2023-04-01 14:34:26 +00:00
|
|
|
{
|
|
|
|
config,
|
|
|
|
pkgs,
|
|
|
|
lib,
|
|
|
|
...
|
|
|
|
}:
|
|
|
|
with lib; let
|
2022-08-21 21:56:42 +00:00
|
|
|
psCfg = config.pub-solar;
|
|
|
|
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
2023-04-01 14:34:26 +00:00
|
|
|
in {
|
|
|
|
home-manager = pkgs.lib.setAttrByPath ["users" psCfg.user.name] {
|
|
|
|
programs.chromium = {
|
|
|
|
enable = true;
|
|
|
|
package = pkgs.ungoogled-chromium;
|
|
|
|
};
|
|
|
|
|
2022-08-21 21:56:42 +00:00
|
|
|
programs.firefox = {
|
|
|
|
enable = true;
|
|
|
|
package = pkgs.firefox-wayland;
|
|
|
|
profiles = {
|
|
|
|
default = {
|
|
|
|
id = 0;
|
|
|
|
path = "xunofzn6.default-default";
|
|
|
|
settings = {
|
|
|
|
"browser.startup.homepage" = "https://duckduckgo.com";
|
|
|
|
"browser.search.region" = "DE";
|
|
|
|
"browser.search.isUS" = false;
|
|
|
|
"distribution.searchplugins.defaultLocale" = "en-US";
|
|
|
|
"general.useragent.locale" = "en-US";
|
|
|
|
};
|
|
|
|
extraConfig = ''
|
|
|
|
# Mozilla User Preferences
|
|
|
|
# kuketz-blog.de | Firefox-Kompendium | 10.11.2021 | Firefox 94.0.1
|
|
|
|
# Download: https://www.kuketz-blog.de/firefox-aboutconfig-user-js-firefox-kompendium-teil10/
|
|
|
|
|
|
|
|
#############
|
|
|
|
## PRIVACY ##
|
|
|
|
#############
|
|
|
|
|
|
|
|
## Disable Domain Guessing
|
|
|
|
user_pref("browser.fixup.alternate.enabled", false);
|
|
|
|
|
|
|
|
## Disable Normandy/Shield (FF60+)
|
|
|
|
user_pref("app.normandy.enabled", false);
|
|
|
|
user_pref("app.shield.optoutstudies.enabled", false);
|
|
|
|
|
|
|
|
## Disable Activity Stream (AS)
|
|
|
|
user_pref("browser.newtabpage.activity-stream.feeds.snippets", false);
|
|
|
|
user_pref("browser.newtabpage.activity-stream.feeds.topsites", false);
|
|
|
|
user_pref("browser.newtabpage.activity-stream.feeds.system.topsites", false);
|
|
|
|
user_pref("browser.newtabpage.activity-stream.showSponsored", false);
|
|
|
|
user_pref("browser.newtabpage.activity-stream.showSponsoredTopSites", false);
|
|
|
|
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons", false);
|
|
|
|
user_pref("browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features", false);
|
|
|
|
user_pref("browser.newtabpage.activity-stream.section.highlights.includePocket", false);
|
|
|
|
user_pref("browser.newtabpage.activity-stream.feeds.telemetry", false);
|
|
|
|
user_pref("browser.newtabpage.activity-stream.telemetry", false);
|
|
|
|
|
|
|
|
## Disable PingCentre Telemetry
|
|
|
|
user_pref("browser.ping-centre.telemetry", false);
|
|
|
|
|
|
|
|
## Disable NewTabPage
|
|
|
|
user_pref("browser.newtabpage.enabled", false);
|
|
|
|
user_pref("browser.messaging-system.whatsNewPanel.enabled", false);
|
|
|
|
|
|
|
|
## Disable Safe Browsing
|
|
|
|
# Disable binaries NOT in local lists being checked by Google (real-time checking)
|
|
|
|
user_pref("browser.safebrowsing.downloads.remote.enabled", false);
|
|
|
|
user_pref("browser.safebrowsing.downloads.remote.url", "");
|
|
|
|
# Disable "Block dangerous downloads" (under Options>Privacy & Security)
|
|
|
|
user_pref("browser.safebrowsing.downloads.enabled", false);
|
|
|
|
# This covers deceptive sites such as phishing and social engineering
|
|
|
|
user_pref("browser.safebrowsing.phishing.enabled", false);
|
|
|
|
user_pref("browser.safebrowsing.malware.enabled", false);
|
|
|
|
# Disable "Warn me about unwanted and uncommon software" (under Options>Privacy & Security)
|
|
|
|
user_pref("browser.safebrowsing.downloads.remote.block_potentially_unwanted", false);
|
|
|
|
user_pref("browser.safebrowsing.downloads.remote.block_uncommon", false);
|
|
|
|
user_pref("browser.safebrowsing.downloads.remote.block_dangerous", false);
|
|
|
|
user_pref("browser.safebrowsing.downloads.remote.block_dangerous_host", false);
|
|
|
|
# Disable Mozilla's blocklist for known Flash tracking/fingerprinting
|
|
|
|
user_pref("browser.safebrowsing.blockedURIs.enabled", false);
|
|
|
|
# Disable reporting URLs
|
|
|
|
user_pref("browser.safebrowsing.provider.google.reportURL", "");
|
|
|
|
user_pref("browser.safebrowsing.reportPhishURL", "");
|
|
|
|
user_pref("browser.safebrowsing.provider.google4.reportURL", "");
|
|
|
|
user_pref("browser.safebrowsing.provider.google.reportMalwareMistakeURL", "");
|
|
|
|
user_pref("browser.safebrowsing.provider.google.reportPhishMistakeURL", "");
|
|
|
|
user_pref("browser.safebrowsing.provider.google4.reportMalwareMistakeURL", "");
|
|
|
|
user_pref("browser.safebrowsing.provider.google4.reportPhishMistakeURL", "");
|
|
|
|
# Disable data sharing (FF58+)
|
|
|
|
user_pref("browser.safebrowsing.provider.google4.dataSharing.enabled", false);
|
|
|
|
user_pref("browser.safebrowsing.provider.google4.dataSharingURL", "");
|
|
|
|
|
|
|
|
## Disable location bar LIVE search suggestions
|
|
|
|
user_pref("browser.search.suggest.enabled", false);
|
|
|
|
user_pref("browser.urlbar.suggest.searches", false);
|
|
|
|
|
|
|
|
## Disable Slow Startup Notifications and Telemetry
|
|
|
|
user_pref("browser.slowStartup.notificationDisabled", true);
|
|
|
|
user_pref("browser.slowStartup.maxSamples", 0);
|
|
|
|
user_pref("browser.slowStartup.samples", 0);
|
|
|
|
|
|
|
|
## Disable sending of crash reports (FF44+)
|
|
|
|
user_pref("browser.tabs.crashReporting.sendReport", false);
|
|
|
|
user_pref("browser.crashReports.unsubmittedCheck.enabled", false);
|
|
|
|
user_pref("browser.crashReports.unsubmittedCheck.autoSubmit2", false);
|
|
|
|
|
|
|
|
## Disable Health Report
|
|
|
|
user_pref("datareporting.healthreport.uploadEnabled", false);
|
|
|
|
user_pref("datareporting.policy.dataSubmissionEnabled", false);
|
|
|
|
|
|
|
|
## Disable Extension Metadata updating to addons.mozilla.org
|
|
|
|
user_pref("extensions.getAddons.cache.enabled", false);
|
|
|
|
|
|
|
|
## Disable Telemetry
|
|
|
|
user_pref("toolkit.coverage.endpoint.base", "");
|
|
|
|
user_pref("toolkit.coverage.opt-out", true);
|
|
|
|
user_pref("toolkit.telemetry.archive.enabled", false);
|
|
|
|
user_pref("toolkit.telemetry.coverage.opt-out", true);
|
|
|
|
user_pref("toolkit.telemetry.hybridContent.enabled", false);
|
|
|
|
user_pref("toolkit.telemetry.bhrPing.enabled", false);
|
|
|
|
user_pref("toolkit.telemetry.firstShutdownPing.enabled", false);
|
|
|
|
user_pref("toolkit.telemetry.newProfilePing.enabled", false);
|
|
|
|
user_pref("toolkit.telemetry.shutdownPingSender.enabled", false);
|
|
|
|
user_pref("toolkit.telemetry.updatePing.enabled", false);
|
|
|
|
user_pref("toolkit.telemetry.unified", false);
|
|
|
|
|
|
|
|
##############
|
|
|
|
## SECURITY ##
|
|
|
|
##############
|
|
|
|
|
|
|
|
## Enforce Punycode for Internationalized Domain Names to eliminate possible spoofing
|
|
|
|
user_pref("network.IDN_show_punycode", true);
|
|
|
|
|
|
|
|
## Display all parts of the URL in the location bar eg. http(s)://
|
|
|
|
user_pref("browser.urlbar.trimURLs", false);
|
|
|
|
|
|
|
|
## Display "insecure" icon (FF59+) and "Not Secure" text (FF60+) on HTTP sites
|
|
|
|
user_pref("security.insecure_connection_icon.enabled", true);
|
|
|
|
user_pref("security.insecure_connection_icon.pbmode.enabled", true);
|
|
|
|
user_pref("security.insecure_connection_text.enabled", true);
|
|
|
|
user_pref("security.insecure_connection_text.pbmode.enabled", true);
|
|
|
|
'';
|
|
|
|
#search.default = "DuckDuckGo";
|
|
|
|
# force = true;
|
|
|
|
# order = [ "DuckDuckGo" "Google" ];
|
|
|
|
# engines = {
|
|
|
|
# "Nix Packages" = {
|
|
|
|
# urls = [{
|
|
|
|
# template = "https://search.nixos.org/packages";
|
|
|
|
# params = [
|
|
|
|
# { name = "type"; value = "packages"; }
|
|
|
|
# { name = "query"; value = "{searchTerms}"; }
|
|
|
|
# ];
|
|
|
|
# }];
|
|
|
|
#
|
|
|
|
# icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
|
|
|
|
# definedAliases = [ "@np" ];
|
|
|
|
# };
|
|
|
|
|
|
|
|
# "NixOS Wiki" = {
|
|
|
|
# urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
|
|
|
|
# iconUpdateURL = "https://nixos.wiki/favicon.png";
|
|
|
|
# updateInterval = 24 * 60 * 60 * 1000; # every day
|
|
|
|
# definedAliases = [ "@nw" ];
|
|
|
|
# };
|
|
|
|
|
|
|
|
# "Bing".metaData.hidden = true;
|
|
|
|
# "Google".metaData.alias = "@g"; # builtin engines only support specifying one additional alias
|
|
|
|
# };
|
|
|
|
#};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|