programs/firefox: simplify persistence; improve docs for policies

hosts/common/programs/firefox/default.nix

@@ -48,6 +48,9 @@ let
     ]; # ++ pkgs.librewolf-pmos-mobile.extraPrefsFiles
 
     extraPolicies = {
+      # firefox policy schema is documented in <repo:mozilla-firefox/firefox:browser/components/enterprisepolicies/schemas/policies-schema.json>
+      # however the bulk of them seem to not actually have any effect T_T
+      #
       # XXX(2024-12-02): using `nixExtensions` causes `about:debugging` to be blocked.
       # i guess this is because the page can install extensions, or something.
       # fuck that, enable it by brute force
@@ -56,6 +59,18 @@ let
           installation_mode = "allowed";
         };
       };
+      PasswordManagerEnabled = false;  #< TODO(2025-05-31): does this actually have an effect?
+      # see also ~/.mozilla/firefox/default/search.json.mozlz4
+      # (use mozlz4a package to view)
+      # XXX(2025-05-31): the below SearchEngines policy has no observable effect.
+      # SearchEngines = {
+      #   Add = [];
+      #   # Default = "search@kagi.comdefault";
+      #   Default = "ddg";  #< builtin
+      #   DefaultPrivate = "ddg";  #< builtin
+      #   PreventInstalls = false;
+      #   Remove = [];
+      # };
     };
   }).overrideAttrs (base: {
     nativeBuildInputs = (base.nativeBuildInputs or []) ++ [
@@ -275,18 +290,15 @@ in
     };
 
     # flush the cache to disk to avoid it taking up too much tmp.
-    persist.byPath.".cache/mozilla".store =
+    persist.byPath = let
-      if (cfg.persistData != null) then
+      maybePersist = if (cfg.persistData != null) then
         cfg.persistData
       else
         "ephemeral"
-    ;
+      ;
-
+    in {
-    persist.byPath.".mozilla/firefox/default".store =
+      ".cache/mozilla".store = maybePersist;
-      if (cfg.persistData != null) then
+      ".mozilla/firefox/default".store = maybePersist;
-        cfg.persistData
+    };
-      else
-        "ephemeral"
-    ;
   };
 }