2022-10-21 15:38:20 +00:00
|
|
|
# common settings to toggle (at runtime, in about:config):
|
|
|
|
# > security.ssl.require_safe_negotiation
|
|
|
|
|
|
|
|
# librewolf is a forked firefox which patches firefox to allow more things
|
|
|
|
# (like default search engines) to be configurable at runtime.
|
|
|
|
# many of the settings below won't have effect without those patches.
|
|
|
|
# see: https://gitlab.com/librewolf-community/settings/-/blob/master/distribution/policies.json
|
|
|
|
|
2023-05-08 21:41:02 +00:00
|
|
|
{ config, lib, pkgs, ...}:
|
2022-11-01 23:23:50 +00:00
|
|
|
with lib;
|
2022-10-21 15:38:20 +00:00
|
|
|
let
|
2023-07-15 08:51:36 +00:00
|
|
|
cfg = config.sane.programs.firefox.config;
|
2023-07-16 12:25:12 +00:00
|
|
|
mobile-prefs = lib.optionals false pkgs.librewolf-pmos-mobile.extraPrefsFiles;
|
2022-11-01 23:23:50 +00:00
|
|
|
# allow easy switching between firefox and librewolf with `defaultSettings`, below
|
2022-11-01 11:58:45 +00:00
|
|
|
librewolfSettings = {
|
2023-11-21 23:44:28 +00:00
|
|
|
browser = pkgs.librewolf-unwrapped.overrideAttrs (upstream: {
|
|
|
|
# TEMP(2023/11/21): fix eval bug in wrapFirefox
|
|
|
|
# see: <https://github.com/NixOS/nixpkgs/pull/244591>
|
|
|
|
passthru = upstream.passthru // {
|
|
|
|
requireSigning = false;
|
|
|
|
allowAddonSideload = true;
|
|
|
|
};
|
|
|
|
});
|
2023-07-16 12:25:12 +00:00
|
|
|
extraPrefsFiles = pkgs.librewolf-unwrapped.extraPrefsFiles ++ mobile-prefs;
|
2022-11-01 11:58:45 +00:00
|
|
|
libName = "librewolf";
|
|
|
|
dotDir = ".librewolf";
|
2023-06-26 10:11:22 +00:00
|
|
|
cacheDir = ".cache/librewolf";
|
2022-11-01 23:23:50 +00:00
|
|
|
desktop = "librewolf.desktop";
|
2022-11-01 11:58:45 +00:00
|
|
|
};
|
|
|
|
firefoxSettings = {
|
|
|
|
browser = pkgs.firefox-esr-unwrapped;
|
2023-07-16 12:25:12 +00:00
|
|
|
extraPrefsFiles = mobile-prefs;
|
2022-11-01 11:58:45 +00:00
|
|
|
libName = "firefox";
|
|
|
|
dotDir = ".mozilla/firefox";
|
2023-01-04 13:27:20 +00:00
|
|
|
cacheDir = ".cache/mozilla";
|
2022-11-01 23:23:50 +00:00
|
|
|
desktop = "firefox.desktop";
|
2022-11-01 11:58:45 +00:00
|
|
|
};
|
2023-04-14 07:14:50 +00:00
|
|
|
# defaultSettings = firefoxSettings;
|
|
|
|
defaultSettings = librewolfSettings;
|
2022-11-01 11:58:45 +00:00
|
|
|
|
2024-01-20 11:11:12 +00:00
|
|
|
packageUnwrapped = (pkgs.wrapFirefox cfg.browser.browser {
|
2022-10-21 15:38:20 +00:00
|
|
|
# inherit the default librewolf.cfg
|
|
|
|
# it can be further customized via ~/.librewolf/librewolf.overrides.cfg
|
2023-06-26 23:22:45 +00:00
|
|
|
inherit (cfg.browser) extraPrefsFiles libName;
|
2022-10-26 14:13:55 +00:00
|
|
|
|
2023-12-13 21:34:59 +00:00
|
|
|
nativeMessagingHosts = lib.optionals cfg.addons.browserpass-extension.enable [
|
2023-12-13 20:51:57 +00:00
|
|
|
pkgs.browserpass
|
|
|
|
] ++ lib.optionals cfg.addons.fxCast.enable [
|
|
|
|
pkgs.fx-cast-bridge
|
|
|
|
];
|
2022-10-26 14:13:55 +00:00
|
|
|
|
2023-01-26 23:30:56 +00:00
|
|
|
nixExtensions = concatMap (ext: optional ext.enable ext.package) (attrValues cfg.addons);
|
2022-11-01 11:58:45 +00:00
|
|
|
|
2022-10-21 15:38:20 +00:00
|
|
|
extraPolicies = {
|
2023-05-25 01:01:34 +00:00
|
|
|
FirefoxHome = {
|
|
|
|
Search = true;
|
|
|
|
Pocket = false;
|
|
|
|
Snippets = false;
|
|
|
|
TopSites = false;
|
|
|
|
Highlights = false;
|
|
|
|
};
|
2022-10-21 15:38:20 +00:00
|
|
|
NoDefaultBookmarks = true;
|
2023-05-25 01:01:34 +00:00
|
|
|
OfferToSaveLogins = false;
|
|
|
|
OfferToSaveLoginsDefault = false;
|
|
|
|
PasswordManagerEnabled = false;
|
2022-10-21 15:38:20 +00:00
|
|
|
SearchEngines = {
|
|
|
|
Default = "DuckDuckGo";
|
|
|
|
};
|
2023-05-25 01:01:34 +00:00
|
|
|
UserMessaging = {
|
|
|
|
ExtensionRecommendations = false;
|
2023-06-26 10:11:22 +00:00
|
|
|
FeatureRecommendations = false;
|
2023-05-25 01:01:34 +00:00
|
|
|
SkipOnboarding = true;
|
2023-06-26 10:11:22 +00:00
|
|
|
UrlbarInterventions = false;
|
|
|
|
WhatsNew = false;
|
2023-05-25 01:01:34 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
# these were taken from Librewolf
|
2022-10-21 15:38:20 +00:00
|
|
|
AppUpdateURL = "https://localhost";
|
|
|
|
DisableAppUpdate = true;
|
|
|
|
OverrideFirstRunPage = "";
|
|
|
|
OverridePostUpdatePage = "";
|
|
|
|
DisableSystemAddonUpdate = true;
|
|
|
|
DisableFirefoxStudies = true;
|
|
|
|
DisableTelemetry = true;
|
|
|
|
DisableFeedbackCommands = true;
|
|
|
|
DisablePocket = true;
|
|
|
|
DisableSetDesktopBackground = false;
|
2022-11-01 11:58:45 +00:00
|
|
|
|
2022-11-02 02:29:33 +00:00
|
|
|
# remove many default search providers
|
|
|
|
# XXX this seems to prevent the `nixExtensions` from taking effect
|
|
|
|
# Extensions.Uninstall = [
|
|
|
|
# "google@search.mozilla.org"
|
|
|
|
# "bing@search.mozilla.org"
|
|
|
|
# "amazondotcom@search.mozilla.org"
|
|
|
|
# "ebay@search.mozilla.org"
|
|
|
|
# "twitter@search.mozilla.org"
|
|
|
|
# ];
|
2022-10-21 15:38:20 +00:00
|
|
|
# XXX doesn't seem to have any effect...
|
|
|
|
# docs: https://github.com/mozilla/policy-templates#homepage
|
|
|
|
# Homepage = {
|
|
|
|
# HomepageURL = "https://uninsane.org/";
|
|
|
|
# StartPage = "homepage";
|
|
|
|
# };
|
|
|
|
# NewTabPage = true;
|
|
|
|
};
|
2023-05-25 01:01:34 +00:00
|
|
|
# extraPrefs = ...
|
2024-01-03 14:58:45 +00:00
|
|
|
}).overrideAttrs (base: {
|
|
|
|
# de-associate `ctrl+shift+c` from activating the devtools.
|
|
|
|
# based on <https://stackoverflow.com/a/54260938>
|
2024-01-28 14:07:20 +00:00
|
|
|
# TODO: could use `zip -f` to only update the one changed file, instead of rezipping everything.
|
2024-01-03 14:58:45 +00:00
|
|
|
buildCommand = (base.buildCommand or "") + ''
|
|
|
|
mkdir omni
|
2024-01-28 14:07:20 +00:00
|
|
|
|
|
|
|
echo "omni.ja BEFORE:"
|
|
|
|
ls -l $(readlink $out/lib/${cfg.browser.libName}/browser/omni.ja)
|
|
|
|
|
|
|
|
echo "unzipping omni.ja"
|
|
|
|
# N.B. `zip` exits non-zero even on successful extraction, if the file didn't 100% obey spec
|
|
|
|
${pkgs.buildPackages.unzip}/bin/unzip $out/lib/${cfg.browser.libName}/browser/omni.ja -d omni || true
|
|
|
|
|
|
|
|
echo "removing old omni.ja"
|
2024-01-03 14:58:45 +00:00
|
|
|
rm $out/lib/${cfg.browser.libName}/browser/omni.ja
|
2024-01-28 14:07:20 +00:00
|
|
|
|
|
|
|
echo "patching omni.ja"
|
2024-01-03 14:58:45 +00:00
|
|
|
${pkgs.buildPackages.gnused}/bin/sed -i s'/devtools-commandkey-inspector = C/devtools-commandkey-inspector = VK_F12/' omni/localization/en-US/devtools/startup/key-shortcuts.ftl
|
2024-01-28 14:07:20 +00:00
|
|
|
|
|
|
|
echo "re-zipping omni.ja"
|
2024-01-03 14:58:45 +00:00
|
|
|
pushd omni; ${pkgs.buildPackages.zip}/bin/zip $out/lib/${cfg.browser.libName}/browser/omni.ja -r ./*; popd
|
2024-01-21 23:59:15 +00:00
|
|
|
|
2024-01-28 14:07:20 +00:00
|
|
|
echo "omni.ja AFTER:"
|
|
|
|
ls -l $out/lib/${cfg.browser.libName}/browser/omni.ja
|
|
|
|
|
2024-01-22 09:16:25 +00:00
|
|
|
# runHook postFixup to allow sane.programs sandbox wrappers to wrap the binaries
|
2024-01-21 23:59:15 +00:00
|
|
|
runHook postFixup
|
2024-01-03 14:58:45 +00:00
|
|
|
'';
|
|
|
|
});
|
2023-01-26 23:30:56 +00:00
|
|
|
|
|
|
|
addonOpts = types.submodule {
|
|
|
|
options = {
|
|
|
|
package = mkOption {
|
|
|
|
type = types.package;
|
|
|
|
};
|
|
|
|
enable = mkOption {
|
|
|
|
type = types.bool;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2023-05-08 09:49:58 +00:00
|
|
|
configOpts = {
|
|
|
|
options = {
|
|
|
|
browser = mkOption {
|
|
|
|
default = defaultSettings;
|
|
|
|
type = types.anything;
|
|
|
|
};
|
|
|
|
persistData = mkOption {
|
|
|
|
description = "optional store name to which persist browsing data (like history)";
|
|
|
|
type = types.nullOr types.str;
|
|
|
|
default = null;
|
|
|
|
};
|
|
|
|
persistCache = mkOption {
|
|
|
|
description = "optional store name to which persist browser cache";
|
|
|
|
type = types.nullOr types.str;
|
|
|
|
default = "cryptClearOnBoot";
|
|
|
|
};
|
|
|
|
addons = mkOption {
|
|
|
|
type = types.attrsOf addonOpts;
|
2023-05-24 23:09:05 +00:00
|
|
|
default = {};
|
2023-01-26 23:30:56 +00:00
|
|
|
};
|
|
|
|
};
|
2022-11-01 23:23:50 +00:00
|
|
|
};
|
2023-05-08 09:49:58 +00:00
|
|
|
in
|
|
|
|
{
|
2023-04-26 00:52:13 +00:00
|
|
|
config = mkMerge [
|
2023-05-08 09:49:58 +00:00
|
|
|
({
|
2023-07-15 08:51:36 +00:00
|
|
|
sane.programs.firefox.configOption = mkOption {
|
2023-05-08 09:49:58 +00:00
|
|
|
type = types.submodule configOpts;
|
|
|
|
default = {};
|
|
|
|
};
|
2023-07-15 08:51:36 +00:00
|
|
|
sane.programs.firefox.config.addons = {
|
2023-12-13 20:51:57 +00:00
|
|
|
fxCast = {
|
2023-12-13 20:58:45 +00:00
|
|
|
# add a menu to cast to chromecast devices, but it doesn't seem to work very well.
|
|
|
|
# right click (or shift+rc) a video, then select "cast".
|
|
|
|
# - asciinema.org: icon appears, but glitches when clicked.
|
|
|
|
# - youtube.com: no icon appears, even when site is whitelisted.
|
|
|
|
# future: maybe better to have browser open all videos in mpv, and then use mpv for casting.
|
|
|
|
# see e.g. `ff2mpv`, `open-in-mpv` (both are packaged in nixpkgs)
|
2023-12-13 20:51:57 +00:00
|
|
|
package = pkgs.firefox-extensions.fx_cast;
|
|
|
|
enable = lib.mkDefault false;
|
|
|
|
};
|
2023-05-24 23:09:05 +00:00
|
|
|
browserpass-extension = {
|
2023-07-17 21:32:10 +00:00
|
|
|
package = pkgs.firefox-extensions.browserpass-extension;
|
2023-05-24 23:09:05 +00:00
|
|
|
enable = lib.mkDefault true;
|
|
|
|
};
|
2023-07-18 20:21:48 +00:00
|
|
|
bypass-paywalls-clean = {
|
|
|
|
package = pkgs.firefox-extensions.bypass-paywalls-clean;
|
|
|
|
enable = lib.mkDefault true;
|
|
|
|
};
|
2024-01-03 13:42:58 +00:00
|
|
|
ctrl-shift-c-should-copy = {
|
|
|
|
package = pkgs.firefox-extensions.ctrl-shift-c-should-copy;
|
2024-01-03 14:58:45 +00:00
|
|
|
enable = lib.mkDefault false; # prefer patching firefox source code, so it works in more places
|
2024-01-03 13:42:58 +00:00
|
|
|
};
|
2023-05-24 23:09:05 +00:00
|
|
|
ether-metamask = {
|
2023-07-17 03:11:08 +00:00
|
|
|
package = pkgs.firefox-extensions.ether-metamask;
|
2023-07-17 21:33:15 +00:00
|
|
|
enable = lib.mkDefault false; # until i can disable the first-run notification
|
2023-05-24 23:09:05 +00:00
|
|
|
};
|
|
|
|
i2p-in-private-browsing = {
|
2023-07-17 03:11:08 +00:00
|
|
|
package = pkgs.firefox-extensions.i2p-in-private-browsing;
|
2023-05-24 23:09:05 +00:00
|
|
|
enable = lib.mkDefault config.services.i2p.enable;
|
|
|
|
};
|
2023-12-13 21:34:34 +00:00
|
|
|
open-in-mpv = {
|
2024-01-21 23:59:15 +00:00
|
|
|
# test: `open-in-mpv 'mpv:///open?url=https://www.youtube.com/watch?v=dQw4w9WgXcQ'`
|
2023-12-13 21:34:34 +00:00
|
|
|
package = pkgs.firefox-extensions.open-in-mpv;
|
|
|
|
enable = lib.mkDefault config.sane.programs.open-in-mpv.enabled;
|
|
|
|
};
|
2023-05-24 23:09:05 +00:00
|
|
|
sidebery = {
|
2023-07-17 03:11:08 +00:00
|
|
|
package = pkgs.firefox-extensions.sidebery;
|
2023-05-24 23:09:05 +00:00
|
|
|
enable = lib.mkDefault true;
|
|
|
|
};
|
|
|
|
sponsorblock = {
|
2023-07-17 03:11:08 +00:00
|
|
|
package = pkgs.firefox-extensions.sponsorblock;
|
2023-05-24 23:09:05 +00:00
|
|
|
enable = lib.mkDefault true;
|
|
|
|
};
|
|
|
|
ublacklist = {
|
2023-07-17 03:11:08 +00:00
|
|
|
package = pkgs.firefox-extensions.ublacklist;
|
2023-05-24 23:09:05 +00:00
|
|
|
enable = lib.mkDefault true;
|
|
|
|
};
|
|
|
|
ublock-origin = {
|
2023-07-17 03:11:08 +00:00
|
|
|
package = pkgs.firefox-extensions.ublock-origin;
|
2023-05-24 23:09:05 +00:00
|
|
|
enable = lib.mkDefault true;
|
|
|
|
};
|
|
|
|
};
|
2023-05-08 09:49:58 +00:00
|
|
|
})
|
2023-04-26 00:52:13 +00:00
|
|
|
({
|
2023-07-15 08:51:36 +00:00
|
|
|
sane.programs.firefox = {
|
2024-01-20 11:11:12 +00:00
|
|
|
inherit packageUnwrapped;
|
2024-01-27 06:00:46 +00:00
|
|
|
sandbox.method = "bwrap"; # landlock works, but requires all of /proc to be linked
|
2024-02-28 17:35:40 +00:00
|
|
|
sandbox.wrapperType = "inplace"; # trivial package; cheap enough to wrap inplace
|
2024-02-08 21:51:32 +00:00
|
|
|
sandbox.net = "all";
|
2024-02-13 11:14:38 +00:00
|
|
|
sandbox.whitelistAudio = true;
|
2024-02-13 11:58:12 +00:00
|
|
|
sandbox.whitelistDbus = [ "user" ]; # mpris
|
2024-02-14 01:49:49 +00:00
|
|
|
sandbox.whitelistWayland = true;
|
2024-01-27 06:00:46 +00:00
|
|
|
sandbox.extraHomePaths = [
|
2024-02-05 18:17:49 +00:00
|
|
|
"dev" # for developing anything web-related
|
2024-02-16 05:49:56 +00:00
|
|
|
# for uploads/downloads.
|
|
|
|
# it still needs these paths despite using the portal's file-chooser :?
|
2024-01-27 06:00:46 +00:00
|
|
|
"tmp"
|
2024-02-27 21:36:18 +00:00
|
|
|
"Pictures/albums"
|
|
|
|
"Pictures/cat"
|
|
|
|
"Pictures/from"
|
|
|
|
"Pictures/Photos"
|
|
|
|
"Pictures/Screenshots"
|
2024-02-12 12:54:16 +00:00
|
|
|
"Pictures/servo-macros"
|
2024-01-27 06:00:46 +00:00
|
|
|
] ++ lib.optionals cfg.addons.browserpass-extension.enable [
|
|
|
|
# browserpass needs these paths:
|
2024-02-23 06:07:44 +00:00
|
|
|
# - knowledge/secrets/accounts: where the encrypted account secrets live
|
2024-01-27 11:41:18 +00:00
|
|
|
# at least one of:
|
|
|
|
# - .config/sops: for the sops key which can decrypt account secrets
|
|
|
|
# - .ssh: to unlock the sops key, if not unlocked (`sane-secrets-unlock`)
|
2024-01-27 06:00:46 +00:00
|
|
|
# TODO: find a way to not expose ~/.ssh to firefox
|
2024-01-27 11:41:18 +00:00
|
|
|
# - unlock sops at login (or before firefox launch)?
|
|
|
|
# - see if ssh has a more formal type of subkey system?
|
|
|
|
".ssh/id_ed25519"
|
2024-01-27 06:00:46 +00:00
|
|
|
# ".config/sops"
|
2024-02-23 06:07:44 +00:00
|
|
|
"knowledge/secrets/accounts"
|
2024-01-27 06:00:46 +00:00
|
|
|
];
|
|
|
|
fs.".config/sops".dir = lib.mkIf cfg.addons.browserpass-extension.enable {}; #< needs to be created, not *just* added to the sandbox
|
2023-01-06 16:11:06 +00:00
|
|
|
|
2023-12-13 21:34:34 +00:00
|
|
|
suggestedPrograms = [
|
|
|
|
"open-in-mpv"
|
|
|
|
];
|
|
|
|
|
2023-07-15 10:04:22 +00:00
|
|
|
mime.associations = let
|
2023-07-15 08:44:18 +00:00
|
|
|
inherit (cfg.browser) desktop;
|
|
|
|
in {
|
|
|
|
"text/html" = desktop;
|
|
|
|
"x-scheme-handler/http" = desktop;
|
|
|
|
"x-scheme-handler/https" = desktop;
|
|
|
|
"x-scheme-handler/about" = desktop;
|
|
|
|
"x-scheme-handler/unknown" = desktop;
|
|
|
|
};
|
|
|
|
|
2023-06-30 08:50:58 +00:00
|
|
|
# env.BROWSER = "${package}/bin/${cfg.browser.libName}";
|
|
|
|
env.BROWSER = cfg.browser.libName; # used by misc tools like xdg-email, as fallback
|
|
|
|
|
2023-04-26 00:52:13 +00:00
|
|
|
# uBlock filter list configuration.
|
|
|
|
# specifically, enable the GDPR cookie prompt blocker.
|
|
|
|
# data.toOverwrite.filterLists is additive (i.e. it supplements the default filters)
|
|
|
|
# this configuration method is documented here:
|
|
|
|
# - <https://github.com/gorhill/uBlock/issues/2986#issuecomment-364035002>
|
|
|
|
# the specific attribute path is found via scraping ublock code here:
|
|
|
|
# - <https://github.com/gorhill/uBlock/blob/master/src/js/storage.js>
|
|
|
|
# - <https://github.com/gorhill/uBlock/blob/master/assets/assets.json>
|
2023-05-08 21:41:02 +00:00
|
|
|
fs."${cfg.browser.dotDir}/managed-storage/uBlock0@raymondhill.net.json".symlink.text = ''
|
2023-04-26 00:52:13 +00:00
|
|
|
{
|
|
|
|
"name": "uBlock0@raymondhill.net",
|
|
|
|
"description": "ignored",
|
|
|
|
"type": "storage",
|
|
|
|
"data": {
|
|
|
|
"toOverwrite": "{\"filterLists\": [\"fanboy-cookiemonster\"]}"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
'';
|
2023-06-27 08:09:58 +00:00
|
|
|
# TODO: this is better suited in `extraPrefs` during `wrapFirefox` call
|
2023-05-08 21:41:02 +00:00
|
|
|
fs."${cfg.browser.dotDir}/${cfg.browser.libName}.overrides.cfg".symlink.text = ''
|
2023-04-26 00:52:13 +00:00
|
|
|
// if we can't query the revocation status of a SSL cert because the issuer is offline,
|
|
|
|
// treat it as unrevoked.
|
|
|
|
// see: <https://librewolf.net/docs/faq/#im-getting-sec_error_ocsp_server_error-what-can-i-do>
|
|
|
|
defaultPref("security.OCSP.require", false);
|
2023-11-01 04:32:59 +00:00
|
|
|
|
|
|
|
// scrollbar configuration, see: <https://artemis.sh/2023/10/12/scrollbars.html>
|
|
|
|
// style=4 gives rectangular scrollbars
|
|
|
|
// could also enable "always show scrollbars" in about:preferences -- not sure what the actual pref name for that is
|
2023-11-18 21:00:11 +00:00
|
|
|
// note that too-large scrollbars (like 50px wide) tend to obscure content (and make buttons unclickable)
|
|
|
|
defaultPref("widget.non-native-theme.scrollbar.size.override", 20);
|
2023-11-01 04:32:59 +00:00
|
|
|
defaultPref("widget.non-native-theme.scrollbar.style", 4);
|
2023-12-13 21:41:06 +00:00
|
|
|
|
2024-01-14 20:34:14 +00:00
|
|
|
// disable inertial/kinetic/momentum scrolling because it just gets in the way on touchpads
|
|
|
|
// source: <https://kparal.wordpress.com/2019/10/31/disabling-kinetic-scrolling-in-firefox/>
|
|
|
|
defaultPref("apz.gtk.kinetic_scroll.enabled", false);
|
|
|
|
|
2024-02-15 11:36:50 +00:00
|
|
|
// open external URIs/files via xdg-desktop-portal.
|
|
|
|
defaultPref("widget.use-xdg-desktop-portal.mime-handler", 1);
|
|
|
|
defaultPref("widget.use-xdg-desktop-portal.open-uri", 1);
|
|
|
|
|
2024-03-10 01:59:46 +00:00
|
|
|
defaultPref("browser.toolbars.bookmarks.visibility", "never");
|
|
|
|
|
2024-02-15 11:36:50 +00:00
|
|
|
// auto-open mpv:// URIs without prompting.
|
2023-12-13 21:41:06 +00:00
|
|
|
// can do this with other protocols too (e.g. matrix?). see about:config for common handlers.
|
|
|
|
defaultPref("network.protocol-handler.external.mpv", true);
|
2023-12-13 23:14:04 +00:00
|
|
|
// element:// for Element matrix client
|
|
|
|
defaultPref("network.protocol-handler.external.element", true);
|
|
|
|
// matrix: for Nheko matrix client
|
|
|
|
defaultPref("network.protocol-handler.external.matrix", true);
|
2023-04-26 00:52:13 +00:00
|
|
|
'';
|
|
|
|
# instruct Firefox to put the profile in a predictable directory (so we can do things like persist just it).
|
|
|
|
# XXX: the directory *must* exist, even if empty; Firefox will not create the directory itself.
|
2023-05-08 21:41:02 +00:00
|
|
|
fs."${cfg.browser.dotDir}/profiles.ini".symlink.text = ''
|
2023-04-26 00:52:13 +00:00
|
|
|
[Profile0]
|
|
|
|
Name=default
|
|
|
|
IsRelative=1
|
|
|
|
Path=default
|
|
|
|
Default=1
|
2023-01-27 01:52:00 +00:00
|
|
|
|
2023-04-26 00:52:13 +00:00
|
|
|
[General]
|
|
|
|
StartWithLastProfile=1
|
|
|
|
'';
|
2024-01-21 23:59:15 +00:00
|
|
|
|
2024-01-27 06:00:46 +00:00
|
|
|
# TODO: env.PASSWORD_STORE_DIR only needs to be present within the browser session.
|
2024-02-23 06:07:44 +00:00
|
|
|
env.PASSWORD_STORE_DIR = "/home/colin/knowledge/secrets/accounts";
|
2024-01-21 23:59:15 +00:00
|
|
|
# alternative to PASSWORD_STORE_DIR, but firejail doesn't handle this symlink well
|
2024-02-23 06:07:44 +00:00
|
|
|
# fs.".password-store".symlink.target = lib.mkIf cfg.addons.browserpass-extension.enable "knowledge/secrets/accounts";
|
2024-02-23 11:23:41 +00:00
|
|
|
|
|
|
|
# flush the cache to disk to avoid it taking up too much tmp.
|
|
|
|
persist.byPath."${cfg.browser.cacheDir}".store =
|
|
|
|
if (cfg.persistData != null) then
|
|
|
|
cfg.persistData
|
|
|
|
else
|
|
|
|
"cryptClearOnBoot"
|
2023-07-13 06:44:22 +00:00
|
|
|
;
|
2023-01-27 01:52:00 +00:00
|
|
|
|
2024-02-23 11:23:41 +00:00
|
|
|
persist.byPath."${cfg.browser.dotDir}/default".store =
|
|
|
|
if (cfg.persistData != null) then
|
|
|
|
cfg.persistData
|
|
|
|
else
|
|
|
|
"cryptClearOnBoot"
|
2023-07-13 06:44:22 +00:00
|
|
|
;
|
2024-02-23 11:23:41 +00:00
|
|
|
};
|
|
|
|
|
2023-04-26 00:52:13 +00:00
|
|
|
})
|
|
|
|
];
|
2022-10-21 15:38:20 +00:00
|
|
|
}
|