nixos-conf/program-config-files/firefox.nix

{ config, pkgs, ... }:
let
  lock-false = {
    Value = false;
    Status = "locked";
  };
  lock-true = {
    Value = true;
    Status = "locked";
  };
in
{
  programs.firefox = {
    enable = true;

    # AutoConfig used for preferences not supported via policies
    autoConfig = ''
      lockPref("full-screen-api.warning.timeout", 500)
      lockPref("privacy.fingerprintingProtection", true)
      lockPref("privacy.donottrackheader.enabled", true)
    '';

    # ---- POLICIES ----
    # Check about:policies#documentation for options.
    policies = {
      # ---- EXTENSIONS ----
      # Check about:support for extension/add-on ID strings.
      # Valid strings for installation_mode are "allowed", "blocked",
      # "force_installed" and "normal_installed".
      ExtensionSettings = {
        "*".installation_mode = "blocked";
        "{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
          install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
          installation_mode = "force_installed";
        };
      };

      AutofillAddressEnabled = false;
      AutofillCreditCardEnabled = false;
      DisableFirefoxStudies = true;
      DisableFormHistory = true;
      DisablePocket = true;
      DisableSecurityBypass = false;
      DisableTelemetry = true;
      DisplayBookmarksToolbar = "never"; # alternatives: "always" or "newtab"
      DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on"
      DontCheckDefaultBrowser = true;
      DownloadDirectory = "\${home}/Downloads";
      EnableTrackingProtection = {
        Value = true;
        Locked = true;
        Cryptomining = true;
        Fingerprinting = true;
        EmailTracking = true;
      };
      FirefoxHome = {
        Locked = true;
        Search = true;
        TopSites = true;
        SponsoredTopSites = false;
        Highlights = false;
        Pocket = false;
        SponsoredPocket = false;
      };
      FirefoxSuggest = {
        Locked = true;
        WebSuggestions = false;
        SponsoredSuggestions = false;
        ImproveSuggest = false;
      };
      HardwareAccelerations = true;
      Homepage = {
        Locked = true;
        URL = "https://www.google.com/";
        StartPage = "previous-session";
      };
      HttpsOnlyMode = "force_enabled";
      NetworkPrediction = false;
      NoDefaultBookmarks = true;
      OverrideFirstRunPage = "";
      OverridePostUpdatePage = "";
      PasswordManagerEnabled = false;
      Permissions = {
        Camera = {
          Allow = [ ];
          Block = [ ];
          BlockNewRequests = false;
          Locked = true;
        };
        Microphone = {
          Allow = [ ];
          Block = [ ];
          BlockNewRequests = false;
          Locked = true;
        };
        Location = {
          Allow = [ ];
          Block = [ ];
          BlockNewRequests = false;
          Locked = true;
        };
        Notifications = {
          Allow = [ ];
          Block = [ ];
          BlockNewRequests = false;
          Locked = true;
        };
        Autoplay = {
          Allow = [ ];
          Block = [ ];
          BlockNewRequests = false;
          Default = "block-audio-video";
          Locked = true;
        };
      };
      PictureInPicture = {
        Enabled = true;
        Locked = true;
      };
      PopupBlocking = {
        Allow = [ ];
        Default = true;
        Locked = true;
      };
      PostQuantumKeyAgreementEnabled = true;
      PrimaryPassword = false;
      PrintingEnabled = true;
      PromptForDownloadLocation = false;
      RequestedLocales = [ "en-US" ];
      SearchBar = "unified"; # alternative: "separate"
      SearchEngines.PreventInstalls = true;
      SearchSuggestEnabled = false;
      UserMessaging = {
        Locked = true;
        ExtensionRecommendations = true;
        FeatureRecommendations = false;
        UrlbarInterventions = false;
        SkipOnboarding = true;
        MoreFromMozilla = false;
      };
      UseSystemPrintDialog = true;

      # ---- PREFERENCES ----
      # Check about:config for options.
      Preferences = {
        "browser.contentblocking.category" = {
          Value = "strict";
          Status = "locked";
        };
        "browser.safebrowsing.downloads.enabled" = lock-true;
        "browser.safebrowsing.downloads.remote.block_potentially_unwanted" = lock-true;
        "browser.safebrowsing.downloads.remote.block_uncommon" = lock-true;
        "browser.safebrowsing.malware.enabled" = lock-true;
        "browser.safebrowsing.phishing.enabled" = lock-true;
        "browser.crashReports.unsubmittedCheck.autoSubmit2" = lock-false;
        "browser.topsites.contile.enabled" = lock-false;
        "browser.translations.automaticallyPopup" = lock-false;
        "dom.private-attribution.submission.enabled" = lock-false;
        "media.ffmpeg.vaapi.enabled" = lock-true;
        "privacy.globalprivacycontrol.enabled" = lock-true;
        "xpinstall.whitelist.required" = lock-true;
        "network.trr.mode" = {
          Value = 0;
          Status = "locked";
        };
        "security.OCSP.enabled" = {
          Value = 1;
          Status = "locked";
        };
      };
    };
  };
}
Move firefox conf to separate file, as it will get longer soon 2024-07-20 17:41:18 +03:00			`{ config, pkgs, ... }:`
Initial Firefox Nixification 2024-07-31 20:41:32 +03:00			`let`
			`lock-false = {`
			`Value = false;`
			`Status = "locked";`
			`};`
			`lock-true = {`
			`Value = true;`
			`Status = "locked";`
			`};`
			`in`
Move firefox conf to separate file, as it will get longer soon 2024-07-20 17:41:18 +03:00			`{`
			`programs.firefox = {`
			`enable = true;`
Finalize firefox conf for now 2024-07-31 22:39:03 +03:00
			`# AutoConfig used for preferences not supported via policies`
			`autoConfig = ''`
			`lockPref("full-screen-api.warning.timeout", 500)`
			`lockPref("privacy.fingerprintingProtection", true)`
			`lockPref("privacy.donottrackheader.enabled", true)`
			`'';`
Initial Firefox Nixification 2024-07-31 20:41:32 +03:00
			`# ---- POLICIES ----`
			`# Check about:policies#documentation for options.`
Move firefox conf to separate file, as it will get longer soon 2024-07-20 17:41:18 +03:00			`policies = {`
Initial Firefox Nixification 2024-07-31 20:41:32 +03:00			`# ---- EXTENSIONS ----`
			`# Check about:support for extension/add-on ID strings.`
			`# Valid strings for installation_mode are "allowed", "blocked",`
			`# "force_installed" and "normal_installed".`
Move firefox conf to separate file, as it will get longer soon 2024-07-20 17:41:18 +03:00			`ExtensionSettings = {`
			`"*".installation_mode = "blocked";`
			`"{446900e4-71c2-419f-a6a7-df9c091e268b}" = {`
			`install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";`
			`installation_mode = "force_installed";`
			`};`
			`};`
Initial Firefox Nixification 2024-07-31 20:41:32 +03:00
Refine firefox nix config 2024-07-31 21:43:45 +03:00			`AutofillAddressEnabled = false;`
			`AutofillCreditCardEnabled = false;`
Initial Firefox Nixification 2024-07-31 20:41:32 +03:00			`DisableFirefoxStudies = true;`
			`DisableFormHistory = true;`
			`DisablePocket = true;`
Finalize firefox conf for now 2024-07-31 22:39:03 +03:00			`DisableSecurityBypass = false;`
Initial Firefox Nixification 2024-07-31 20:41:32 +03:00			`DisableTelemetry = true;`
			`DisplayBookmarksToolbar = "never"; # alternatives: "always" or "newtab"`
			`DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on"`
			`DontCheckDefaultBrowser = true;`
			`DownloadDirectory = "\${home}/Downloads";`
			`EnableTrackingProtection = {`
			`Value = true;`
			`Locked = true;`
			`Cryptomining = true;`
			`Fingerprinting = true;`
			`EmailTracking = true;`
			`};`
			`FirefoxHome = {`
			`Locked = true;`
			`Search = true;`
			`TopSites = true;`
			`SponsoredTopSites = false;`
			`Highlights = false;`
			`Pocket = false;`
			`SponsoredPocket = false;`
			`};`
			`FirefoxSuggest = {`
			`Locked = true;`
			`WebSuggestions = false;`
			`SponsoredSuggestions = false;`
			`ImproveSuggest = false;`
			`};`
			`HardwareAccelerations = true;`
			`Homepage = {`
			`Locked = true;`
			`URL = "https://www.google.com/";`
			`StartPage = "previous-session";`
			`};`
			`HttpsOnlyMode = "force_enabled";`
			`NetworkPrediction = false;`
			`NoDefaultBookmarks = true;`
			`OverrideFirstRunPage = "";`
			`OverridePostUpdatePage = "";`
			`PasswordManagerEnabled = false;`
			`Permissions = {`
			`Camera = {`
			`Allow = [ ];`
			`Block = [ ];`
			`BlockNewRequests = false;`
			`Locked = true;`
			`};`
			`Microphone = {`
			`Allow = [ ];`
			`Block = [ ];`
			`BlockNewRequests = false;`
			`Locked = true;`
			`};`
			`Location = {`
			`Allow = [ ];`
			`Block = [ ];`
			`BlockNewRequests = false;`
			`Locked = true;`
			`};`
			`Notifications = {`
			`Allow = [ ];`
			`Block = [ ];`
			`BlockNewRequests = false;`
			`Locked = true;`
			`};`
			`Autoplay = {`
			`Allow = [ ];`
			`Block = [ ];`
			`BlockNewRequests = false;`
			`Default = "block-audio-video";`
			`Locked = true;`
			`};`
			`};`
			`PictureInPicture = {`
			`Enabled = true;`
			`Locked = true;`
			`};`
			`PopupBlocking = {`
			`Allow = [ ];`
Refine firefox nix config 2024-07-31 21:43:45 +03:00			`Default = true;`
Initial Firefox Nixification 2024-07-31 20:41:32 +03:00			`Locked = true;`
			`};`
			`PostQuantumKeyAgreementEnabled = true;`
			`PrimaryPassword = false;`
			`PrintingEnabled = true;`
			`PromptForDownloadLocation = false;`
			`RequestedLocales = [ "en-US" ];`
			`SearchBar = "unified"; # alternative: "separate"`
			`SearchEngines.PreventInstalls = true;`
			`SearchSuggestEnabled = false;`
			`UserMessaging = {`
			`Locked = true;`
			`ExtensionRecommendations = true;`
			`FeatureRecommendations = false;`
			`UrlbarInterventions = false;`
			`SkipOnboarding = true;`
			`MoreFromMozilla = false;`
			`};`
			`UseSystemPrintDialog = true;`

			`# ---- PREFERENCES ----`
			`# Check about:config for options.`
			`Preferences = {`
			`"browser.contentblocking.category" = {`
			`Value = "strict";`
			`Status = "locked";`
			`};`
Finalize firefox conf for now 2024-07-31 22:39:03 +03:00			`"browser.safebrowsing.downloads.enabled" = lock-true;`
			`"browser.safebrowsing.downloads.remote.block_potentially_unwanted" = lock-true;`
			`"browser.safebrowsing.downloads.remote.block_uncommon" = lock-true;`
			`"browser.safebrowsing.malware.enabled" = lock-true;`
			`"browser.safebrowsing.phishing.enabled" = lock-true;`
			`"browser.crashReports.unsubmittedCheck.autoSubmit2" = lock-false;`
Initial Firefox Nixification 2024-07-31 20:41:32 +03:00			`"browser.topsites.contile.enabled" = lock-false;`
			`"browser.translations.automaticallyPopup" = lock-false;`
Add privacy setting to firefox 2024-07-31 22:56:12 +03:00			`"dom.private-attribution.submission.enabled" = lock-false;`
Initial Firefox Nixification 2024-07-31 20:41:32 +03:00			`"media.ffmpeg.vaapi.enabled" = lock-true;`
Finalize firefox conf for now 2024-07-31 22:39:03 +03:00			`"privacy.globalprivacycontrol.enabled" = lock-true;`
			`"xpinstall.whitelist.required" = lock-true;`
			`"network.trr.mode" = {`
			`Value = 0;`
			`Status = "locked";`
			`};`
			`"security.OCSP.enabled" = {`
			`Value = 1;`
Initial Firefox Nixification 2024-07-31 20:41:32 +03:00			`Status = "locked";`
			`};`
			`};`
Move firefox conf to separate file, as it will get longer soon 2024-07-20 17:41:18 +03:00			`};`
			`};`
			`}`