diff --git a/hosts/common/home/firefox.nix b/hosts/common/home/firefox.nix index a6e1072a..2f6092cc 100644 --- a/hosts/common/home/firefox.nix +++ b/hosts/common/home/firefox.nix @@ -146,58 +146,61 @@ in }; }; - config = { - sane.programs.web-browser = { - inherit package; - # TODO: define the persistence & fs config here - }; - sane.programs.guiApps.suggestedPrograms = [ "web-browser" ]; + config = mkMerge [ + ({ + sane.programs.guiApps.suggestedPrograms = [ "web-browser" ]; + sane.programs.web-browser = { + inherit package; - # uBlock filter list configuration. - # specifically, enable the GDPR cookie prompt blocker. - # data.toOverwrite.filterLists is additive (i.e. it supplements the default filters) - # this configuration method is documented here: - # - - # the specific attribute path is found via scraping ublock code here: - # - - # - - sane.user.fs."${cfg.browser.dotDir}/managed-storage/uBlock0@raymondhill.net.json" = sane-lib.fs.wantedText '' - { - "name": "uBlock0@raymondhill.net", - "description": "ignored", - "type": "storage", - "data": { - "toOverwrite": "{\"filterLists\": [\"fanboy-cookiemonster\"]}" - } - } - ''; - sane.user.fs."${cfg.browser.dotDir}/${cfg.browser.libName}.overrides.cfg" = sane-lib.fs.wantedText '' - // if we can't query the revocation status of a SSL cert because the issuer is offline, - // treat it as unrevoked. - // see: - defaultPref("security.OCSP.require", false); - ''; - # flush the cache to disk to avoid it taking up too much tmp - sane.user.persist.byPath."${cfg.browser.cacheDir}" = lib.mkIf (cfg.persistCache != null) { - store = cfg.persistCache; - }; + # uBlock filter list configuration. + # specifically, enable the GDPR cookie prompt blocker. + # data.toOverwrite.filterLists is additive (i.e. it supplements the default filters) + # this configuration method is documented here: + # - + # the specific attribute path is found via scraping ublock code here: + # - + # - + fs."${cfg.browser.dotDir}/managed-storage/uBlock0@raymondhill.net.json" = sane-lib.fs.wantedText '' + { + "name": "uBlock0@raymondhill.net", + "description": "ignored", + "type": "storage", + "data": { + "toOverwrite": "{\"filterLists\": [\"fanboy-cookiemonster\"]}" + } + } + ''; + fs."${cfg.browser.dotDir}/${cfg.browser.libName}.overrides.cfg" = sane-lib.fs.wantedText '' + // if we can't query the revocation status of a SSL cert because the issuer is offline, + // treat it as unrevoked. + // see: + defaultPref("security.OCSP.require", false); + ''; + fs."${cfg.browser.dotDir}/default" = sane-lib.fs.wantedDir; + # instruct Firefox to put the profile in a predictable directory (so we can do things like persist just it). + # XXX: the directory *must* exist, even if empty; Firefox will not create the directory itself. + fs."${cfg.browser.dotDir}/profiles.ini" = sane-lib.fs.wantedText '' + [Profile0] + Name=default + IsRelative=1 + Path=default + Default=1 - sane.user.persist.byPath."${cfg.browser.dotDir}/default" = lib.mkIf (cfg.persistData != null) { - store = cfg.persistData; - }; - sane.user.fs."${cfg.browser.dotDir}/default" = sane-lib.fs.wantedDir; - # instruct Firefox to put the profile in a predictable directory (so we can do things like persist just it). - # XXX: the directory *must* exist, even if empty; Firefox will not create the directory itself. - sane.user.fs."${cfg.browser.dotDir}/profiles.ini" = sane-lib.fs.wantedText '' - [Profile0] - Name=default - IsRelative=1 - Path=default - Default=1 + [General] + StartWithLastProfile=1 + ''; + }; + }) + (mkIf config.sane.programs.web-browser.enabled { + # TODO: move the persistence into the sane.programs API (above) + # flush the cache to disk to avoid it taking up too much tmp + sane.user.persist.byPath."${cfg.browser.cacheDir}" = lib.mkIf (cfg.persistCache != null) { + store = cfg.persistCache; + }; - [General] - StartWithLastProfile=1 - ''; - - }; + sane.user.persist.byPath."${cfg.browser.dotDir}/default" = lib.mkIf (cfg.persistData != null) { + store = cfg.persistData; + }; + }) + ]; }