Use custom Firefox flake

2024-12-10 21:04:25 +01:00 · 2024-12-10 21:04:25 +01:00 · 89ea933cb1
commit 89ea933cb1
parent 61448c58ea
4 changed files with 39 additions and 166 deletions
--- a/flake.lock
+++ b/flake.lock
@ -101,6 +101,24 @@
        "type": "github"
      }
    },
+    "firefox": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      },
+      "locked": {
+        "lastModified": 1733849016,
+        "narHash": "sha256-m+qrD75u06Lrba+yL8y2oeN6a39eSdI+8JOmqyLm2PI=",
+        "ref": "refs/heads/main",
+        "rev": "0f52af1b4b839ccf76d9ec44478981e04bce4a00",
+        "revCount": 1,
+        "type": "git",
+        "url": "https://woof.rip/mikael/firefox.git"
+      },
+      "original": {
+        "type": "git",
+        "url": "https://woof.rip/mikael/firefox.git"
+      }
+    },
    "flake-compat": {
      "flake": false,
      "locked": {
@ -170,27 +188,6 @@
        "type": "github"
      }
    },
-    "flake-parts_2": {
-      "inputs": {
-        "nixpkgs-lib": [
-          "nur",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1733312601,
-        "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "type": "github"
-      }
-    },
    "flake-utils": {
      "locked": {
        "lastModified": 1659877975,
@ -350,7 +347,7 @@
    },
    "linux-hardened": {
      "inputs": {
-        "nixpkgs": "nixpkgs"
+        "nixpkgs": "nixpkgs_2"
      },
      "locked": {
        "lastModified": 1733594854,
@ -519,11 +516,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1733376361,
-        "narHash": "sha256-aLJxoTDDSqB+/3orsulE6/qdlX6MzDLIITLZqdgMpqo=",
+        "lastModified": 1733686850,
+        "narHash": "sha256-NQEO/nZWWGTGlkBWtCs/1iF1yl2lmQ1oY/8YZrumn3I=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "929116e316068c7318c54eb4d827f7d9756d5e9c",
+        "rev": "dd51f52372a20a93c219e8216fe528a648ffcbf4",
        "type": "github"
      },
      "original": {
@ -583,11 +580,11 @@
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1733686850,
-        "narHash": "sha256-NQEO/nZWWGTGlkBWtCs/1iF1yl2lmQ1oY/8YZrumn3I=",
+        "lastModified": 1733376361,
+        "narHash": "sha256-aLJxoTDDSqB+/3orsulE6/qdlX6MzDLIITLZqdgMpqo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "dd51f52372a20a93c219e8216fe528a648ffcbf4",
+        "rev": "929116e316068c7318c54eb4d827f7d9756d5e9c",
        "type": "github"
      },
      "original": {
@ -599,40 +596,20 @@
    },
    "nixpkgs_3": {
      "locked": {
-        "lastModified": 1733581040,
-        "narHash": "sha256-Qn3nPMSopRQJgmvHzVqPcE3I03zJyl8cSbgnnltfFDY=",
-        "owner": "nixos",
+        "lastModified": 1733686850,
+        "narHash": "sha256-NQEO/nZWWGTGlkBWtCs/1iF1yl2lmQ1oY/8YZrumn3I=",
+        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "22c3f2cf41a0e70184334a958e6b124fb0ce3e01",
+        "rev": "dd51f52372a20a93c219e8216fe528a648ffcbf4",
        "type": "github"
      },
      "original": {
-        "owner": "nixos",
-        "ref": "nixos-unstable",
+        "owner": "NixOS",
+        "ref": "nixpkgs-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
-    "nur": {
-      "inputs": {
-        "flake-parts": "flake-parts_2",
-        "nixpkgs": "nixpkgs_3",
-        "treefmt-nix": "treefmt-nix"
-      },
-      "locked": {
-        "lastModified": 1733824207,
-        "narHash": "sha256-qGXcFigGMSFba29CtCnTgf/c9h+Dzh6yHcXTK16jXJ8=",
-        "owner": "nix-community",
-        "repo": "NUR",
-        "rev": "f1ea8bb704f71d74dcc885d6bd149b5b661bb858",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "NUR",
-        "type": "github"
-      }
-    },
    "pre-commit-hooks": {
      "inputs": {
        "flake-compat": "flake-compat_3",
@ -716,6 +693,7 @@
        "catppuccin": "catppuccin",
        "catppuccin-palette": "catppuccin-palette",
        "colmena": "colmena",
+        "firefox": "firefox",
        "home-manager": "home-manager",
        "lanzaboote": "lanzaboote",
        "linux-hardened": "linux-hardened",
@ -724,8 +702,7 @@
        "niri": "niri",
        "nix-index-database": "nix-index-database",
        "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs_2",
-        "nur": "nur",
+        "nixpkgs": "nixpkgs_3",
        "ripgrep-all": "ripgrep-all",
        "rust-overlay": "rust-overlay"
      }
@ -796,27 +773,6 @@
        "type": "github"
      }
    },
-    "treefmt-nix": {
-      "inputs": {
-        "nixpkgs": [
-          "nur",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1733222881,
-        "narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=",
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "rev": "49717b5af6f80172275d47a418c9719a31a78b53",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "type": "github"
-      }
-    },
    "xwayland-satellite-stable": {
      "flake": false,
      "locked": {
--- a/flake.nix
+++ b/flake.nix
@ -4,7 +4,6 @@
  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
    nixos-hardware.url = "github:NixOS/nixos-hardware";
-    nur.url = "github:nix-community/NUR";

    lix = {
      url = "https://git.lix.systems/lix-project/lix/archive/main.tar.gz";
@ -40,6 +39,7 @@
    };

    linux-hardened.url = "git+https://woof.rip/mikael/linux-hardened.git";
+    firefox.url = "git+https://woof.rip/mikael/firefox.git";

    nix-index-database = {
      url = "github:illdefined/nix-index-database";
--- a/home/config/nil/firefox.nix
+++ b/home/config/nil/firefox.nix
@ -1,4 +1,4 @@
-{ ... }: { config, lib, pkgs, ... }@args:
+{ firefox, ... }: { config, lib, pkgs, ... }@args:
 let
  osConfig = args.osConfig or { };

@ -12,16 +12,8 @@ let
 in lib.mkIf (osConfig.hardware.graphics.enable or false) {
  programs.firefox = {
    enable = true;
-    package = pkgs.firefox;
+    package = firefox.packages.${pkgs.system}.firefox;
    profiles = let
-    extensions = with config.nur.repos.rycee.firefox-addons; [
-      clearurls
-      consent-o-matic
-      decentraleyes
-      keepassxc-browser
-      multi-account-containers
-      ublock-origin
-    ];
    settings = {
      # use OS locale
      "intl.regional_prefs.use_os_locales" = true;
@ -30,16 +22,6 @@ in lib.mkIf (osConfig.hardware.graphics.enable or false) {
      "intl.accept_languages" = "en-gb,en,de,fr,es-es,es,pt,ja";
      "intl.locale.requested" = "en-GB,en,de,fr,es-ES,es,pt,ja";

-      # use OS resolver
-      "network.trr.mode" = 5;
-
-      # force HTTPS
-      "dom.security.https_only_mode" = true;
-      "dom.security.https_only_mode_ever_enabled" = true;
-
-      # enable EME
-      "media.eme.enabled" = true;
-
      # founts
      "font.default.x-unicode" = "sans-serif";
      "font.default.x-western" = "sans-serif";
@ -49,34 +31,14 @@ in lib.mkIf (osConfig.hardware.graphics.enable or false) {
      "font.name.monospace.x-western" = "Fira Code";

      # hardware acceleration
-      "gfx.webrender.all" = true;
      "layers.acceleration.force-enabled" = true;
-      "media.ffmpeg.vaapi.enabled" = true;

      # always ask for download location
      "browser.download.useDownloadDir" = false;

-      # disable firefox tab
-      "browser.tabs.firefox-view" = false;
-
-      # disable firefox intro tab
-      "browser.startup.homepage_override.mstone" = "ignore";
-
-      # disable default browser check
-      "browser.shell.checkDefaultBrowser" = false;
-
      # private containor for new tab page thumbnails
      "privacy.usercontext.about_newtab_segregation.enabled" = true;

-      # disable Beacons API
-      "beacon.enabled" = false;
-
-      # disable pings
-      "browser.send_pings" = false;
-
-      # strip query parameters
-      "privacy.query_stripping" = true;
-
      # disable access to device sensors
      "device.sensors.enabled" = false;
      "dom.battery.enabled" = false;
@ -84,50 +46,6 @@ in lib.mkIf (osConfig.hardware.graphics.enable or false) {
      # disable media auto‐play
      "media.autoplay.enabled" = false;

-      # block third‐party cookies
-      "network.cookie.cookieBehavior" = 1;
-
-      # spoof referrer header
-      "network.http.referer.spoofSource" = true;
-
-      # isolate all browser identifier sources
-      "privacy.firstparty.isolate" = true;
-
-      # resist fingerprinting
-      #"privacy.resistFingerprinting" = true;
-
-      # enable built‐in tracking protection
-      "privacy.trackingprotection.enabled" = true;
-      "privacy.trackingprotection.emailtracking.enabled" = true;
-      "privacy.trackingprotection.socialtracking.enabled" = true;
-
-      # disable data sharing
-      "app.normandy.enabled" = false;
-      "app.shield.optoutstudies.enabled" = false;
-      "datareporting.healthreport.uploadEnabled" = false;
-
-      # disable safebrowsing
-      "browser.safebrowsing.downloads.enabled" = false;
-      "browser.safebrowsing.malware.enabled" = false;
-      "browser.safebrowsing.phishing.enabled" = false;
-
-      # disable firefox account
-      "identity.fxaccounts.enabled" = false;
-
-      # disable sponsored items
-      "browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
-      "browser.newtabpage.enhanced" = false;
-
-      # disable Pocket
-      "extensions.pocket.enabled" = false;
-
-      # disable crash reporting
-      "browser.tabs.crashReporting.sendReport" = false;
-      "breakpad.reportURL" = "";
-
-      # disable accessibility services
-      "accessibility.force_disabled" = true;
-
      # disable password auto‐fill
      "signon.autofillForms" = false;

@ -230,11 +148,11 @@ in lib.mkIf (osConfig.hardware.graphics.enable or false) {
    };
    in {
      default = {
-        inherit extensions settings userChrome search;
+        inherit settings userChrome search;
        isDefault = true;
      };
      sneaky = {
-        inherit extensions settings userChrome search;
+        inherit settings userChrome search;
        id = 1;
      };
      vanilla = {
--- a/home/config/nil/home.nix
+++ b/home/config/nil/home.nix
@ -1,4 +1,4 @@
-{ self, nur, catppuccin, nix-index-database, niri, ripgrep-all, ... }:
+{ self, catppuccin, nix-index-database, niri, ripgrep-all, ... }:
 { config, lib, pkgs, ... }@args:
 let
  osConfig = args.osConfig or { };
@ -9,7 +9,6 @@ let
  sh = lib.getExe self.packages.${pkgs.system}.hush;
 in {
  imports = [
-    nur.modules.homeManager.default
    self.homeModules.greedy
    self.homeModules.locale-en_EU
    catppuccin.homeManagerModules.catppuccin