diff --git a/modules/universal/env/home-manager/default.nix b/modules/universal/env/home-manager/default.nix index 24b59e51..2261749f 100644 --- a/modules/universal/env/home-manager/default.nix +++ b/modules/universal/env/home-manager/default.nix @@ -22,6 +22,7 @@ in imports = [ ./kitty.nix ./neovim.nix + ./librewolf.nix ./zsh.nix ]; @@ -164,30 +165,6 @@ in export NB_AUTO_SYNC=0 ''; - # uBlock filter list configuration. - # specifically, enable the GDPR cookie prompt blocker. - # data.toOverwrite.filterLists is additive (i.e. it supplements the default filters) - # this configuration method is documented here: - # - - # the specific attribute path is found via scraping ublock code here: - # - - # - - home.file.".librewolf/managed-storage/uBlock0@raymondhill.net.json".text = '' - { - "name": "uBlock0@raymondhill.net", - "description": "ignored", - "type": "storage", - "data": { - "toOverwrite": "{\"filterLists\": [\"fanboy-cookiemonster\"]}" - } - } - ''; - home.file.".librewolf/librewolf.overrides.cfg".text = '' - // if we can't query the revocation status of a SSL cert because the issuer is offline, - // treat it as unrevoked. - // see: - defaultPref("security.OCSP.require", false); - ''; # aerc TUI mail client xdg.configFile."aerc/accounts.conf".source = @@ -279,12 +256,6 @@ in }; }; - # XXX: although home-manager calls this option `firefox`, we can use other browsers and it still mostly works. - firefox = lib.mkIf (sysconfig.sane.gui.enable) { - enable = true; - package = import ./web-browser.nix pkgs; - }; - mpv = { enable = true; config = { diff --git a/modules/universal/env/home-manager/librewolf.nix b/modules/universal/env/home-manager/librewolf.nix new file mode 100644 index 00000000..0fcc0545 --- /dev/null +++ b/modules/universal/env/home-manager/librewolf.nix @@ -0,0 +1,91 @@ +# common settings to toggle (at runtime, in about:config): +# > security.ssl.require_safe_negotiation + +# librewolf is a forked firefox which patches firefox to allow more things +# (like default search engines) to be configurable at runtime. +# many of the settings below won't have effect without those patches. +# see: https://gitlab.com/librewolf-community/settings/-/blob/master/distribution/policies.json + +{ config, lib, pkgs, ...}: +let + package = pkgs.wrapFirefox pkgs.librewolf-unwrapped { + # inherit the default librewolf.cfg + # it can be further customized via ~/.librewolf/librewolf.overrides.cfg + inherit (pkgs.librewolf-unwrapped) extraPrefsFiles; + libName = "librewolf"; + extraPolicies = { + NoDefaultBookmarks = true; + SearchEngines = { + Default = "DuckDuckGo"; + }; + AppUpdateURL = "https://localhost"; + DisableAppUpdate = true; + OverrideFirstRunPage = ""; + OverridePostUpdatePage = ""; + DisableSystemAddonUpdate = true; + DisableFirefoxStudies = true; + DisableTelemetry = true; + DisableFeedbackCommands = true; + DisablePocket = true; + DisableSetDesktopBackground = false; + Extensions = { + Install = [ + "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi" + "https://addons.mozilla.org/firefox/downloads/latest/sponsorblock/latest.xpi" + "https://addons.mozilla.org/firefox/downloads/latest/bypass-paywalls-clean/latest.xpi" + "https://addons.mozilla.org/firefox/downloads/latest/sidebery/latest.xpi" + "https://addons.mozilla.org/firefox/downloads/latest/ether-metamask/latest.xpi" + ]; + # remove many default search providers + Uninstall = [ + "google@search.mozilla.org" + "bing@search.mozilla.org" + "amazondotcom@search.mozilla.org" + "ebay@search.mozilla.org" + "twitter@search.mozilla.org" + ]; + }; + # XXX doesn't seem to have any effect... + # docs: https://github.com/mozilla/policy-templates#homepage + # Homepage = { + # HomepageURL = "https://uninsane.org/"; + # StartPage = "homepage"; + # }; + # NewTabPage = true; + }; + }; +in +{ + # XXX: although home-manager calls this option `firefox`, we can use other browsers and it still mostly works. + home-manager.users.colin = lib.mkIf (config.sane.gui.enable) { + programs.firefox = { + enable = true; + inherit package; + }; + + # uBlock filter list configuration. + # specifically, enable the GDPR cookie prompt blocker. + # data.toOverwrite.filterLists is additive (i.e. it supplements the default filters) + # this configuration method is documented here: + # - + # the specific attribute path is found via scraping ublock code here: + # - + # - + home.file.".librewolf/managed-storage/uBlock0@raymondhill.net.json".text = '' + { + "name": "uBlock0@raymondhill.net", + "description": "ignored", + "type": "storage", + "data": { + "toOverwrite": "{\"filterLists\": [\"fanboy-cookiemonster\"]}" + } + } + ''; + home.file.".librewolf/librewolf.overrides.cfg".text = '' + // if we can't query the revocation status of a SSL cert because the issuer is offline, + // treat it as unrevoked. + // see: + defaultPref("security.OCSP.require", false); + ''; + }; +} diff --git a/modules/universal/env/home-manager/web-browser.nix b/modules/universal/env/home-manager/web-browser.nix deleted file mode 100644 index bfc54a3a..00000000 --- a/modules/universal/env/home-manager/web-browser.nix +++ /dev/null @@ -1,55 +0,0 @@ -pkgs: - -# common settings to toggle (at runtime, in about:config): -# > security.ssl.require_safe_negotiation - -# librewolf is a forked firefox which patches firefox to allow more things -# (like default search engines) to be configurable at runtime. -# many of the settings below won't have effect without those patches. -# see: https://gitlab.com/librewolf-community/settings/-/blob/master/distribution/policies.json -pkgs.wrapFirefox pkgs.librewolf-unwrapped { - # inherit the default librewolf.cfg - # it can be further customized via ~/.librewolf/librewolf.overrides.cfg - inherit (pkgs.librewolf-unwrapped) extraPrefsFiles; - libName = "librewolf"; - extraPolicies = { - NoDefaultBookmarks = true; - SearchEngines = { - Default = "DuckDuckGo"; - }; - AppUpdateURL = "https://localhost"; - DisableAppUpdate = true; - OverrideFirstRunPage = ""; - OverridePostUpdatePage = ""; - DisableSystemAddonUpdate = true; - DisableFirefoxStudies = true; - DisableTelemetry = true; - DisableFeedbackCommands = true; - DisablePocket = true; - DisableSetDesktopBackground = false; - Extensions = { - Install = [ - "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi" - "https://addons.mozilla.org/firefox/downloads/latest/sponsorblock/latest.xpi" - "https://addons.mozilla.org/firefox/downloads/latest/bypass-paywalls-clean/latest.xpi" - "https://addons.mozilla.org/firefox/downloads/latest/sidebery/latest.xpi" - "https://addons.mozilla.org/firefox/downloads/latest/ether-metamask/latest.xpi" - ]; - # remove many default search providers - Uninstall = [ - "google@search.mozilla.org" - "bing@search.mozilla.org" - "amazondotcom@search.mozilla.org" - "ebay@search.mozilla.org" - "twitter@search.mozilla.org" - ]; - }; - # XXX doesn't seem to have any effect... - # docs: https://github.com/mozilla/policy-templates#homepage - # Homepage = { - # HomepageURL = "https://uninsane.org/"; - # StartPage = "homepage"; - # }; - # NewTabPage = true; - }; -}