Use custom Firefox flake
This commit is contained in:
parent
9c3cdb5691
commit
a08b1e5238
6 changed files with 42 additions and 140 deletions
39
flake.lock
39
flake.lock
|
@ -101,6 +101,24 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"firefox": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": "nixpkgs"
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1731773001,
|
||||||
|
"narHash": "sha256-/3tpXzkJqSmJObEilZxeL4Mo1GsyNP0q15kIvw6+GEo=",
|
||||||
|
"ref": "refs/heads/main",
|
||||||
|
"rev": "bb30e67d1f3e5947d46c86dda2a567d16e9d3f52",
|
||||||
|
"revCount": 3,
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://woof.rip/mikael/firefox.git"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://woof.rip/mikael/firefox.git"
|
||||||
|
}
|
||||||
|
},
|
||||||
"flake-compat": {
|
"flake-compat": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
|
@ -329,7 +347,7 @@
|
||||||
},
|
},
|
||||||
"linux-hardened": {
|
"linux-hardened": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": "nixpkgs"
|
"nixpkgs": "nixpkgs_2"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1731676971,
|
"lastModified": 1731676971,
|
||||||
|
@ -576,6 +594,22 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nixpkgs_3": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1731531548,
|
||||||
|
"narHash": "sha256-sz8/v17enkYmfpgeeuyzniGJU0QQBfmAjlemAUYhfy8=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "24f0d4acd634792badd6470134c387a3b039dace",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixpkgs-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nur": {
|
"nur": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1731667778,
|
"lastModified": 1731667778,
|
||||||
|
@ -674,6 +708,7 @@
|
||||||
"catppuccin": "catppuccin",
|
"catppuccin": "catppuccin",
|
||||||
"catppuccin-palette": "catppuccin-palette",
|
"catppuccin-palette": "catppuccin-palette",
|
||||||
"colmena": "colmena",
|
"colmena": "colmena",
|
||||||
|
"firefox": "firefox",
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
"lanzaboote": "lanzaboote",
|
"lanzaboote": "lanzaboote",
|
||||||
"linux-hardened": "linux-hardened",
|
"linux-hardened": "linux-hardened",
|
||||||
|
@ -682,7 +717,7 @@
|
||||||
"niri": "niri",
|
"niri": "niri",
|
||||||
"nix-index-database": "nix-index-database",
|
"nix-index-database": "nix-index-database",
|
||||||
"nixos-hardware": "nixos-hardware",
|
"nixos-hardware": "nixos-hardware",
|
||||||
"nixpkgs": "nixpkgs_2",
|
"nixpkgs": "nixpkgs_3",
|
||||||
"nur": "nur",
|
"nur": "nur",
|
||||||
"ripgrep-all": "ripgrep-all",
|
"ripgrep-all": "ripgrep-all",
|
||||||
"rust-overlay": "rust-overlay"
|
"rust-overlay": "rust-overlay"
|
||||||
|
|
|
@ -40,6 +40,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
linux-hardened.url = "git+https://woof.rip/mikael/linux-hardened.git";
|
linux-hardened.url = "git+https://woof.rip/mikael/linux-hardened.git";
|
||||||
|
firefox.url = "git+https://woof.rip/mikael/firefox.git";
|
||||||
|
|
||||||
nix-index-database = {
|
nix-index-database = {
|
||||||
url = "github:illdefined/nix-index-database";
|
url = "github:illdefined/nix-index-database";
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ ... }: { config, lib, pkgs, ... }@args:
|
{ firefox, ... }: { config, lib, pkgs, ... }@args:
|
||||||
let
|
let
|
||||||
osConfig = args.osConfig or { };
|
osConfig = args.osConfig or { };
|
||||||
|
|
||||||
|
@ -12,7 +12,7 @@ let
|
||||||
in lib.mkIf (osConfig.hardware.graphics.enable or false) {
|
in lib.mkIf (osConfig.hardware.graphics.enable or false) {
|
||||||
programs.firefox = {
|
programs.firefox = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.firefox;
|
package = firefox.packages.${pkgs.system}.firefox;
|
||||||
profiles = let
|
profiles = let
|
||||||
extensions = with config.nur.repos.rycee.firefox-addons; [
|
extensions = with config.nur.repos.rycee.firefox-addons; [
|
||||||
clearurls
|
clearurls
|
||||||
|
@ -30,16 +30,6 @@ in lib.mkIf (osConfig.hardware.graphics.enable or false) {
|
||||||
"intl.accept_languages" = "en-gb,en,de,fr,es-es,es,pt,ja";
|
"intl.accept_languages" = "en-gb,en,de,fr,es-es,es,pt,ja";
|
||||||
"intl.locale.requested" = "en-GB,en,de,fr,es-ES,es,pt,ja";
|
"intl.locale.requested" = "en-GB,en,de,fr,es-ES,es,pt,ja";
|
||||||
|
|
||||||
# use OS resolver
|
|
||||||
"network.trr.mode" = 5;
|
|
||||||
|
|
||||||
# force HTTPS
|
|
||||||
"dom.security.https_only_mode" = true;
|
|
||||||
"dom.security.https_only_mode_ever_enabled" = true;
|
|
||||||
|
|
||||||
# enable EME
|
|
||||||
"media.eme.enabled" = true;
|
|
||||||
|
|
||||||
# founts
|
# founts
|
||||||
"font.default.x-unicode" = "sans-serif";
|
"font.default.x-unicode" = "sans-serif";
|
||||||
"font.default.x-western" = "sans-serif";
|
"font.default.x-western" = "sans-serif";
|
||||||
|
@ -49,87 +39,7 @@ in lib.mkIf (osConfig.hardware.graphics.enable or false) {
|
||||||
"font.name.monospace.x-western" = "Fira Code";
|
"font.name.monospace.x-western" = "Fira Code";
|
||||||
|
|
||||||
# hardware acceleration
|
# hardware acceleration
|
||||||
"gfx.webrender.all" = true;
|
|
||||||
"layers.acceleration.force-enabled" = true;
|
"layers.acceleration.force-enabled" = true;
|
||||||
"media.ffmpeg.vaapi.enabled" = true;
|
|
||||||
|
|
||||||
# always ask for download location
|
|
||||||
"browser.download.useDownloadDir" = false;
|
|
||||||
|
|
||||||
# disable firefox tab
|
|
||||||
"browser.tabs.firefox-view" = false;
|
|
||||||
|
|
||||||
# disable firefox intro tab
|
|
||||||
"browser.startup.homepage_override.mstone" = "ignore";
|
|
||||||
|
|
||||||
# disable default browser check
|
|
||||||
"browser.shell.checkDefaultBrowser" = false;
|
|
||||||
|
|
||||||
# private containor for new tab page thumbnails
|
|
||||||
"privacy.usercontext.about_newtab_segregation.enabled" = true;
|
|
||||||
|
|
||||||
# disable Beacons API
|
|
||||||
"beacon.enabled" = false;
|
|
||||||
|
|
||||||
# disable pings
|
|
||||||
"browser.send_pings" = false;
|
|
||||||
|
|
||||||
# strip query parameters
|
|
||||||
"privacy.query_stripping" = true;
|
|
||||||
|
|
||||||
# disable access to device sensors
|
|
||||||
"device.sensors.enabled" = false;
|
|
||||||
"dom.battery.enabled" = false;
|
|
||||||
|
|
||||||
# disable media auto‐play
|
|
||||||
"media.autoplay.enabled" = false;
|
|
||||||
|
|
||||||
# block third‐party cookies
|
|
||||||
"network.cookie.cookieBehavior" = 1;
|
|
||||||
|
|
||||||
# spoof referrer header
|
|
||||||
"network.http.referer.spoofSource" = true;
|
|
||||||
|
|
||||||
# isolate all browser identifier sources
|
|
||||||
"privacy.firstparty.isolate" = true;
|
|
||||||
|
|
||||||
# resist fingerprinting
|
|
||||||
#"privacy.resistFingerprinting" = true;
|
|
||||||
|
|
||||||
# enable built‐in tracking protection
|
|
||||||
"privacy.trackingprotection.enabled" = true;
|
|
||||||
"privacy.trackingprotection.emailtracking.enabled" = true;
|
|
||||||
"privacy.trackingprotection.socialtracking.enabled" = true;
|
|
||||||
|
|
||||||
# disable data sharing
|
|
||||||
"app.normandy.enabled" = false;
|
|
||||||
"app.shield.optoutstudies.enabled" = false;
|
|
||||||
"datareporting.healthreport.uploadEnabled" = false;
|
|
||||||
|
|
||||||
# disable safebrowsing
|
|
||||||
"browser.safebrowsing.downloads.enabled" = false;
|
|
||||||
"browser.safebrowsing.malware.enabled" = false;
|
|
||||||
"browser.safebrowsing.phishing.enabled" = false;
|
|
||||||
|
|
||||||
# disable firefox account
|
|
||||||
"identity.fxaccounts.enabled" = false;
|
|
||||||
|
|
||||||
# disable sponsored items
|
|
||||||
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
|
|
||||||
"browser.newtabpage.enhanced" = false;
|
|
||||||
|
|
||||||
# disable Pocket
|
|
||||||
"extensions.pocket.enabled" = false;
|
|
||||||
|
|
||||||
# disable crash reporting
|
|
||||||
"browser.tabs.crashReporting.sendReport" = false;
|
|
||||||
"breakpad.reportURL" = "";
|
|
||||||
|
|
||||||
# disable accessibility services
|
|
||||||
"accessibility.force_disabled" = true;
|
|
||||||
|
|
||||||
# disable password auto‐fill
|
|
||||||
"signon.autofillForms" = false;
|
|
||||||
|
|
||||||
# enable user profile customisation
|
# enable user profile customisation
|
||||||
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
|
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
|
||||||
|
|
|
@ -1,10 +1,10 @@
|
||||||
{ ... }: { config, lib, pkgs, ... }@args:
|
{ firefox, ... }: { config, lib, pkgs, ... }@args:
|
||||||
let
|
let
|
||||||
osConfig = args.osConfig or { };
|
osConfig = args.osConfig or { };
|
||||||
in lib.mkIf (osConfig.hardware.graphics.enable or false) {
|
in lib.mkIf (osConfig.hardware.graphics.enable or false) {
|
||||||
programs.thunderbird = {
|
programs.thunderbird = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.thunderbird;
|
package = firefox.packages.${pkgs.system}.thunderbird;
|
||||||
profiles = { };
|
profiles = { };
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,22 +15,6 @@ in {
|
||||||
secureBuild = true;
|
secureBuild = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
firefox = (final.wrapFirefox final.firefox-unwrapped { }).overrideAttrs (prevAttrs: {
|
|
||||||
buildCommand = prevAttrs.buildCommand + ''
|
|
||||||
sed -i \
|
|
||||||
'$i export MIMALLOC_RESERVE_HUGE_OS_PAGES=2' \
|
|
||||||
"$out/bin/firefox"
|
|
||||||
'';
|
|
||||||
});
|
|
||||||
|
|
||||||
thunderbird = (final.wrapThunderbird final.thunderbird-unwrapped { }).overrideAttrs (prevAttrs: {
|
|
||||||
buildCommand = prevAttrs.buildCommand + ''
|
|
||||||
sed -i \
|
|
||||||
'$i export MIMALLOC_RESERVE_HUGE_OS_PAGES=2' \
|
|
||||||
"$out/bin/thunderbird"
|
|
||||||
'';
|
|
||||||
});
|
|
||||||
|
|
||||||
fractal = prev.fractal.overrideAttrs (prevAttrs: {
|
fractal = prev.fractal.overrideAttrs (prevAttrs: {
|
||||||
nativeBuildInputs = prevAttrs.nativeBuildInputs or [ ] ++ [ final.makeBinaryWrapper ];
|
nativeBuildInputs = prevAttrs.nativeBuildInputs or [ ] ++ [ final.makeBinaryWrapper ];
|
||||||
buildInputs = prevAttrs.buildInputs or [ ] ++ [ final.mimalloc ];
|
buildInputs = prevAttrs.buildInputs or [ ] ++ [ final.mimalloc ];
|
||||||
|
|
|
@ -91,23 +91,6 @@ in genAttrs [
|
||||||
withSsh = false;
|
withSsh = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
firefox-unwrapped = (prev.firefox-unwrapped.overrideAttrs (prevAttrs: {
|
|
||||||
buildInputs = prevAttrs.buildInputs or [ ]
|
|
||||||
++ [ final.alsa-lib ];
|
|
||||||
|
|
||||||
configureFlags = prevAttrs.configureFlags or [ ]
|
|
||||||
|> substituteFlags {
|
|
||||||
"--enable-default-toolkit=.*" = "--enable-default-toolkit=cairo-gtk3-wayland-only";
|
|
||||||
};
|
|
||||||
})).override {
|
|
||||||
alsaSupport = false;
|
|
||||||
gssSupport = false;
|
|
||||||
jemallocSupport = false;
|
|
||||||
sndioSupport = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
firefox = final.wrapFirefox final.firefox-unwrapped { };
|
|
||||||
|
|
||||||
gammastep = prev.gammastep.override {
|
gammastep = prev.gammastep.override {
|
||||||
withRandr = false;
|
withRandr = false;
|
||||||
};
|
};
|
||||||
|
@ -344,17 +327,6 @@ in genAttrs [
|
||||||
withIptables = false;
|
withIptables = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
thunderbird-unwrapped = (prev.thunderbird-unwrapped.overrideAttrs (prevAttrs: {
|
|
||||||
configureFlags = prevAttrs.configureFlags or [ ]
|
|
||||||
|> substituteFlags {
|
|
||||||
"--enable-default-toolkit=.*" = "--enable-default-toolkit=cairo-gtk3-wayland-only";
|
|
||||||
};
|
|
||||||
})).override {
|
|
||||||
jemallocSupport = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
thunderbird = final.wrapThunderbird final.thunderbird-unwrapped { };
|
|
||||||
|
|
||||||
w3m = prev.w3m.override {
|
w3m = prev.w3m.override {
|
||||||
x11Support = false;
|
x11Support = false;
|
||||||
imlib2 = final.imlib2;
|
imlib2 = final.imlib2;
|
||||||
|
|
Loading…
Reference in a new issue