From 4d38591c6e9687df1943db11250a525c3dbf76d5 Mon Sep 17 00:00:00 2001 From: Guanran Wang Date: Wed, 14 Feb 2024 04:19:48 +0800 Subject: [PATCH] home: librewolf -> firefox - LibreWolf uses custom UA when RFP isn't enabled, this leads to inconviences and weird beheviour when website detects your browser's UA. For example, Google renders with weird styling, installing Firefox Add-ons does not work, etc. - Sandboxing with NixPak does not work with programs.firefox, unsure why. But NixPak also breaks hardware video accelerating (on LibreWolf), so anyway. - Also sorted thunderbird's user-override.js and impermanence.nix --- home/applications/firefox/default.nix | 119 +++++++++--------- home/applications/firefox/user-overrides.js | 35 ++++++ .../thunderbird/user-overrides.js | 2 +- .../common/graphical/home/default.nix | 3 +- nixos/profiles/common/opt-in/impermanence.nix | 23 ++-- 5 files changed, 109 insertions(+), 73 deletions(-) create mode 100644 home/applications/firefox/user-overrides.js diff --git a/home/applications/firefox/default.nix b/home/applications/firefox/default.nix index c741b27..157af1e 100644 --- a/home/applications/firefox/default.nix +++ b/home/applications/firefox/default.nix @@ -1,65 +1,66 @@ +{pkgs, ...}: +#let +#mkNixPak = inputs.nixpak.lib.nixpak { +# inherit (pkgs) lib; +# inherit pkgs; +#}; +# +#firefox = mkNixPak { +# config = { +# config, +# sloth, +# ... +# }: { +# app.package = pkgs.firefox; +# flatpak.appId = "org.mozilla.firefox"; +# +# imports = [ +# (inputs.nixpak-pkgs + "/pkgs/modules/gui-base.nix") +# (inputs.nixpak-pkgs + "/pkgs/modules/network.nix") +# ]; +# +# # Specified in https://github.com/schizofox/schizofox/blob/main/modules/hm/default.nix +# # I really don't have any idea what am I doing, it just works™ +# dbus.policies = { +# "org.mozilla.firefox.*" = "own"; +# #"org.mozilla.firefox_beta.*" = "own"; +# }; +# +# bubblewrap = let +# envSuffix = envKey: sloth.concat' (sloth.env envKey); +# in { +# bind.rw = [ +# "/tmp/.X11-unix" +# (sloth.envOr "XAUTHORITY" "/no-xauth") +# (envSuffix "XDG_RUNTIME_DIR" "/dconf") +# (sloth.concat' sloth.homeDir "/.mozilla") +# (sloth.concat' sloth.homeDir "/Downloads") +# ]; +# bind.ro = [ +# "/etc/localtime" +# "/sys/bus/pci" +# +# ["${config.app.package}/lib/firefox" "/app/etc/firefox"] +# (sloth.concat' sloth.xdgConfigHome "/dconf") +# ]; +# }; +# }; +#}; +#in { - inputs, - pkgs, - ... -}: let - mkNixPak = inputs.nixpak.lib.nixpak { - inherit (pkgs) lib; - inherit pkgs; - }; - - firefox = mkNixPak { - config = { - config, - sloth, - ... - }: { - app.package = pkgs.firefox; - flatpak.appId = "org.mozilla.firefox"; - - imports = [ - (inputs.nixpak-pkgs + "/pkgs/modules/gui-base.nix") - (inputs.nixpak-pkgs + "/pkgs/modules/network.nix") - ]; - - # Specified in https://github.com/schizofox/schizofox/blob/main/modules/hm/default.nix - # I really don't have any idea what am I doing, it just works™ - dbus.policies = { - "org.mozilla.firefox.*" = "own"; - #"org.mozilla.firefox_beta.*" = "own"; - }; - - bubblewrap = let - envSuffix = envKey: sloth.concat' (sloth.env envKey); - in { - bind.rw = [ - "/tmp/.X11-unix" - (sloth.envOr "XAUTHORITY" "/no-xauth") - (envSuffix "XDG_RUNTIME_DIR" "/dconf") - (sloth.concat' sloth.homeDir "/.mozilla") - (sloth.concat' sloth.homeDir "/Downloads") - ]; - bind.ro = [ - "/etc/localtime" - "/sys/bus/pci" - - ["${config.app.package}/lib/firefox" "/app/etc/firefox"] - (sloth.concat' sloth.xdgConfigHome "/dconf") - ]; - }; + programs.firefox = { + enable = true; + #package = firefox.config.env; # it didnt work + profiles."default" = { + extraConfig = '' + ${builtins.readFile (pkgs.fetchurl { + url = "https://raw.githubusercontent.com/arkenfox/user.js/122.0/user.js"; + hash = "sha256-H3Nk5sDxSElGRgK+cyQpVyjtlMF2Okxbstu9A+eJtGk="; + })} + ${builtins.readFile ./user-overrides.js} + ''; }; }; -in { - home.packages = [firefox.config.env]; - - # TODO: does not seem to work - #programs.firefox = { - # enable = true; - # package = firefox.config.env; - # - # # TODO - # profiles."default" = {}; - #}; home.sessionVariables = { MOZ_USE_XINPUT2 = "1"; diff --git a/home/applications/firefox/user-overrides.js b/home/applications/firefox/user-overrides.js new file mode 100644 index 0000000..0324d2b --- /dev/null +++ b/home/applications/firefox/user-overrides.js @@ -0,0 +1,35 @@ +// Restore disabled functions +user_pref("browser.cache.disk.enable", true); +user_pref("browser.download.always_ask_before_handling_new_types", true); +user_pref("browser.download.useDownloadDir", true); +user_pref("browser.newtabpage.enabled", true); +user_pref("browser.shell.shortcutFavicons", true); +user_pref("browser.startup.homepage", "about:home"); +user_pref("browser.startup.page", 1); +user_pref("privacy.resistFingerprinting", false); +user_pref("privacy.resistFingerprinting.letterboxing", false); +user_pref("privacy.sanitize.sanitizeOnShutdown", false); +user_pref("security.OCSP.enabled", 0); +user_pref("security.pki.crlite_mode", 2); +user_pref("security.remote_settings.crlite_filters.enabled", true); +user_pref("webgl.disabled", false); + +// Weird stuff that is not disabled +user_pref("browser.preferences.moreFromMozilla", false); +user_pref("browser.privatebrowsing.vpnpromourl", ""); +user_pref("browser.safebrowsing.downloads.enabled", false); +user_pref("browser.shell.checkDefaultBrowser", false); +user_pref("extensions.pocket.enabled", false); +user_pref("signon.rememberSignons", false); + +// Neat features, nice to have +user_pref("browser.compactmode.show", true); +user_pref("browser.search.separatePrivateDefault", false); +user_pref("browser.urlbar.suggest.calculator", true); + +// Smooth scrolling +user_pref("apz.overscroll.enabled", true); +user_pref("general.smoothScroll", true); +user_pref("general.smoothScroll.msdPhysics.enabled", true); +user_pref("general.smoothScroll.msdPhysics.motionBeginSpringConstant", 600) +user_pref("mousewheel.default.delta_multiplier_y", 75); diff --git a/home/applications/thunderbird/user-overrides.js b/home/applications/thunderbird/user-overrides.js index eea860c..4b3ed29 100644 --- a/home/applications/thunderbird/user-overrides.js +++ b/home/applications/thunderbird/user-overrides.js @@ -15,4 +15,4 @@ user_pref("mailnews.display.html_as", 0); user_pref("mailnews.message_display.disable_remote_image", false); // user_pref("privacy.resistFingerprinting", false); -user_Pref("mail.shell.checkDefaultClient", false); \ No newline at end of file +user_Pref("mail.shell.checkDefaultClient", false); diff --git a/nixos/profiles/common/graphical/home/default.nix b/nixos/profiles/common/graphical/home/default.nix index a8072c0..49ac70f 100644 --- a/nixos/profiles/common/graphical/home/default.nix +++ b/nixos/profiles/common/graphical/home/default.nix @@ -24,7 +24,8 @@ # Browser "chromium" - "librewolf" + #"librewolf" + "firefox" # Language "nix" diff --git a/nixos/profiles/common/opt-in/impermanence.nix b/nixos/profiles/common/opt-in/impermanence.nix index 05266b3..b7c1859 100644 --- a/nixos/profiles/common/opt-in/impermanence.nix +++ b/nixos/profiles/common/opt-in/impermanence.nix @@ -1,15 +1,12 @@ {lib, ...}: { - ### sops-nix sops.age.sshKeyPaths = lib.mkForce ["/persist/etc/ssh/ssh_host_ed25519_key"]; - fileSystems."/persist".neededForBoot = true; environment.persistence."/persist" = { hideMounts = true; directories = [ "/var/log" "/var/lib" - - "/etc/secureboot" # sbctl, lanzaboote + "/etc/secureboot" ]; files = [ "/etc/ssh/ssh_host_ed25519_key" @@ -24,24 +21,26 @@ "Downloads" "Music" "Pictures" + "Videos" #"Public" #"Templates" - "Videos" + + ".ssh" + #".librewolf" + ".mozilla/firefox" + ".thunderbird" ".cache" - ".local/share" # ".local/bin" is managed through home-manager + ".local/share" ".local/state" - ".ssh" - ".librewolf" - ".thunderbird" + ".config/Mumble" + ".config/VSCodium" ".config/chromium" ".config/fcitx5" - ".config/Mumble" - ".config/spotify" ".config/obs-studio" ".config/qBittorrent" - ".config/VSCodium" # UI states, GitHub account state, etc + ".config/spotify" ]; files = [ ".config/sops/age/keys.txt"