diff --git a/hosts/common/users.nix b/hosts/common/users.nix
index 14146c4c..7621b423 100644
--- a/hosts/common/users.nix
+++ b/hosts/common/users.nix
@@ -96,11 +96,6 @@ in
       # TODO: move this to ~/private!
       ".local/share/keyrings"
     ];
-    sane.persist.home.cryptClearOnBoot = [
-      # cache is probably too big to fit on the tmpfs
-      # ".cache"
-      config.sane.web-browser.cacheDir
-    ];
 
     # convenience
     sane.fs."/home/colin/knowledge" = fs.wantedSymlinkTo "/home/colin/private/knowledge";
diff --git a/hosts/moby/default.nix b/hosts/moby/default.nix
index 7f6373ba..d6a71584 100644
--- a/hosts/moby/default.nix
+++ b/hosts/moby/default.nix
@@ -24,8 +24,8 @@
   };
 
   # usability compromises
-  sane.persist.home.byPath."${config.sane.web-browser.dotDir}".store = lib.mkForce "private";
-  sane.persist.home.byPath."${config.sane.web-browser.cacheDir}".store = lib.mkForce "private";
+  sane.web-browser.persistCache = "private";
+  sane.web-browser.persistData = "private";
   sane.persist.home.plaintext = [
     ".config/pulse"  # persist pulseaudio volume
   ];
diff --git a/modules/home-manager/default.nix b/modules/home-manager/default.nix
index 67015cdd..4497d920 100644
--- a/modules/home-manager/default.nix
+++ b/modules/home-manager/default.nix
@@ -94,7 +94,7 @@ in
       # - `xdg-mime query filetype path/to/thing.ext`
       xdg.mimeApps.enable = true;
       xdg.mimeApps.defaultApplications = let
-        www = sysconfig.sane.web-browser.desktop;
+        www = sysconfig.sane.web-browser.browser.desktop;
         pdf = "org.gnome.Evince.desktop";
         md = "obsidian.desktop";
         thumb = "org.gnome.gThumb.desktop";
diff --git a/modules/home-manager/firefox.nix b/modules/home-manager/firefox.nix
index ef241c1e..0d748741 100644
--- a/modules/home-manager/firefox.nix
+++ b/modules/home-manager/firefox.nix
@@ -32,11 +32,11 @@ let
   defaultSettings = firefoxSettings;
   # defaultSettings = librewolfSettings;
 
-  package = pkgs.wrapFirefox cfg.browser {
+  package = pkgs.wrapFirefox cfg.browser.browser {
     # inherit the default librewolf.cfg
     # it can be further customized via ~/.librewolf/librewolf.overrides.cfg
     inherit (pkgs.librewolf-unwrapped) extraPrefsFiles;
-    inherit (cfg) libName;
+    inherit (cfg.browser) libName;
 
     extraNativeMessagingHosts = [ pkgs.browserpass ];
     # extraNativeMessagingHosts = [ pkgs.gopass-native-messaging-host ];
@@ -105,11 +105,22 @@ let
 in
 {
   options = {
-    sane.web-browser = mkOption {
+    sane.web-browser.browser = mkOption {
       default = defaultSettings;
       type = types.attrs;
     };
+    sane.web-browser.persistData = mkOption {
+      description = "optional store name to which persist browsing data (like history)";
+      type = types.nullOr types.str;
+      default = null;
+    };
+    sane.web-browser.persistCache = mkOption {
+      description = "optional store name to which persist browser cache";
+      type = types.nullOr types.str;
+      default = "cryptClearOnBoot";
+    };
   };
+
   config = lib.mkIf config.sane.home-manager.enable {
 
     # uBlock filter list configuration.
@@ -120,7 +131,7 @@ in
     # the specific attribute path is found via scraping ublock code here:
     # - <https://github.com/gorhill/uBlock/blob/master/src/js/storage.js>
     # - <https://github.com/gorhill/uBlock/blob/master/assets/assets.json>
-    sane.fs."/home/colin/${cfg.dotDir}/managed-storage/uBlock0@raymondhill.net.json" = sane-lib.fs.wantedText ''
+    sane.fs."/home/colin/${cfg.browser.dotDir}/managed-storage/uBlock0@raymondhill.net.json" = sane-lib.fs.wantedText ''
       {
        "name": "uBlock0@raymondhill.net",
        "description": "ignored",
@@ -130,19 +141,21 @@ in
        }
       }
     '';
-    sane.fs."/home/colin/${cfg.dotDir}/${cfg.libName}.overrides.cfg" = sane-lib.fs.wantedText ''
+    sane.fs."/home/colin/${cfg.browser.dotDir}/${cfg.browser.libName}.overrides.cfg" = sane-lib.fs.wantedText ''
       // if we can't query the revocation status of a SSL cert because the issuer is offline,
       // treat it as unrevoked.
       // see: <https://librewolf.net/docs/faq/#im-getting-sec_error_ocsp_server_error-what-can-i-do>
       defaultPref("security.OCSP.require", false);
     '';
 
-    # XXX: although home-manager calls this option `firefox`, we can use other browsers and it still mostly works.
-    home-manager.users.colin = lib.mkIf (config.sane.gui.enable) {
-      programs.firefox = {
-        enable = true;
-        inherit package;
-      };
+    sane.packages.extraGuiPkgs = [ package ];
+    # flood the cache to disk to avoid it taking up too much tmp
+    sane.persist.home.byPath."${cfg.browser.cacheDir}" = lib.mkIf (cfg.persistCache != null) {
+      store = cfg.persistCache;
+    };
+
+    sane.persist.home.byPath."${cfg.browser.dotDir}" = lib.mkIf (cfg.persistData != null) {
+      store = cfg.persistData;
     };
   };
 }
diff --git a/modules/packages.nix b/modules/packages.nix
index f8fbcde8..8a86137e 100644
--- a/modules/packages.nix
+++ b/modules/packages.nix
@@ -264,13 +264,20 @@ let
       };
     };
   };
+
+  toPkgSpec = types.coercedTo types.package (p: { pkg = p; }) pkgSpec;
 in
 {
   options = {
     # packages to deploy to the user's home
     sane.packages.extraUserPkgs = mkOption {
       default = [ ];
-      type = types.listOf (types.either types.package pkgSpec);
+      type = types.listOf toPkgSpec;
+    };
+    sane.packages.extraGuiPkgs = mkOption {
+      default = [ ];
+      type = types.listOf toPkgSpec;
+      description = "packages to only ship if gui's enabled";
     };
     sane.packages.enableConsolePkgs = mkOption {
       default = false;
@@ -297,10 +304,10 @@ in
     sane.packages.enabledUserPkgs = mkOption {
       default = cfg.extraUserPkgs
         ++ (if cfg.enableConsolePkgs then consolePkgs else [])
-        ++ (if cfg.enableGuiPkgs then guiPkgs else [])
+        ++ (if cfg.enableGuiPkgs then guiPkgs ++ cfg.extraGuiPkgs else [])
         ++ (if cfg.enableDevPkgs then devPkgs else [])
       ;
-      type = types.listOf (types.coercedTo types.package (p: { pkg = p; }) pkgSpec);
+      type = types.listOf toPkgSpec;
       description = "generated from other config options";
     };
   };