From 27a254a27df47cac88ce8053b4efe575cf9c481e Mon Sep 17 00:00:00 2001 From: Soispha Date: Sat, 21 Oct 2023 22:30:59 +0200 Subject: feat(hm/conf/firefox): Use the policy.json file for configs --- .../conf/firefox/config/bookmarks/default.nix | 46 ++++--- hm/soispha/conf/firefox/config/bookmarks/lib.nix | 49 +++++++ .../extensions/native_messaging_hosts/default.nix | 28 ++++ .../native_messaging_hosts/video-pauser.nix | 46 +++++++ .../conf/firefox/config/policies/default.nix | 141 +++++++++++++++++++++ hm/soispha/conf/firefox/config/prefs/default.nix | 6 +- hm/soispha/conf/firefox/default.nix | 141 ++++++++++++--------- .../conf/firefox/functions/bookmarks/default.nix | 49 ------- .../conf/firefox/functions/extensions/default.nix | 25 ---- .../firefox/functions/extensions/video-pauser.nix | 30 ----- hm/soispha/conf/firefox/package.nix | 32 +++++ hm/soispha/conf/taskwarrior/firefox/default.nix | 16 +-- 12 files changed, 417 insertions(+), 192 deletions(-) create mode 100644 hm/soispha/conf/firefox/config/bookmarks/lib.nix create mode 100644 hm/soispha/conf/firefox/config/extensions/native_messaging_hosts/default.nix create mode 100644 hm/soispha/conf/firefox/config/extensions/native_messaging_hosts/video-pauser.nix create mode 100644 hm/soispha/conf/firefox/config/policies/default.nix delete mode 100644 hm/soispha/conf/firefox/functions/bookmarks/default.nix delete mode 100644 hm/soispha/conf/firefox/functions/extensions/default.nix delete mode 100644 hm/soispha/conf/firefox/functions/extensions/video-pauser.nix create mode 100644 hm/soispha/conf/firefox/package.nix diff --git a/hm/soispha/conf/firefox/config/bookmarks/default.nix b/hm/soispha/conf/firefox/config/bookmarks/default.nix index 8315cffd..c612bf4d 100644 --- a/hm/soispha/conf/firefox/config/bookmarks/default.nix +++ b/hm/soispha/conf/firefox/config/bookmarks/default.nix @@ -1,21 +1,31 @@ -[ - { - name = "Feed - Piped"; - url = "https://piped.video/feed"; - } +{ + lib, + pkgs, + ... +}: let + bookmarks = [ + { + name = "Feed - Piped"; + url = "https://piped.video/feed"; + } - { - name = "DeepL Translate"; - url = "https://www.deepl.com/translator"; - } + { + name = "DeepL Translate"; + url = "https://www.deepl.com/translator"; + } - { - name = "Nix lib"; - url = "https://teu5us.github.io/nix-lib.html"; - } + { + name = "Nix lib"; + url = "https://teu5us.github.io/nix-lib.html"; + } - { - name = "Nixpkgs manual"; - url = "https://ryantm.github.io/nixpkgs/"; - } -] + { + name = "Nixpkgs manual"; + url = "https://ryantm.github.io/nixpkgs/"; + } + ]; + + mkBookmarksFile = (import ./lib.nix) {inherit lib pkgs;}; + bookmarks_file = mkBookmarksFile bookmarks; +in + bookmarks_file diff --git a/hm/soispha/conf/firefox/config/bookmarks/lib.nix b/hm/soispha/conf/firefox/config/bookmarks/lib.nix new file mode 100644 index 00000000..d1d89dd2 --- /dev/null +++ b/hm/soispha/conf/firefox/config/bookmarks/lib.nix @@ -0,0 +1,49 @@ +{ + lib, + pkgs, +}: bookmarks: let + indent = level: + lib.concatStringsSep "" (map (lib.const " ") (lib.range 1 level)); + + bookmarkToHTML = indentLevel: bookmark: '' + ${indent indentLevel}
${lib.escapeXML bookmark.name}''; + + directoryToHTML = indentLevel: directory: '' + ${indent indentLevel}
${ + if directory.toolbar + then ''

Bookmarks Toolbar'' + else "

${lib.escapeXML directory.name}" + }

+ ${indent indentLevel}

+ ${allItemsToHTML (indentLevel + 1) directory.bookmarks} + ${indent indentLevel}

''; + + itemToHTMLOrRecurse = indentLevel: item: + if item ? "url" + then bookmarkToHTML indentLevel item + else directoryToHTML indentLevel item; + + allItemsToHTML = indentLevel: bookmarks: + lib.concatStringsSep "\n" + (map (itemToHTMLOrRecurse indentLevel) bookmarks); + + bookmarkEntries = allItemsToHTML 1 bookmarks; +in + pkgs.writeText "firefox-bookmarks.html" '' + + + + Bookmarks +

Bookmarks Menu

+ +

+

Bookmarks Toolbar

+

+ ${bookmarkEntries} +

+

+ '' diff --git a/hm/soispha/conf/firefox/config/extensions/native_messaging_hosts/default.nix b/hm/soispha/conf/firefox/config/extensions/native_messaging_hosts/default.nix new file mode 100644 index 00000000..053b6465 --- /dev/null +++ b/hm/soispha/conf/firefox/config/extensions/native_messaging_hosts/default.nix @@ -0,0 +1,28 @@ +{ + pkgs, + video_pause, + ... +}: let + video_pause_ext = import ./video-pauser.nix {inherit pkgs video_pause;}; +in + /* + ++ lib.optional (cfg.enableBrowserpass or false) (lib.getBin browserpass) + ++ lib.optional (cfg.enableBukubrow or false) bukubrow + ++ lib.optional (cfg.enableTridactylNative or false) tridactyl-native + ++ lib.optional (cfg.enableGnomeExtensions or false) gnome-browser-connector + ++ lib.optional (cfg.enableUgetIntegrator or false) uget-integrator + ++ lib.optional (cfg.enablePlasmaBrowserIntegration or false) plasma5Packages.plasma-browser-integration + ++ lib.optional (cfg.enableFXCastBridge or false) fx-cast-bridge + ++ lib.optional (cfg.enableKeePassXC or false) keepassxc + + + mkdir -p $out/lib/mozilla/native-messaging-hosts + for ext in ${toString nativeMessagingHosts}; do + ln -sLt $out/lib/mozilla/native-messaging-hosts $ext/lib/mozilla/native-messaging-hosts/* + done + */ + with pkgs; [ + video_pause_ext + tridactyl-native + keepassxc + ] diff --git a/hm/soispha/conf/firefox/config/extensions/native_messaging_hosts/video-pauser.nix b/hm/soispha/conf/firefox/config/extensions/native_messaging_hosts/video-pauser.nix new file mode 100644 index 00000000..a652b596 --- /dev/null +++ b/hm/soispha/conf/firefox/config/extensions/native_messaging_hosts/video-pauser.nix @@ -0,0 +1,46 @@ +{ + pkgs, + video_pause, + ... +}: let + extensions = builtins.fromJSON (builtins.readFile ../extensions.json); + inherit (extensions) video-pauser; +in + /* + mkdir -p $out/lib/mozilla/native-messaging-hosts + for ext in ${toString nativeMessagingHosts}; do + ln -sLt $out/lib/mozilla/native-messaging-hosts $ext/lib/mozilla/native-messaging-hosts/* + done + */ + pkgs.stdenv.mkDerivation { + inherit (video-pauser) pname version; + buildInputs = [ + video_pause + ]; + buildPhase = '' + mkdir -p $out/share/ + cat << EOF > $out/share/"${video-pauser.pname}".json + { + "name": "${video-pauser.pname}", + "description": "Stop a video with a native hotkey", + "path": "${video_pause}/bin/video_pause", + "type": "stdio", + "allowed_extensions": ["${video-pauser.addonId}"] + } + EOF + + nativeMessagingPaths="$(cat << EOF + lib/mozilla/native-messaging-hosts + lib/librewolf/native-messaging-hosts + etc/opt/chrome/native-messaging-hosts + etc/chromium/native-messaging-hosts + etc/vivaldi/native-messaging-hosts + EOF + )" + + cat "$nativeMessagingPaths" | while read -r path; do + mkdir -p $out/$path; + cp $out/share/"${video-pauser.pname}".json $out/$path/ + done + ''; + } diff --git a/hm/soispha/conf/firefox/config/policies/default.nix b/hm/soispha/conf/firefox/config/policies/default.nix new file mode 100644 index 00000000..ada281d8 --- /dev/null +++ b/hm/soispha/conf/firefox/config/policies/default.nix @@ -0,0 +1,141 @@ +{ + config, + extensions, + ... +}: let + locals = [ + "en-CA" + "de" + "sv-SE" + ]; +in { + policies = let + mkAllowedExtension = extension: { + name = extension.addonId; + value = { + installation_mode = "normal_installed"; + updates_disabled = true; + inherit (extension) default_area; + install_url = "file://${builtins.fetchurl { + inherit + (extension) + url + sha256 + ; + }}"; + }; + }; + allowedExtensions = + builtins.listToAttrs + (builtins.map mkAllowedExtension (builtins.attrValues + extensions)); + + mkBlockedExtension = id: { + name = id; + value = { + install_mode = "blocked"; + }; + }; + blockedExtensions = builtins.listToAttrs (builtins.map mkBlockedExtension [ + # these are the default search engines + "addons-search-detection@mozilla.com" + "amazon@search.mozilla.org" + "bing@search.mozilla.org" + "ddg@search.mozilla.org" + "google@search.mozilla.org" + "wikipedia@search.mozilla.org" + ]); + + language_packs = builtins.listToAttrs (builtins.map + ( + lang: { + name = "langpack-${lang}@firefox.mozilla.org"; + value = { + installation_mode = "normal_installed"; + install_url = "https://releases.mozilla.org/pub/firefox/releases/${config.soispha.firefox.package_version}/linux-x86_64/xpi/${lang}.xpi"; + }; + } + ) + locals); + in { + # NOTE: See https://mozilla.github.io/policy-templates for documentation <2023-10-21> + + # NixOS manages this already + DisableAppUpdate = true; + + DisableFirefoxAccounts = true; + DisableFirefoxScreenshots = true; + + # KeepassXC does this for me + DisableMasterPasswordCreation = true; + + # I use a self-hosted services for that + DisablePocket = true; + + # I don't want to lose my data + DisableProfileRefresh = true; + + DisplayBookmarksToolbar = "newtab"; + DisplayMenuBar = "default-off"; + + DNSOverHTTPS = { + Enabled = true; + Locked = false; + }; + # The concept of a "default browser" does not apply to my NixOS config + DontCheckDefaultBrowser = true; + + EnableTrackingProtection = { + Value = true; + Locked = false; + Cryptomining = true; + Fingerprinting = true; + EmailTracking = true; + }; + + EncryptedMediaExtensions = { + # I want a _free_ config (and I can always just run another browser) + Enabled = false; + Locked = true; + }; + + ExtensionSettings = + { + "*" = { + blocked_install_message = '' + You can't install a extension manually, + please specify it in your NixOS configuration + ''; + installation_mode = "blocked"; + }; + } + // allowedExtensions + // blockedExtensions + // language_packs; + ExtensionUpdate = false; + + # TODO: Add handlers for the default file types <2023-10-21> + # Handlers = { + # }; + + HardwareAcceleration = true; + + InstallAddonsPermission = { + Allowed = []; + Default = false; + }; + + # KeepassXC and such things + OfferToSaveLogins = false; + PasswordManagerEnable = false; + + PDFjs = { + Enabled = true; + # Don't honor documents right to be un-copy-able + EnablePermissions = false; + }; + + SearchBar = "unified"; + RequestedLocales = locals; + }; +} diff --git a/hm/soispha/conf/firefox/config/prefs/default.nix b/hm/soispha/conf/firefox/config/prefs/default.nix index 6bcaf76f..80c6d274 100644 --- a/hm/soispha/conf/firefox/config/prefs/default.nix +++ b/hm/soispha/conf/firefox/config/prefs/default.nix @@ -2,11 +2,9 @@ pkgs, config, user_js, - lib, + bookmarks, ... }: let - bookmarks = import ../bookmarks; - firefoxBookmarksFile = (import ../../functions/bookmarks) {inherit lib pkgs;}; user_js_override = pkgs.writeText "user.override.js" (builtins.readFile ./override.js); in pkgs.runCommand "user.js" {} '' @@ -16,7 +14,7 @@ in cat << EOF >> $out/user.js; // My bookmarks - user_pref("browser.bookmarks.file", "${toString (firefoxBookmarksFile bookmarks)}"); + user_pref("browser.bookmarks.file", "${toString bookmarks}"); user_pref("browser.startup.homepage", "file:///home/dt/home.html"); // 0103 // TODO: add this from a flake user_pref("browser.download.dir", "${config.xdg.userDirs.download}"); EOF diff --git a/hm/soispha/conf/firefox/default.nix b/hm/soispha/conf/firefox/default.nix index d35b7256..7ebcbbb4 100644 --- a/hm/soispha/conf/firefox/default.nix +++ b/hm/soispha/conf/firefox/default.nix @@ -6,88 +6,113 @@ video_pause, ... }: let + extensions = + builtins.fromJSON (builtins.readFile + ./config/extensions/extensions.json); + userChrome = builtins.readFile ./config/chrome/userChrome.css; + bookmarks = (import ./config/bookmarks/default.nix) { + inherit + pkgs + lib + ; + }; + engines = (import ./config/search/engines) {inherit pkgs;}; - user_js_nix = (import ./config/prefs) {inherit pkgs lib config user_js;}; + native_messaging_hosts = (import ./config/extensions/native_messaging_hosts) {inherit pkgs video_pause;}; - extensions = builtins.map buildFirefoxXpiAddon ( - lib.attrValues ( - lib.importJSON ./config/extensions/extensions.json - ) - ); - engines = (import ./config/search/engines) {inherit pkgs;}; + policies = (import ./config/policies) {inherit config extensions;}; + + search = { + default = "Brave Search"; + force = true; - # source: https://gitlab.com/rycee/nur-expressions/-/blob/master/pkgs/firefox-addons/default.nix - buildFirefoxXpiAddon = (import ./functions/extensions) {inherit pkgs;}; + inherit engines; + }; - video-pauser = (import ./functions/extensions/video-pauser.nix) {inherit pkgs video_pause;}; + prefConfig = builtins.readFile "${ + (import ./config/prefs) {inherit pkgs lib config bookmarks user_js;} + }/user.js"; + # Package {{{ + package = import ./package.nix { + inherit config lib pkgs; + extraPolicies = policies; + extraNativeMessagingHosts = native_messaging_hosts; + }; + # }}} + + # Profiles {{{ profiles = { "default" = { - inherit extensions search extraConfig bookmarks userChrome; + inherit search userChrome; isDefault = true; id = 0; name = "default"; - }; - "clean" = { - isDefault = false; - id = 1; - name = "clean"; + extraConfig = prefConfig; }; }; taskwarriorProfiles = import ../taskwarrior/firefox { inherit - extensions - userChrome - extraConfig - bookmarks - search - lib config + lib + # options + + prefConfig + search + userChrome ; profile_size = builtins.length (builtins.attrNames profiles); }; - - search = { - default = "Brave Search"; - force = true; - - inherit engines; - }; - - bookmarks = []; - extraConfig = builtins.readFile "${user_js_nix}/user.js"; + # }}} in { - home.packages = [ - pkgs.tridactyl-native - ]; - home.sessionVariables = { - # improve touch input & make scrolling smother - MOZ_USE_XINPUT2 = "1"; - # improve wayland support - MOZ_ENABLE_WAYLAND = 1; - }; - xdg.mimeApps = { - enable = true; - defaultApplications = { - "text/html" = ["firefox.desktop"]; - "x-scheme-handler/http" = ["firefox.desktop"]; - "x-scheme-handler/https" = ["firefox.desktop"]; - "x-scheme-handler/about" = ["firefox.desktop"]; - "x-scheme-handler/unknown" = ["firefox.desktop"]; + options.soispha.firefox = { + package = lib.mkOption { + type = lib.types.package; + default = pkgs.firefox; + description = "Firefox package to use."; + defaultText = lib.literalExpression "pkgs.firefox"; + relatedPackages = [ + "firefox" + "firefox-beta-bin" + "firefox-bin" + "firefox-devedition-bin" + "firefox-esr" + ]; + }; + package_version = lib.mkOption { + type = lib.types.str; + default = pkgs.firefox.version; + description = "Firefox version to use"; }; }; - programs.firefox = { - enable = true; - package = pkgs.firefox-wayland.override { - extraNativeMessagingHosts = [video-pauser]; - cfg = { - enableTridactylNative = true; + + config = { + soispha.firefox.package = package; + soispha.firefox.package_version = pkgs.firefox.version; + home.sessionVariables = { + # improve touch input & make scrolling smother + MOZ_USE_XINPUT2 = "1"; + # improve wayland support + MOZ_ENABLE_WAYLAND = 1; + }; + xdg.mimeApps = { + enable = true; + defaultApplications = { + "text/html" = ["firefox.desktop"]; + "x-scheme-handler/http" = ["firefox.desktop"]; + "x-scheme-handler/https" = ["firefox.desktop"]; + "x-scheme-handler/about" = ["firefox.desktop"]; + "x-scheme-handler/unknown" = ["firefox.desktop"]; }; }; - profiles = - profiles - // taskwarriorProfiles; + programs.firefox = { + enable = true; + inherit (config.soispha.firefox) package; + profiles = + profiles + // taskwarriorProfiles; + }; }; } diff --git a/hm/soispha/conf/firefox/functions/bookmarks/default.nix b/hm/soispha/conf/firefox/functions/bookmarks/default.nix deleted file mode 100644 index d1d89dd2..00000000 --- a/hm/soispha/conf/firefox/functions/bookmarks/default.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ - lib, - pkgs, -}: bookmarks: let - indent = level: - lib.concatStringsSep "" (map (lib.const " ") (lib.range 1 level)); - - bookmarkToHTML = indentLevel: bookmark: '' - ${indent indentLevel}
${lib.escapeXML bookmark.name}''; - - directoryToHTML = indentLevel: directory: '' - ${indent indentLevel}
${ - if directory.toolbar - then ''

Bookmarks Toolbar'' - else "

${lib.escapeXML directory.name}" - }

- ${indent indentLevel}

- ${allItemsToHTML (indentLevel + 1) directory.bookmarks} - ${indent indentLevel}

''; - - itemToHTMLOrRecurse = indentLevel: item: - if item ? "url" - then bookmarkToHTML indentLevel item - else directoryToHTML indentLevel item; - - allItemsToHTML = indentLevel: bookmarks: - lib.concatStringsSep "\n" - (map (itemToHTMLOrRecurse indentLevel) bookmarks); - - bookmarkEntries = allItemsToHTML 1 bookmarks; -in - pkgs.writeText "firefox-bookmarks.html" '' - - - - Bookmarks -

Bookmarks Menu

- -

-

Bookmarks Toolbar

-

- ${bookmarkEntries} -

-

- '' diff --git a/hm/soispha/conf/firefox/functions/extensions/default.nix b/hm/soispha/conf/firefox/functions/extensions/default.nix deleted file mode 100644 index b84461c7..00000000 --- a/hm/soispha/conf/firefox/functions/extensions/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{pkgs, ...}: { - pname, - version, - addonId, - url, - sha256, - #meta, - ... -}: -pkgs.stdenv.mkDerivation { - name = "${pname}-${version}"; - - #inherit meta; - - src = builtins.fetchurl {inherit url sha256;}; - - preferLocalBuild = true; - allowSubstitutes = true; - - buildCommand = '' - dst="$out/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}" - mkdir -p "$dst" - install -v -m644 "$src" "$dst/${addonId}.xpi" - ''; -} diff --git a/hm/soispha/conf/firefox/functions/extensions/video-pauser.nix b/hm/soispha/conf/firefox/functions/extensions/video-pauser.nix deleted file mode 100644 index c4c5238f..00000000 --- a/hm/soispha/conf/firefox/functions/extensions/video-pauser.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ - pkgs, - video_pause, - ... -}: -pkgs.runCommand "video_pause_native_messaging" {} '' - install -d $out/share/ - cat << EOF > $out/share/video_pauser.json - { - "name": "video_pauser", - "description": "Pause your Videos with a single key stroke!", - "path": "${video_pause}/bin/video_pause", - "type": "stdio", - "allowed_extensions": ["video-pauser@addons.vhack.eu"] - } - EOF - - nativeMessagingPaths=( - /lib/mozilla/native-messaging-hosts - /etc/opt/chrome/native-messaging-hosts - /etc/chromium/native-messaging-hosts - /etc/vivaldi/native-messaging-hosts - /lib/librewolf/native-messaging-hosts - ) - - for manifestDir in "''${nativeMessagingPaths[@]}"; do - install -d $out$manifestDir - ln -s $out/share/video_pauser.json $out$manifestDir/ - done -'' diff --git a/hm/soispha/conf/firefox/package.nix b/hm/soispha/conf/firefox/package.nix new file mode 100644 index 00000000..8f9d09c0 --- /dev/null +++ b/hm/soispha/conf/firefox/package.nix @@ -0,0 +1,32 @@ +# taken from the NixOS Firefox module: https://github.com/NixOS/nixpkgs/blob/7c9cc5a6e5d38010801741ac830a3f8fd667a7a0/nixos/modules/programs/firefox.nix +{ + config, + lib, + pkgs, + # options + autoConfig ? "", + extraNativeMassagingHosts ? [], + wrapperConfig ? {}, + extraPolicies ? {}, + base_package ? pkgs.firefox, + ... +}: let + pkg = base_package.override (old: { + inherit extraPolicies; + extraPrefs = autoConfig; + extraNativeMessagingHosts = + old.extraNativeMessagingHosts + or [] + ++ extraNativeMassagingHosts; + cfg = let + # copy-pasted from the wrapper; TODO: figure out fix + applicationName = base_package.binaryName or (lib.getName base_package); + + oldCfg = old.cfg or {}; + nixpkgsConfig = pkgs.config.${applicationName} or {}; + optionConfig = wrapperConfig; + in + oldCfg // nixpkgsConfig // optionConfig; + }); +in + pkg diff --git a/hm/soispha/conf/taskwarrior/firefox/default.nix b/hm/soispha/conf/taskwarrior/firefox/default.nix index ff2d49d0..fb5daaa8 100644 --- a/hm/soispha/conf/taskwarrior/firefox/default.nix +++ b/hm/soispha/conf/taskwarrior/firefox/default.nix @@ -1,12 +1,11 @@ { - extensions, - userChrome, - extraConfig, - bookmarks, - search, - profile_size, - lib, config, + lib, + # options + prefConfig, + profile_size, + search, + userChrome, ... }: let inherit (config.soispha.taskwarrior.projects) projects; @@ -18,7 +17,8 @@ inherit name; value = { isDefault = false; - inherit name id extensions userChrome search bookmarks extraConfig; + extraConfig = prefConfig; + inherit id name search userChrome; }; }; projects_id = -- cgit 1.4.1