mirror of
https://codeberg.org/privacy1st/nix-git
synced 2024-12-05 00:05:04 +01:00
172 lines
7.0 KiB
Nix
172 lines
7.0 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
{
|
|
users.users.yoda = {
|
|
packages = with pkgs; [
|
|
firefox # Web browser
|
|
];
|
|
};
|
|
|
|
# Touch input with Firefox under X11.
|
|
environment.sessionVariables = lib.mkIf (! config.services.xserver.displayManager.gdm.wayland) {
|
|
MOZ_USE_XINPUT2 = "1";
|
|
};
|
|
|
|
# Required for dconf.settings
|
|
programs.dconf.enable = true;
|
|
|
|
home-manager.users.yoda = { osConfig, config, pkgs, ... }: {
|
|
dconf.settings = {
|
|
"org/gnome/shell" = {
|
|
favorite-apps = ["firefox.desktop"];
|
|
};
|
|
};
|
|
|
|
programs.firefox = {
|
|
enable = true;
|
|
profiles.default = {
|
|
isDefault = true;
|
|
# https://wiki.archlinux.org/title/Firefox/Privacy
|
|
settings = {
|
|
# Don't execute JavaScript from PDF files.
|
|
"pdfjs.enableScripting" = false;
|
|
# "Do Not Track" header.
|
|
"privacy.donottrackheader.enabled" = true;
|
|
# HTTPS-only mode in all windows.
|
|
# https://www.privacy-handbuch.de/handbuch_21l.htm
|
|
"dom.security.https_only_mode" = true;
|
|
# Don't ask to save passwords/logins.
|
|
"signon.rememberSignons" = false;
|
|
|
|
# Global Privacy Control.
|
|
# The extension "Privacy Badger" enables this for us as well.
|
|
# https://blog.mozilla.org/netpolicy/2021/10/28/implementing-global-privacy-control/
|
|
#"privacy.globalprivacycontrol.enabled" = true;
|
|
#"privacy.globalprivacycontrol.functionality.enabled" = true;
|
|
|
|
# https://wiki.archlinux.org/title/Firefox/Privacy#Tracking_protection
|
|
"privacy.trackingprotection.enabled" = true;
|
|
#"privacy.trackingprotection.emailtracking.enabled" = true;
|
|
#"privacy.trackingprotection.socialtracking.enabled" = true;
|
|
|
|
# https://wiki.archlinux.org/title/Firefox/Privacy#Anti-fingerprinting
|
|
"privacy.resistFingerprinting" = true;
|
|
# https://wiki.archlinux.org/title/Firefox/Privacy#First_party_isolation
|
|
"privacy.firstparty.isolate" = true;
|
|
|
|
# https://wiki.mozilla.org/Privacy/Privacy_Task_Force/firefox_about_config_privacy_tweeks
|
|
# The attribute would be useful for letting websites track visitors' clicks.
|
|
"browser.send_pings" = false;
|
|
|
|
# https://wiki.mozilla.org/Privacy/Privacy_Task_Force/firefox_about_config_privacy_tweeks
|
|
# Disable preloading of autocomplete URLs.
|
|
# Firefox preloads URLs that autocomplete when a user types into the address bar,
|
|
# which is a concern if URLs are suggested that the user does not want to connect to.
|
|
"browser.urlbar.speculativeConnect.enabled" = false;
|
|
|
|
# https://wiki.mozilla.org/Privacy/Privacy_Task_Force/firefox_about_config_privacy_tweeks
|
|
# Website owners can track the battery status of your device.
|
|
"dom.battery.enabled" = false;
|
|
|
|
# https://wiki.mozilla.org/Privacy/Privacy_Task_Force/firefox_about_config_privacy_tweeks
|
|
# Disable that websites can get notifications if you copy, paste, or cut something from a web page,
|
|
# and it lets them know which part of the page had been selected.
|
|
"dom.event.clipboardevents.enabled" = false;
|
|
|
|
# https://wiki.mozilla.org/Privacy/Privacy_Task_Force/firefox_about_config_privacy_tweeks
|
|
# Only accept from the originating site (block third party cookies)
|
|
"network.cookie.cookieBehavior" = 1;
|
|
|
|
# DNS-over-HTTPS
|
|
# https://www.privacy-handbuch.de/handbuch_21w.htm
|
|
"network.trr.mode" = 3;
|
|
"network.trr.uri" = "https://doh.ffmuc.net/dns-query";
|
|
|
|
# Don't automatically save PDF files in ~/Downloads/
|
|
"browser.download.start_downloads_in_tmp_dir" = true;
|
|
# Ask where to save before starting download.
|
|
"browser.download.useDownloadDir" = false;
|
|
# Restore previous session.
|
|
"browser.startup.page" = 3;
|
|
|
|
# Reduce spaces between UI elements. Larger website space.
|
|
"browser.uidensity" = 1;
|
|
|
|
# Locality
|
|
"doh-rollout.home-region" = "DE";
|
|
"browser.search.region" = "DE";
|
|
|
|
"browser.aboutConfig.showWarning" = false;
|
|
};
|
|
|
|
# This is recommended since Firefox will replace the symlink for the search configuration on every launch.
|
|
search.force = true;
|
|
search.default = "Startpage";
|
|
search.engines = {
|
|
"Amazon.de".metaData.hidden = true;
|
|
"Bing".metaData.hidden = true;
|
|
"Google".metaData.hidden = true;
|
|
|
|
"NixOS Wiki" = {
|
|
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
|
|
iconUpdateURL = "https://nixos.wiki/favicon.png";
|
|
updateInterval = 24 * 60 * 60 * 1000; # Every day
|
|
definedAliases = [ "@nw" ];
|
|
};
|
|
|
|
"NixOS Packages" = {
|
|
urls = [{ template = "https://search.nixos.org/packages?query={searchTerms}"; }];
|
|
iconUpdateURL = "https://nixos.wiki/favicon.png";
|
|
updateInterval = 24 * 60 * 60 * 1000; # Every day
|
|
definedAliases = [ "@np" ];
|
|
};
|
|
|
|
"NixOS Options" = {
|
|
urls = [{ template = "https://search.nixos.org/options?query={searchTerms}"; }];
|
|
iconUpdateURL = "https://nixos.wiki/favicon.png";
|
|
updateInterval = 24 * 60 * 60 * 1000; # Every day
|
|
definedAliases = [ "@no" ];
|
|
};
|
|
|
|
"Home Manager Options" = {
|
|
urls = [{ template = "https://home-manager-options.extranix.com/?query={searchTerms}"; }];
|
|
iconUpdateURL = "https://nixos.wiki/favicon.png";
|
|
updateInterval = 24 * 60 * 60 * 1000; # Every day
|
|
definedAliases = [ "@ho" ];
|
|
};
|
|
|
|
"Startpage" = {
|
|
urls = [{ template = "https://www.startpage.com/sp/search?query={searchTerms}"; }];
|
|
iconUpdateURL = "https://www.startpage.com/sp/cdn/favicons/favicon-32x32--default.png";
|
|
updateInterval = 24 * 60 * 60 * 1000; # Every day
|
|
definedAliases = [ "@sp" ];
|
|
};
|
|
};
|
|
|
|
# https://mipmip.github.io/home-manager-option-search/?query=firefox.profiles.%3Cname%3E.extensions
|
|
# https://nur.nix-community.org/repos/rycee/
|
|
extensions = with pkgs.nur.repos.rycee.firefox-addons; [
|
|
ublock-origin
|
|
# Automatically learns to block invisible trackers.
|
|
# Activates "Global Privacy Control" and "Do Not Track".
|
|
# It is compatible with oter ad-blockers: https://privacybadger.org/#Is-Privacy-Badger-compatible-with-other-extensions%2c-including-other-adblockers
|
|
privacy-badger
|
|
# Provides autofill for KeePassXC.
|
|
keepassxc-browser
|
|
# Sync bookmarks with Nextcloud.
|
|
floccus
|
|
# Help people in censored countries access the Internet without restrictions.
|
|
#snowflake
|
|
simple-tab-groups
|
|
smart-referer
|
|
# noscript
|
|
# video-downloadhelper
|
|
|
|
decentraleyes
|
|
# or
|
|
#localcdn
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|