home: librewolf -> firefox

- LibreWolf uses custom UA when RFP isn't enabled, this leads to inconviences and weird beheviour when website detects your browser's UA. For example, Google renders with weird styling, installing Firefox Add-ons does not work, etc. - Sandboxing with NixPak does not work with programs.firefox, unsure why. But NixPak also breaks hardware video accelerating (on LibreWolf), so anyway. - Also sorted thunderbird's user-override.js and impermanence.nix
2024-02-14 04:19:48 +08:00 · 2024-02-14 04:19:48 +08:00 · 4d38591c6e
commit 4d38591c6e
parent c32f4ce701
5 changed files with 109 additions and 73 deletions
--- a/home/applications/firefox/default.nix
+++ b/home/applications/firefox/default.nix
@ -1,65 +1,66 @@
-{
-  inputs,
-  pkgs,
-  ...
-}: let
-  mkNixPak = inputs.nixpak.lib.nixpak {
-    inherit (pkgs) lib;
-    inherit pkgs;
-  };
-
-  firefox = mkNixPak {
-    config = {
-      config,
-      sloth,
-      ...
-    }: {
-      app.package = pkgs.firefox;
-      flatpak.appId = "org.mozilla.firefox";
-
-      imports = [
-        (inputs.nixpak-pkgs + "/pkgs/modules/gui-base.nix")
-        (inputs.nixpak-pkgs + "/pkgs/modules/network.nix")
-      ];
-
-      # Specified in https://github.com/schizofox/schizofox/blob/main/modules/hm/default.nix
-      # I really don't have any idea what am I doing, it just works™
-      dbus.policies = {
-        "org.mozilla.firefox.*" = "own";
-        #"org.mozilla.firefox_beta.*" = "own";
-      };
-
-      bubblewrap = let
-        envSuffix = envKey: sloth.concat' (sloth.env envKey);
-      in {
-        bind.rw = [
-          "/tmp/.X11-unix"
-          (sloth.envOr "XAUTHORITY" "/no-xauth")
-          (envSuffix "XDG_RUNTIME_DIR" "/dconf")
-          (sloth.concat' sloth.homeDir "/.mozilla")
-          (sloth.concat' sloth.homeDir "/Downloads")
-        ];
-        bind.ro = [
-          "/etc/localtime"
-          "/sys/bus/pci"
-
-          ["${config.app.package}/lib/firefox" "/app/etc/firefox"]
-          (sloth.concat' sloth.xdgConfigHome "/dconf")
-        ];
-      };
-    };
-  };
-in {
-  home.packages = [firefox.config.env];
-
-  # TODO: does not seem to work
-  #programs.firefox = {
-  #  enable = true;
-  #  package = firefox.config.env;
-  #
-  #  # TODO
-  #  profiles."default" = {};
+{pkgs, ...}:
+#let
+#mkNixPak = inputs.nixpak.lib.nixpak {
+#  inherit (pkgs) lib;
+#  inherit pkgs;
 #};
+#
+#firefox = mkNixPak {
+#  config = {
+#    config,
+#    sloth,
+#    ...
+#  }: {
+#    app.package = pkgs.firefox;
+#    flatpak.appId = "org.mozilla.firefox";
+#
+#    imports = [
+#      (inputs.nixpak-pkgs + "/pkgs/modules/gui-base.nix")
+#      (inputs.nixpak-pkgs + "/pkgs/modules/network.nix")
+#    ];
+#
+#    # Specified in https://github.com/schizofox/schizofox/blob/main/modules/hm/default.nix
+#    # I really don't have any idea what am I doing, it just works™
+#    dbus.policies = {
+#      "org.mozilla.firefox.*" = "own";
+#      #"org.mozilla.firefox_beta.*" = "own";
+#    };
+#
+#    bubblewrap = let
+#      envSuffix = envKey: sloth.concat' (sloth.env envKey);
+#    in {
+#      bind.rw = [
+#        "/tmp/.X11-unix"
+#        (sloth.envOr "XAUTHORITY" "/no-xauth")
+#        (envSuffix "XDG_RUNTIME_DIR" "/dconf")
+#        (sloth.concat' sloth.homeDir "/.mozilla")
+#        (sloth.concat' sloth.homeDir "/Downloads")
+#      ];
+#      bind.ro = [
+#        "/etc/localtime"
+#        "/sys/bus/pci"
+#
+#        ["${config.app.package}/lib/firefox" "/app/etc/firefox"]
+#        (sloth.concat' sloth.xdgConfigHome "/dconf")
+#      ];
+#    };
+#  };
+#};
+#in
+{
+  programs.firefox = {
+    enable = true;
+    #package = firefox.config.env; # it didnt work
+    profiles."default" = {
+      extraConfig = ''
+        ${builtins.readFile (pkgs.fetchurl {
+          url = "https://raw.githubusercontent.com/arkenfox/user.js/122.0/user.js";
+          hash = "sha256-H3Nk5sDxSElGRgK+cyQpVyjtlMF2Okxbstu9A+eJtGk=";
+        })}
+        ${builtins.readFile ./user-overrides.js}
+      '';
+    };
+  };

  home.sessionVariables = {
    MOZ_USE_XINPUT2 = "1";
--- a/home/applications/firefox/user-overrides.js
+++ b/home/applications/firefox/user-overrides.js
@ -0,0 +1,35 @@
+// Restore disabled functions
+user_pref("browser.cache.disk.enable", true);
+user_pref("browser.download.always_ask_before_handling_new_types", true);
+user_pref("browser.download.useDownloadDir", true);
+user_pref("browser.newtabpage.enabled", true);
+user_pref("browser.shell.shortcutFavicons", true);
+user_pref("browser.startup.homepage", "about:home");
+user_pref("browser.startup.page", 1);
+user_pref("privacy.resistFingerprinting", false);
+user_pref("privacy.resistFingerprinting.letterboxing", false);
+user_pref("privacy.sanitize.sanitizeOnShutdown", false);
+user_pref("security.OCSP.enabled", 0);
+user_pref("security.pki.crlite_mode", 2);
+user_pref("security.remote_settings.crlite_filters.enabled", true);
+user_pref("webgl.disabled", false);
+
+// Weird stuff that is not disabled
+user_pref("browser.preferences.moreFromMozilla", false);
+user_pref("browser.privatebrowsing.vpnpromourl", "");
+user_pref("browser.safebrowsing.downloads.enabled", false);
+user_pref("browser.shell.checkDefaultBrowser", false);
+user_pref("extensions.pocket.enabled", false);
+user_pref("signon.rememberSignons", false);
+
+// Neat features, nice to have
+user_pref("browser.compactmode.show", true);
+user_pref("browser.search.separatePrivateDefault", false);
+user_pref("browser.urlbar.suggest.calculator", true);
+
+// Smooth scrolling
+user_pref("apz.overscroll.enabled", true);
+user_pref("general.smoothScroll", true);
+user_pref("general.smoothScroll.msdPhysics.enabled", true);
+user_pref("general.smoothScroll.msdPhysics.motionBeginSpringConstant", 600)
+user_pref("mousewheel.default.delta_multiplier_y", 75);
--- a/nixos/profiles/common/graphical/home/default.nix
+++ b/nixos/profiles/common/graphical/home/default.nix
@ -24,7 +24,8 @@

      # Browser
      "chromium"
-      "librewolf"
+      #"librewolf"
+      "firefox"

      # Language
      "nix"
--- a/nixos/profiles/common/opt-in/impermanence.nix
+++ b/nixos/profiles/common/opt-in/impermanence.nix
@ -1,15 +1,12 @@
 {lib, ...}: {
-  ### sops-nix
  sops.age.sshKeyPaths = lib.mkForce ["/persist/etc/ssh/ssh_host_ed25519_key"];
-
  fileSystems."/persist".neededForBoot = true;
  environment.persistence."/persist" = {
    hideMounts = true;
    directories = [
      "/var/log"
      "/var/lib"
-
-      "/etc/secureboot" # sbctl, lanzaboote
+      "/etc/secureboot"
    ];
    files = [
      "/etc/ssh/ssh_host_ed25519_key"
@ -24,24 +21,26 @@
        "Downloads"
        "Music"
        "Pictures"
+        "Videos"
        #"Public"
        #"Templates"
-        "Videos"
+
+        ".ssh"
+        #".librewolf"
+        ".mozilla/firefox"
+        ".thunderbird"

        ".cache"
-        ".local/share" # ".local/bin" is managed through home-manager
+        ".local/share"
        ".local/state"
-        ".ssh"

-        ".librewolf"
-        ".thunderbird"
+        ".config/Mumble"
+        ".config/VSCodium"
        ".config/chromium"
        ".config/fcitx5"
-        ".config/Mumble"
-        ".config/spotify"
        ".config/obs-studio"
        ".config/qBittorrent"
-        ".config/VSCodium" # UI states, GitHub account state, etc
+        ".config/spotify"
      ];
      files = [
        ".config/sops/age/keys.txt"