home-manager/browser/default.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191

{ config, pkgs, inputs, ... }:
{
  programs.librewolf= {
    enable = true;

    languagePacks = [
      "en"
      "el"
    ];
    
    profiles."default" = {
      isDefault = true;
      search = {
        force = true;
        default = "search.internal";
        engines = {
          "search.internal" = {
            urls = [{
              template = "http://search.internal/search";
              params = [
                { name = "q"; value = "{searchTerms}"; }
              ];
            }];
          };
        };
      };

      settings = {
        "browser.startup.homepage" = "http://search.internal";

        "browser.newtabpage.enabled" = true;

        "browser.urlbar.suggest.bookmark" = true;
        "browser.urlbar.suggest.engines" = false;
        "browser.urlbar.suggest.history" = true;
        "browser.urlbar.suggest.openpage" = true;
        "browser.urlbar.suggest.recentsearches" = false;
        "browser.urlbar.suggest.topsites" = false;

        "extensions.autoDisableScopes" = 0;

        "media.peerconnection.enabled" = false;

        "privacy.resistFinderprinting.letterboxing" = false;
        "privacy.resistFingerprinting.autoDeclineNoUserInputCanvasPrompts" = true;

        "webgl.disabled" = true;
      };
    };

    policies = {
      # find more options here: https://mozilla.github.io/policy-templates/
      AutofillAddressEnabled = false;
      AutofillCreditCardEnabled = false;

      Cookies = {
        Locked = true;
        Behavior = "reject-foreign";
        BehaviorPrivateBrowsing = "reject";
        Allow = [
          "https://fastmail.com"
          "https://apo.theke.ml"
        ];
      };

      DisablePocket = true;
      DisableAppUpdate = true;
      DisableTelemetry = true;
      DisableFirefoxStudies = true;
      DisableFirefoxAccounts = true;
      DisableFeedbackCommands = true;


      DontCheckDefaultBrowser = true;

      DownloadDirectory = "${config.home.homeDirectory}/Downloads";

      EnableTrackingProtection = {
        Value = true;
        Locked = true;
        Cryptomining = true;
        Fingerprinting = true;
      };

      HardwareAcceleration = true;
      
      HttpsOnlyMode = "force_enabled";
      HttpAllowlist = [
        "http://search.internal"
        "http://dns.internal"
        "http://photos.internal"
        "http://chat.internal"
        "http://library.internal"
        "http://192.168.10.15"
      ];

      NoDefaultBookmarks = true;

      OfferToSaveLogins = false;

      PasswordManagerEnabled = false;
      
      PopupBlocking = {
        Default = false;
        Locked = true;
      };

      PostQuantumKeyAgreementEnabled = false;

      SanitizeOnShutdown = {
        Cache = true;
        Cookies = false;
        FormData = true;
        History = true;
        Sessions = true;
        SiteSettings = true;
      };

      SearchEngines = {
        Remove = [
          "DuckDuckGo"
          "Google"
          "Bing"
        ];
      };

      ExtensionSettings = {
        # 1pass
        "{d634138d-c276-4fc8-924b-40a0ea21d284}" = {
          install_url = "https://addons.mozilla.org/firefox/downloads/latest/1password-x-password-manager/latest.xpi";
          installation_mode = "force_installed";
        };

        # CanvasBlocker
        "CanvasBlocker@kkapsner.de" = {
          install_url = "https://addons.mozilla.org/firefox/downloads/latest/canvasblocker/latest.xpi";
          installation_mode = "force_installed";
          default_area = "menupanel";
        };

        # ClearURLs
        "{74145f27-f039-47ce-a470-a662b129930a}" = {
          install_url = "https://addons.mozilla.org/firefox/downloads/latest/clearurls/latest.xpi";
          installation_mode = "force_installed";
          default_area = "menupanel";
        };

        # Consent-o-matic
        "gdpr@cavi.au.dk" = {
          install_url = "https://addons.mozilla.org/firefox/downloads/latest/consent-o-matic/latest.xpi";
          installation_mode = "force_installed";
          default_area = "menupanel";
        };

        # Dark Reader
        "addon@darkreader.org" = {
          install_url = "https://addons.mozilla.org/firefox/downloads/latest/darkreader/latest.xpi";
          installation_mode = "force_installed";
          default_area = "menupanel";
        };

        # Decentraleyes
        "jid1-BoFifL9Vbdl2zQ@jetpack" = {
          installation_mode = "force_installed";
          install_url = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi";
          default_area = "menupanel";
        };

        # Get RSS Feed URL
        "{15bdb1ce-fa9d-4a00-b859-66c214263ac0}" = {
          install_url = "https://addons.mozilla.org/firefox/downloads/latest/get-rss-feed-url/latest.xpi";
          installation_mode = "force_installed";
        };

        # Privacy Badger
        # "jid1-MnnxcxisBPnSXQ@jetpack" = {
        #   install_url = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi";
        #   installation_mode = "force_installed";
        #   default_area = "menupanel";
        # };

        # UBlockOrigin
        "uBlock0@raymondhill.net" = {
          installation_mode = "force_installed";
          install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
          default_area = "menupanel";
        };
      };
    };
  };
}