          Fingerprinting = true;
+          EmailTracking = true;
+          Locked = false;
+          Value = true;
+        };
+
+        EncryptedMediaExtensions = {
+          Enabled = true;
+          Locked = false;
+        };
+
+        ExtensionSettings =
+          {
+            "uBlock0@raymondhill.net" = {
+              install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
+              installation_mode = "normal_installed";
+            };
+            "jid1-BoFifL9Vbdl2zQ@jetpack" = {
+              install_url = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi";
+              installation_mode = "normal_installed";
+            };
+          }
+          // lib.attrsets.optionalAttrs (config.alyraffauf.apps.keepassxc.enable) {
+            "keepassxc-browser@keepassxc.org" = {
+              install_url = "https://addons.mozilla.org/firefox/downloads/latest/keepassxc-browser/latest.xpi";
+              installation_mode = "normal_installed";
+            };
+          };
+
+        FirefoxHome = {
+          Highlights = false;
+          Locked = false;
+          Pocket = false;
+          Search = true;
+          Snippets = false;
+          SponsoredPocket = false;
+          SponsoredTopSites = false;
+          TopSites = false;
+        };
+
+        FirefoxSuggest = {
+          ImproveSuggest = false;
+          Locked = false;
+          SponsoredSuggestions = false;
+          WebSuggestions = false;
+        };
+
+        HardwareAcceleration = true;
+
+        Homepage = {
+          Locked = false;
+          StartPage = "previous-session";
+        };
+
+        NewTabPage = false;
+        NoDefaultBookmarks = true;
+        OfferToSaveLoginsDefault = false;
+        OverrideFirstRunPage = "";
+        OverridePostUpdatePage = "";
+
+        PDFjs = {
+          Enabled = true;
+          EnablePermissions = false;
+        };
+
+        Preferences = {
+          "browser.aboutConfig.showWarning" = false;
+          "browser.bookmarks.addedImportButton" = false;
+          "datareporting.healthreport.uploadEnabled" = false;
+          "datareporting.policy.dataSubmissionPolicyAccepted" = true;
+          "dom.security.https_only_mode" = true;
+          "extensions.autoDisableScopes" = 0;
+        };
+
+        UserMessaging = {
+          ExtensionRecommendations = false;
+          FeatureRecommendations = false;
+          MoreFromMozilla = false;
+          SkipOnboarding = true;
+        };
+
+        UseSystemPrintDialog = true;
+      };
+    };
+  };
+}
diff --git a/nixosModules/options.nix b/nixosModules/options.nix
@@ -9,6 +9,11 @@
   options = {
     alyraffauf = {
       apps = {
+        firefox.enable = lib.mkOption {
+          description = "Firefox Web Browser.";
+          default = config.alyraffauf.desktop.enable;
+          type = lib.types.bool;
+        };
         nicotine-plus.enable =
           lib.mkEnableOption "Nicotine+ Soulseek client.";
         podman.enable =