firefox: fmt

author: Minijackson <minijackson@riseup.net> 2023-02-01 18:15:04 +0100
committer: Minijackson <minijackson@riseup.net> 2023-02-03 08:51:52 +0100
commit: a878ccf4d32a1083c18408f6183c905f18023196 (patch)
tree: b9615241b613fa1da4912cd4403af0ed04082c9b
parent: b72fa47343a3a567086aada50a18a35d145b6a00 (diff)
download: nixos-config-reborn-a878ccf4d32a1083c18408f6183c905f18023196.tar.gz
nixos-config-reborn-a878ccf4d32a1083c18408f6183c905f18023196.zip
1 files changed, 257 insertions, 262 deletions
diff --git a/usecases/desktop/graphical/firefox.nix b/usecases/desktop/graphical/firefox.nix
index fe470c3..8b8ad56 100644
--- a/usecases/desktop/graphical/firefox.nix
+++ b/usecases/desktop/graphical/firefox.nix
@@ -1,295 +1,290 @@
-inputs:
+inputs: {
+  pkgs,
-{ config, lib, pkgs, ... }:
+  ...
+}: {
-{
  environment.sessionVariables = {
    # This is for programs launched via systemd, which may not have a proper
    # PATH set
    BROWSER = "/home/minijackson/.nix-profile/bin/firefox";
  };
-  home-manager.users.minijackson = { ... }:
+  home-manager.users.minijackson.programs.firefox = {
-    {
+    enable = true;
-      programs.firefox = {
+    package = pkgs.firefox.override {
-        enable = true;
+      cfg.enableBrowserpass = true;
-        package = pkgs.firefox.override {
+      extraPolicies = {
-          cfg.enableBrowserpass = true;
+        DisableAppUpdate = true;
-          extraPolicies = {
+        DisableFirefoxStudies = true;
-            DisableAppUpdate = true;
+        DisablePocket = true;
-            DisableFirefoxStudies = true;
+        DisableTelemetry = true;
-            DisablePocket = true;
+        FirefoxHome = {
-            DisableTelemetry = true;
+          Pocket = false;
-            FirefoxHome = {
+          Snippets = false;
-              Pocket = false;
-              Snippets = false;
-            };
-             UserMessaging = {
-               ExtensionRecommendations = false;
-               SkipOnboarding = true;
-             };
-          };
        };
+        UserMessaging = {
+          ExtensionRecommendations = false;
+          SkipOnboarding = true;
+        };
+      };
+    };
-        extensions = with pkgs.firefox-addons; [
+    extensions = with pkgs.firefox-addons; [
-          # Security
+      # Security
-          browserpass
+      browserpass
-          # Privacy
+      # Privacy
-          canvasblocker
+      canvasblocker
-          clearurls
+      clearurls
-          decentraleyes
+      decentraleyes
-          privacy-badger
+      privacy-badger
-          privacy-redirect
+      privacy-redirect
-          privacy-settings
+      privacy-settings
-          ublock-origin
+      ublock-origin
-          ubo-scope
+      ubo-scope
-          # Additional features
+      # Additional features
-          betterttv
+      betterttv
-          c-c-search-extension
+      c-c-search-extension
-          dark-mode-website-switcher
+      dark-mode-website-switcher
-          flagfox
+      flagfox
-          musescore-downloader
+      musescore-downloader
-          rust-search-extension
+      rust-search-extension
-          sidebery
+      sidebery
-          stylus
+      stylus
-          tournesol
+      tournesol
-          violentmonkey
+      violentmonkey
-          #firenvim
+      #firenvim
-          # Annoyances
+      # Annoyances
-          buster-captcha-solver
+      buster-captcha-solver
-          terms-of-service-didnt-read
+      terms-of-service-didnt-read
-          unpaywall
+      unpaywall
-          sponsorblock
+      sponsorblock
-          # Langs
+      # Langs
-          french-dictionary
+      french-dictionary
-        ];
+    ];
-        profiles.home-manager-default = {
+    profiles.home-manager-default = {
-          id = 0;
+      id = 0;
-          isDefault = true;
+      isDefault = true;
-          settings = {
+      settings = {
-            # == Performance ==
+        # == Performance ==
-            "gfx.webrender.all" = true;
+        "gfx.webrender.all" = true;
-            "gfx.webrender.compositor" = true;
+        "gfx.webrender.compositor" = true;
-            "gfx.webrender.enabled" = true;
+        "gfx.webrender.enabled" = true;
-            "layers.acceleration.force-enabled" = true;
+        "layers.acceleration.force-enabled" = true;
-            "media.ffmpeg.vaapi.enabled" = true;
+        "media.ffmpeg.vaapi.enabled" = true;
-            # Newtab page
+        # Newtab page
-            "browser.aboutHomeSnippets.updateUrl" = "";
+        "browser.aboutHomeSnippets.updateUrl" = "";
-            "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons" = false;
+        "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons" = false;
-            "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features" = false;
+        "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features" = false;
-            "browser.newtabpage.activity-stream.default.sites" = "";
+        "browser.newtabpage.activity-stream.default.sites" = "";
-            "browser.newtabpage.activity-stream.discoverystream.config" = "{}";
+        "browser.newtabpage.activity-stream.discoverystream.config" = "{}";
-            "browser.newtabpage.activity-stream.discoverystream.enabled" = false;
+        "browser.newtabpage.activity-stream.discoverystream.enabled" = false;
-            "browser.newtabpage.activity-stream.discoverystream.endpoints" = "";
+        "browser.newtabpage.activity-stream.discoverystream.endpoints" = "";
-            "browser.newtabpage.activity-stream.feeds.section.highlights" = false;
+        "browser.newtabpage.activity-stream.feeds.section.highlights" = false;
-            "browser.newtabpage.activity-stream.feeds.section.topstories" = false;
+        "browser.newtabpage.activity-stream.feeds.section.topstories" = false;
-            "browser.newtabpage.activity-stream.feeds.section.topstories.options" = "{}";
+        "browser.newtabpage.activity-stream.feeds.section.topstories.options" = "{}";
-            "browser.newtabpage.activity-stream.feeds.sections" = false;
+        "browser.newtabpage.activity-stream.feeds.sections" = false;
-            "browser.newtabpage.activity-stream.feeds.snippets" = false;
+        "browser.newtabpage.activity-stream.feeds.snippets" = false;
-            "browser.newtabpage.activity-stream.feeds.system.systemtick" = false;
+        "browser.newtabpage.activity-stream.feeds.system.systemtick" = false;
-            "browser.newtabpage.activity-stream.feeds.system.telemetry" = false;
+        "browser.newtabpage.activity-stream.feeds.system.telemetry" = false;
-            "browser.newtabpage.activity-stream.feeds.system.topsites" = false;
+        "browser.newtabpage.activity-stream.feeds.system.topsites" = false;
-            "browser.newtabpage.activity-stream.feeds.topsites" = false;
+        "browser.newtabpage.activity-stream.feeds.topsites" = false;
-            "browser.newtabpage.activity-stream.feeds.system.topstories" = false;
+        "browser.newtabpage.activity-stream.feeds.system.topstories" = false;
-            "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = false;
+        "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = false;
-            "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = false;
+        "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = false;
-            "browser.newtabpage.activity-stream.section.highlights.includePocket" = false;
+        "browser.newtabpage.activity-stream.section.highlights.includePocket" = false;
-            "browser.newtabpage.activity-stream.section.highlights.includeVisited" = false;
+        "browser.newtabpage.activity-stream.section.highlights.includeVisited" = false;
-            "browser.newtabpage.activity-stream.showSearch" = false;
+        "browser.newtabpage.activity-stream.showSearch" = false;
-            "services.sync.prefs.sync.browser.newtabpage.activity-stream.feeds.snippets" = false;
+        "services.sync.prefs.sync.browser.newtabpage.activity-stream.feeds.snippets" = false;
-            # == Behavior ==
+        # == Behavior ==
-            "browser.bookmarks.showMobileBookmarks" = true;
+        "browser.bookmarks.showMobileBookmarks" = true;
-            # Don't try to guess TLDs, I'm using custom ones
+        # Don't try to guess TLDs, I'm using custom ones
-            "browser.fixup.alternate.enabled" = false;
+        "browser.fixup.alternate.enabled" = false;
-            "browser.fixup.domainsuffixwhitelist.vpn" = true;
+        "browser.fixup.domainsuffixwhitelist.vpn" = true;
-            "browser.ctrlTab.recentlyUsedOrder" = false;
+        "browser.ctrlTab.recentlyUsedOrder" = false;
-            "browser.startup.page" = 3; # Restore previous session
+        "browser.startup.page" = 3; # Restore previous session
-            #"browser.startup.homepage" = "file://${homepage}";
+        #"browser.startup.homepage" = "file://${homepage}";
-            "browser.tabs.warnOnClose" = false;
+        "browser.tabs.warnOnClose" = false;
-            "reader.color_scheme" = "dark";
+        "reader.color_scheme" = "dark";
-            # Syncing
+        # Syncing
-            "services.sync.engine.addons" = false;
+        "services.sync.engine.addons" = false;
-            "services.sync.engine.addresses" = false;
+        "services.sync.engine.addresses" = false;
-            "services.sync.engine.creditcards" = false;
+        "services.sync.engine.creditcards" = false;
-            "services.sync.engine.prefs" = false;
+        "services.sync.engine.prefs" = false;
-            # Enable loading of userChrome
+        # Enable loading of userChrome
-            "toolkit.legacyUserProfileCustomizations.stylesheets" = true;
+        "toolkit.legacyUserProfileCustomizations.stylesheets" = true;
-            # == Security ==
+        # == Security ==
-            "security.pki.sha1_enforcement_level" = 1; # Completely forbid it
+        "security.pki.sha1_enforcement_level" = 1; # Completely forbid it
-            "security.ssl.treat_unsafe_negotiation_as_broken" = true;
+        "security.ssl.treat_unsafe_negotiation_as_broken" = true;
-            "network.security.esni.enabled" = true;
+        "network.security.esni.enabled" = true;
-            # HTTPS everywhere
+        # HTTPS everywhere
-            "dom.security.https_only_mode" = true;
+        "dom.security.https_only_mode" = true;
-            "dom.security.https_only_mode_ever_enabled" = true;
+        "dom.security.https_only_mode_ever_enabled" = true;
-            "dom.security.https_only_mode_ever_enabled_pbm" = true;
+        "dom.security.https_only_mode_ever_enabled_pbm" = true;
-            # == General web privacy ==
+        # == General web privacy ==
-            "beacon.enabled" = false;
+        "beacon.enabled" = false;
-            "browser.send_pings" = false;
+        "browser.send_pings" = false;
-            "browser.search.countryCode" = "US";
+        "browser.search.countryCode" = "US";
-            "browser.search.region" = "US";
+        "browser.search.region" = "US";
-            "browser.search.geoip.url" = "";
+        "browser.search.geoip.url" = "";
-            "browser.search.geoSpecificDefaults" = false;
+        "browser.search.geoSpecificDefaults" = false;
-            "camera.control.face_detection.enabled" = false;
+        "camera.control.face_detection.enabled" = false;
-            "device.sensors.enabled" = false;
+        "device.sensors.enabled" = false;
-            "dom.archivereader.enabled" = false;
+        "dom.archivereader.enabled" = false;
-            "dom.battery.enabled" = false;
+        "dom.battery.enabled" = false;
-            "dom.event.clipboardevents.enabled" = false;
+        "dom.event.clipboardevents.enabled" = false;
-            "dom.event.contextmenu.enabled" = false;
+        "dom.event.contextmenu.enabled" = false;
-            "dom.gamepad.enabled" = false;
+        "dom.gamepad.enabled" = false;
-            "dom.maxHardwareConcurrency" = 2;
+        "dom.maxHardwareConcurrency" = 2;
-            "dom.netinfo.enabled" = false;
+        "dom.netinfo.enabled" = false;
-            "dom.network.enabled" = false;
+        "dom.network.enabled" = false;
-            "dom.telephony.enabled" = false;
+        "dom.telephony.enabled" = false;
-            "dom.vr.enabled" = false;
+        "dom.vr.enabled" = false;
-            "dom.vibrator.enabled" = false;
+        "dom.vibrator.enabled" = false;
-            # User-Agent already spoofed by 'resistFingerprinting'
+        # User-Agent already spoofed by 'resistFingerprinting'
-            # Apparently doesn't work
+        # Apparently doesn't work
-            /*
+        /*
-              "general.appversion.override" = "5.0 (Windows)";
+        "general.appversion.override" = "5.0 (Windows)";
-              "general.platform.override" = "Win32";
+        "general.platform.override" = "Win32";
-              "general.oscpu.override" = "Windows NT 6.1";
+        "general.oscpu.override" = "Windows NT 6.1";
-            */
+        */
-            "geo.enabled" = false;
+        "geo.enabled" = false;
-            "geo.wifi.uri" = "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%";
+        "geo.wifi.uri" = "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%";
-            "geo.wifi.logging.enabled" = false;
+        "geo.wifi.logging.enabled" = false;
-            "intl.accept_languages" = "en-US, en";
+        "intl.accept_languages" = "en-US, en";
-            "intl.locale.matchOS" = false;
+        "intl.locale.matchOS" = false;
-            "javascript.use_us_english_locale" = true;
+        "javascript.use_us_english_locale" = true;
-            # Don't leak private IP address with WebRTC
+        # Don't leak private IP address with WebRTC
-            "media.peerconnection.ice.default_address_only" = true;
+        "media.peerconnection.ice.default_address_only" = true;
-            "media.peerconnection.ice.no_host" = true;
+        "media.peerconnection.ice.no_host" = true;
-            "media.webspeech.recognition.enable" = false;
+        "media.webspeech.recognition.enable" = false;
-            "network.cookie.cookieBehavior" = 1; # Only cookies from the originating server are allowed.
+        "network.cookie.cookieBehavior" = 1; # Only cookies from the originating server are allowed.
-            "network.cookie.thirdparty.sessionOnly" = true; # If we decide to enable them temporarily
+        "network.cookie.thirdparty.sessionOnly" = true; # If we decide to enable them temporarily
-            "network.dns.disablePrefetch" = true;
+        "network.dns.disablePrefetch" = true;
-            "network.dns.disablePrefetchFromHTTPS" = true;
+        "network.dns.disablePrefetchFromHTTPS" = true;
-            "network.http.referer.XOriginPolicy" = 2; # Send a referrer only on same-origin
-            "network.http.speculative-parallel-limit" = 0;
-            "network.IDN_show_punycode" = true;
-            "network.manage-offline-status" = false;
+        "network.http.referer.XOriginPolicy" = 2; # Send a referrer only on same-origin
-            "network.predictor.enabled" = false;
+        "network.http.speculative-parallel-limit" = 0;
-            "network.prefetch-next" = false;
-            "privacy.donottrackheader.enabled" = true;
+        "network.IDN_show_punycode" = true;
-            "privacy.resistFingerprinting" = true;
-            "privacy.resistFingerprinting.autoDeclineNoUserInputCanvasPrompts" = false;
-            "privacy.trackingprotection.enabled" = true;
-            "privacy.trackingprotection.pbmode.enabled" = true;
-            # Enable containers
-            "privacy.userContext.enabled" = true;
-            "security.fileuri.strict_origin_policy" = true;
+        "network.manage-offline-status" = false;
-            "security.mixed_content.block_active_content" = true;
-            "security.mixed_content.block_display_content" = true;
-            "webgl.min_capability_mode" = true;
+        "network.predictor.enabled" = false;
-            "webgl.disable-extensions" = true;
+        "network.prefetch-next" = false;
-            "webgl.disable-fail-if-major-performance-caveat" = true;
-            "webgl.enable-debug-renderer-info" = false;
-            # == Telemetry :( ==
+        "privacy.donottrackheader.enabled" = true;
+        "privacy.resistFingerprinting" = true;
+        "privacy.resistFingerprinting.autoDeclineNoUserInputCanvasPrompts" = false;
+        "privacy.trackingprotection.enabled" = true;
+        "privacy.trackingprotection.pbmode.enabled" = true;
+        # Enable containers
+        "privacy.userContext.enabled" = true;
-            "app.normandy.enabled" = false;
+        "security.fileuri.strict_origin_policy" = true;
-            "app.normandy.api_url" = "";
+        "security.mixed_content.block_active_content" = true;
-            "app.shield.optoutstudies.enabled" = true;
+        "security.mixed_content.block_display_content" = true;
-            "datareporting.healthreport.uploadEnabled" = false;
+        "webgl.min_capability_mode" = true;
-            "datareporting.healthreport.service.enabled" = false;
+        "webgl.disable-extensions" = true;
-            "datareporting.policy.dataSubmissionEnabled" = false;
+        "webgl.disable-fail-if-major-performance-caveat" = true;
+        "webgl.enable-debug-renderer-info" = false;
-            "extensions.shield-recipe-client.enabled" = false;
+        # == Telemetry :( ==
-            "extensions.pocket.enabled" = false;
-            "loop.logDomains" = false;
+        "app.normandy.enabled" = false;
+        "app.normandy.api_url" = "";
+        "app.shield.optoutstudies.enabled" = true;
-            "toolkit.telemetry.archive.enabled" = false;
+        "datareporting.healthreport.uploadEnabled" = false;
-            "toolkit.telemetry.enabled" = false;
+        "datareporting.healthreport.service.enabled" = false;
-            "toolkit.telemetry.unified" = false;
+        "datareporting.policy.dataSubmissionEnabled" = false;
-            # == Other Firefox privacy weirdness ==
+        "extensions.shield-recipe-client.enabled" = false;
+        "extensions.pocket.enabled" = false;
-            # Crash reporting
+        "loop.logDomains" = false;
-            "breakpad.reportURL" = "";
-            "browser.casting.enabled" = false;
+        "toolkit.telemetry.archive.enabled" = false;
-            "browser.crashReports.unsubmittedCheck.enabled" = false;
+        "toolkit.telemetry.enabled" = false;
-            "browser.discovery.enabled" = false; # Firefox add-on recommendations
+        "toolkit.telemetry.unified" = false;
-            "browser.formfill.enable" = false;
-            "browser.search.update" = false;
-            "browser.pagethumbnails.capturing_disabled" = true;
-            "browser.tabs.crashReporting.sendReport" = false;
-            "browser.uitour.enabled" = true;
-            "browser.urlbar.filter.javascript" = true;
-            "browser.urlbar.suggest.searches" = false;
-            "browser.urlbar.trimURLs" = false;
-            "browser.urlbar.suggest.quicksuggest.nonsponsored" = false;
-            "browser.urlbar.suggest.quicksuggest.sponsored" = false;
-            # Discovery of LAN/proximity IoT devices that expose a Web interface
+        # == Other Firefox privacy weirdness ==
-            "dom.flyweb.enabled" = false;
-            "experiments.supported" = false;
+        # Crash reporting
-            "experiments.enabled" = false;
+        "breakpad.reportURL" = "";
-            "experiments.manifest.uri" = false;
-            "network.allow-experiments" = false;
+        "browser.casting.enabled" = false;
-            "network.captive-portal-service.enabled" = false;
+        "browser.crashReports.unsubmittedCheck.enabled" = false;
+        "browser.discovery.enabled" = false; # Firefox add-on recommendations
+        "browser.formfill.enable" = false;
+        "browser.search.update" = false;
+        "browser.pagethumbnails.capturing_disabled" = true;
+        "browser.tabs.crashReporting.sendReport" = false;
+        "browser.uitour.enabled" = true;
+        "browser.urlbar.filter.javascript" = true;
+        "browser.urlbar.suggest.searches" = false;
+        "browser.urlbar.trimURLs" = false;
+        "browser.urlbar.suggest.quicksuggest.nonsponsored" = false;
+        "browser.urlbar.suggest.quicksuggest.sponsored" = false;
-            "plugin.state.flash" = 0;
+        # Discovery of LAN/proximity IoT devices that expose a Web interface
-            "plugin.state.java" = 0;
+        "dom.flyweb.enabled" = false;
-            "signon.rememberSignons" = false;
+        "experiments.supported" = false;
-          };
+        "experiments.enabled" = false;
+        "experiments.manifest.uri" = false;
-          # Hide tab bar
+        "network.allow-experiments" = false;
-          userChrome = ''
+        "network.captive-portal-service.enabled" = false;
-            #main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar {
-              opacity: 0;
-              pointer-events: none;
-            }
-            #main-window:not([tabsintitlebar="true"]) #TabsToolbar {
+        "plugin.state.flash" = 0;
-                visibility: collapse !important;
+        "plugin.state.java" = 0;
-            }
-          '';
-        };
+        "signon.rememberSignons" = false;
      };
+      # Hide tab bar
+      userChrome = ''
+        #main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar {
+          opacity: 0;
+          pointer-events: none;
+        }
+        #main-window:not([tabsintitlebar="true"]) #TabsToolbar {
+            visibility: collapse !important;
+        }
+      '';
    };
+  };
 }
author	Minijackson <minijackson@riseup.net>	2023-02-01 18:15:04 +0100
committer	Minijackson <minijackson@riseup.net>	2023-02-03 08:51:52 +0100
commit	a878ccf4d32a1083c18408f6183c905f18023196 (patch)
tree	b9615241b613fa1da4912cd4403af0ed04082c9b
parent	b72fa47343a3a567086aada50a18a35d145b6a00 (diff)
download	nixos-config-reborn-a878ccf4d32a1083c18408f6183c905f18023196.tar.gz nixos-config-reborn-a878ccf4d32a1083c18408f6183c905f18023196.zip

diff --git a/usecases/desktop/graphical/firefox.nix b/usecases/desktop/graphical/firefox.nix index fe470c3..8b8ad56 100644 --- a/usecases/desktop/graphical/firefox.nix +++ b/usecases/desktop/graphical/firefox.nix
@@ -1,295 +1,290 @@
1	inputs:	1	inputs: {
2		2	pkgs,
3	{ config, lib, pkgs, ... }:	3	...
4		4	}: {
5	{
6	environment.sessionVariables = {	5	environment.sessionVariables = {
7	# This is for programs launched via systemd, which may not have a proper	6	# This is for programs launched via systemd, which may not have a proper
8	# PATH set	7	# PATH set
9	BROWSER = "/home/minijackson/.nix-profile/bin/firefox";	8	BROWSER = "/home/minijackson/.nix-profile/bin/firefox";
10	};	9	};
11		10
12	home-manager.users.minijackson = { ... }:	11	home-manager.users.minijackson.programs.firefox = {
13	{	12	enable = true;
14	programs.firefox = {	13	package = pkgs.firefox.override {
15	enable = true;	14	cfg.enableBrowserpass = true;
16	package = pkgs.firefox.override {	15	extraPolicies = {
17	cfg.enableBrowserpass = true;	16	DisableAppUpdate = true;
18	extraPolicies = {	17	DisableFirefoxStudies = true;
19	DisableAppUpdate = true;	18	DisablePocket = true;
20	DisableFirefoxStudies = true;	19	DisableTelemetry = true;
21	DisablePocket = true;	20	FirefoxHome = {
22	DisableTelemetry = true;	21	Pocket = false;
23	FirefoxHome = {	22	Snippets = false;
24	Pocket = false;
25	Snippets = false;
26	};
27	UserMessaging = {
28	ExtensionRecommendations = false;
29	SkipOnboarding = true;
30	};
31	};
32	};	23	};
		24	UserMessaging = {
		25	ExtensionRecommendations = false;
		26	SkipOnboarding = true;
		27	};
		28	};
		29	};
33		30
34	extensions = with pkgs.firefox-addons; [	31	extensions = with pkgs.firefox-addons; [
35	# Security	32	# Security
36	browserpass	33	browserpass
37		34
38	# Privacy	35	# Privacy
39	canvasblocker	36	canvasblocker
40	clearurls	37	clearurls
41	decentraleyes	38	decentraleyes
42	privacy-badger	39	privacy-badger
43	privacy-redirect	40	privacy-redirect
44	privacy-settings	41	privacy-settings
45	ublock-origin	42	ublock-origin
46	ubo-scope	43	ubo-scope
47		44
48	# Additional features	45	# Additional features
49	betterttv	46	betterttv
50	c-c-search-extension	47	c-c-search-extension
51	dark-mode-website-switcher	48	dark-mode-website-switcher
52	flagfox	49	flagfox
53	musescore-downloader	50	musescore-downloader
54	rust-search-extension	51	rust-search-extension
55	sidebery	52	sidebery
56	stylus	53	stylus
57	tournesol	54	tournesol
58	violentmonkey	55	violentmonkey
59	#firenvim	56	#firenvim
60		57
61	# Annoyances	58	# Annoyances
62	buster-captcha-solver	59	buster-captcha-solver
63	terms-of-service-didnt-read	60	terms-of-service-didnt-read
64	unpaywall	61	unpaywall
65	sponsorblock	62	sponsorblock
66		63
67	# Langs	64	# Langs
68	french-dictionary	65	french-dictionary
69	];	66	];
70		67
71	profiles.home-manager-default = {	68	profiles.home-manager-default = {
72	id = 0;	69	id = 0;
73	isDefault = true;	70	isDefault = true;
74		71
75	settings = {	72	settings = {
76	# == Performance ==	73	# == Performance ==
77		74
78	"gfx.webrender.all" = true;	75	"gfx.webrender.all" = true;
79	"gfx.webrender.compositor" = true;	76	"gfx.webrender.compositor" = true;
80	"gfx.webrender.enabled" = true;	77	"gfx.webrender.enabled" = true;
81	"layers.acceleration.force-enabled" = true;	78	"layers.acceleration.force-enabled" = true;
82	"media.ffmpeg.vaapi.enabled" = true;	79	"media.ffmpeg.vaapi.enabled" = true;
83		80
84	# Newtab page	81	# Newtab page
85	"browser.aboutHomeSnippets.updateUrl" = "";	82	"browser.aboutHomeSnippets.updateUrl" = "";
86	"browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons" = false;	83	"browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons" = false;
87	"browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features" = false;	84	"browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features" = false;
88	"browser.newtabpage.activity-stream.default.sites" = "";	85	"browser.newtabpage.activity-stream.default.sites" = "";
89	"browser.newtabpage.activity-stream.discoverystream.config" = "{}";	86	"browser.newtabpage.activity-stream.discoverystream.config" = "{}";
90	"browser.newtabpage.activity-stream.discoverystream.enabled" = false;	87	"browser.newtabpage.activity-stream.discoverystream.enabled" = false;
91	"browser.newtabpage.activity-stream.discoverystream.endpoints" = "";	88	"browser.newtabpage.activity-stream.discoverystream.endpoints" = "";
92	"browser.newtabpage.activity-stream.feeds.section.highlights" = false;	89	"browser.newtabpage.activity-stream.feeds.section.highlights" = false;
93	"browser.newtabpage.activity-stream.feeds.section.topstories" = false;	90	"browser.newtabpage.activity-stream.feeds.section.topstories" = false;
94	"browser.newtabpage.activity-stream.feeds.section.topstories.options" = "{}";	91	"browser.newtabpage.activity-stream.feeds.section.topstories.options" = "{}";
95	"browser.newtabpage.activity-stream.feeds.sections" = false;	92	"browser.newtabpage.activity-stream.feeds.sections" = false;
96	"browser.newtabpage.activity-stream.feeds.snippets" = false;	93	"browser.newtabpage.activity-stream.feeds.snippets" = false;
97	"browser.newtabpage.activity-stream.feeds.system.systemtick" = false;	94	"browser.newtabpage.activity-stream.feeds.system.systemtick" = false;
98	"browser.newtabpage.activity-stream.feeds.system.telemetry" = false;	95	"browser.newtabpage.activity-stream.feeds.system.telemetry" = false;
99	"browser.newtabpage.activity-stream.feeds.system.topsites" = false;	96	"browser.newtabpage.activity-stream.feeds.system.topsites" = false;
100	"browser.newtabpage.activity-stream.feeds.topsites" = false;	97	"browser.newtabpage.activity-stream.feeds.topsites" = false;
101	"browser.newtabpage.activity-stream.feeds.system.topstories" = false;	98	"browser.newtabpage.activity-stream.feeds.system.topstories" = false;
102	"browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = false;	99	"browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = false;
103	"browser.newtabpage.activity-stream.section.highlights.includeDownloads" = false;	100	"browser.newtabpage.activity-stream.section.highlights.includeDownloads" = false;
104	"browser.newtabpage.activity-stream.section.highlights.includePocket" = false;	101	"browser.newtabpage.activity-stream.section.highlights.includePocket" = false;
105	"browser.newtabpage.activity-stream.section.highlights.includeVisited" = false;	102	"browser.newtabpage.activity-stream.section.highlights.includeVisited" = false;
106	"browser.newtabpage.activity-stream.showSearch" = false;	103	"browser.newtabpage.activity-stream.showSearch" = false;
107	"services.sync.prefs.sync.browser.newtabpage.activity-stream.feeds.snippets" = false;	104	"services.sync.prefs.sync.browser.newtabpage.activity-stream.feeds.snippets" = false;
108		105
109	# == Behavior ==	106	# == Behavior ==
110		107
111	"browser.bookmarks.showMobileBookmarks" = true;	108	"browser.bookmarks.showMobileBookmarks" = true;
112	# Don't try to guess TLDs, I'm using custom ones	109	# Don't try to guess TLDs, I'm using custom ones
113	"browser.fixup.alternate.enabled" = false;	110	"browser.fixup.alternate.enabled" = false;
114	"browser.fixup.domainsuffixwhitelist.vpn" = true;	111	"browser.fixup.domainsuffixwhitelist.vpn" = true;
115	"browser.ctrlTab.recentlyUsedOrder" = false;	112	"browser.ctrlTab.recentlyUsedOrder" = false;
116	"browser.startup.page" = 3; # Restore previous session	113	"browser.startup.page" = 3; # Restore previous session
117	#"browser.startup.homepage" = "file://${homepage}";	114	#"browser.startup.homepage" = "file://${homepage}";
118	"browser.tabs.warnOnClose" = false;	115	"browser.tabs.warnOnClose" = false;
119		116
120	"reader.color_scheme" = "dark";	117	"reader.color_scheme" = "dark";
121		118
122	# Syncing	119	# Syncing
123	"services.sync.engine.addons" = false;	120	"services.sync.engine.addons" = false;
124	"services.sync.engine.addresses" = false;	121	"services.sync.engine.addresses" = false;
125	"services.sync.engine.creditcards" = false;	122	"services.sync.engine.creditcards" = false;
126	"services.sync.engine.prefs" = false;	123	"services.sync.engine.prefs" = false;
127		124
128	# Enable loading of userChrome	125	# Enable loading of userChrome
129	"toolkit.legacyUserProfileCustomizations.stylesheets" = true;	126	"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
130		127
131	# == Security ==	128	# == Security ==
132		129
133	"security.pki.sha1_enforcement_level" = 1; # Completely forbid it	130	"security.pki.sha1_enforcement_level" = 1; # Completely forbid it
134	"security.ssl.treat_unsafe_negotiation_as_broken" = true;	131	"security.ssl.treat_unsafe_negotiation_as_broken" = true;
135	"network.security.esni.enabled" = true;	132	"network.security.esni.enabled" = true;
136		133
137	# HTTPS everywhere	134	# HTTPS everywhere
138	"dom.security.https_only_mode" = true;	135	"dom.security.https_only_mode" = true;
139	"dom.security.https_only_mode_ever_enabled" = true;	136	"dom.security.https_only_mode_ever_enabled" = true;
140	"dom.security.https_only_mode_ever_enabled_pbm" = true;	137	"dom.security.https_only_mode_ever_enabled_pbm" = true;
141		138
142	# == General web privacy ==	139	# == General web privacy ==
143		140
144	"beacon.enabled" = false;	141	"beacon.enabled" = false;
145		142
146	"browser.send_pings" = false;	143	"browser.send_pings" = false;
147		144
148	"browser.search.countryCode" = "US";	145	"browser.search.countryCode" = "US";
149	"browser.search.region" = "US";	146	"browser.search.region" = "US";
150	"browser.search.geoip.url" = "";	147	"browser.search.geoip.url" = "";
151	"browser.search.geoSpecificDefaults" = false;	148	"browser.search.geoSpecificDefaults" = false;
152		149
153	"camera.control.face_detection.enabled" = false;	150	"camera.control.face_detection.enabled" = false;
154		151
155	"device.sensors.enabled" = false;	152	"device.sensors.enabled" = false;
156		153
157	"dom.archivereader.enabled" = false;	154	"dom.archivereader.enabled" = false;
158	"dom.battery.enabled" = false;	155	"dom.battery.enabled" = false;
159	"dom.event.clipboardevents.enabled" = false;	156	"dom.event.clipboardevents.enabled" = false;
160	"dom.event.contextmenu.enabled" = false;	157	"dom.event.contextmenu.enabled" = false;
161	"dom.gamepad.enabled" = false;	158	"dom.gamepad.enabled" = false;
162	"dom.maxHardwareConcurrency" = 2;	159	"dom.maxHardwareConcurrency" = 2;
163	"dom.netinfo.enabled" = false;	160	"dom.netinfo.enabled" = false;
164	"dom.network.enabled" = false;	161	"dom.network.enabled" = false;
165	"dom.telephony.enabled" = false;	162	"dom.telephony.enabled" = false;
166	"dom.vr.enabled" = false;	163	"dom.vr.enabled" = false;
167	"dom.vibrator.enabled" = false;	164	"dom.vibrator.enabled" = false;
168		165
169	# User-Agent already spoofed by 'resistFingerprinting'	166	# User-Agent already spoofed by 'resistFingerprinting'
170	# Apparently doesn't work	167	# Apparently doesn't work
171	/*	168	/*
172	"general.appversion.override" = "5.0 (Windows)";	169	"general.appversion.override" = "5.0 (Windows)";
173	"general.platform.override" = "Win32";	170	"general.platform.override" = "Win32";
174	"general.oscpu.override" = "Windows NT 6.1";	171	"general.oscpu.override" = "Windows NT 6.1";
175	*/	172	*/
176		173
177	"geo.enabled" = false;	174	"geo.enabled" = false;
178	"geo.wifi.uri" = "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%";	175	"geo.wifi.uri" = "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%";
179	"geo.wifi.logging.enabled" = false;	176	"geo.wifi.logging.enabled" = false;
180		177
181	"intl.accept_languages" = "en-US, en";	178	"intl.accept_languages" = "en-US, en";
182	"intl.locale.matchOS" = false;	179	"intl.locale.matchOS" = false;
183		180
184	"javascript.use_us_english_locale" = true;	181	"javascript.use_us_english_locale" = true;
185		182
186	# Don't leak private IP address with WebRTC	183	# Don't leak private IP address with WebRTC
187	"media.peerconnection.ice.default_address_only" = true;	184	"media.peerconnection.ice.default_address_only" = true;
188	"media.peerconnection.ice.no_host" = true;	185	"media.peerconnection.ice.no_host" = true;
189		186
190	"media.webspeech.recognition.enable" = false;	187	"media.webspeech.recognition.enable" = false;
191		188
192	"network.cookie.cookieBehavior" = 1; # Only cookies from the originating server are allowed.	189	"network.cookie.cookieBehavior" = 1; # Only cookies from the originating server are allowed.
193	"network.cookie.thirdparty.sessionOnly" = true; # If we decide to enable them temporarily	190	"network.cookie.thirdparty.sessionOnly" = true; # If we decide to enable them temporarily
194		191
195	"network.dns.disablePrefetch" = true;	192	"network.dns.disablePrefetch" = true;
196	"network.dns.disablePrefetchFromHTTPS" = true;	193	"network.dns.disablePrefetchFromHTTPS" = true;
197
198	"network.http.referer.XOriginPolicy" = 2; # Send a referrer only on same-origin
199
200	"network.http.speculative-parallel-limit" = 0;
201
202	"network.IDN_show_punycode" = true;
203		194
204	"network.manage-offline-status" = false;	195	"network.http.referer.XOriginPolicy" = 2; # Send a referrer only on same-origin
205		196
206	"network.predictor.enabled" = false;	197	"network.http.speculative-parallel-limit" = 0;
207	"network.prefetch-next" = false;
208		198
209	"privacy.donottrackheader.enabled" = true;	199	"network.IDN_show_punycode" = true;
210	"privacy.resistFingerprinting" = true;
211	"privacy.resistFingerprinting.autoDeclineNoUserInputCanvasPrompts" = false;
212	"privacy.trackingprotection.enabled" = true;
213	"privacy.trackingprotection.pbmode.enabled" = true;
214	# Enable containers
215	"privacy.userContext.enabled" = true;
216		200
217	"security.fileuri.strict_origin_policy" = true;	201	"network.manage-offline-status" = false;
218	"security.mixed_content.block_active_content" = true;
219	"security.mixed_content.block_display_content" = true;
220		202
221	"webgl.min_capability_mode" = true;	203	"network.predictor.enabled" = false;
222	"webgl.disable-extensions" = true;	204	"network.prefetch-next" = false;
223	"webgl.disable-fail-if-major-performance-caveat" = true;
224	"webgl.enable-debug-renderer-info" = false;
225		205
226	# == Telemetry :( ==	206	"privacy.donottrackheader.enabled" = true;
		207	"privacy.resistFingerprinting" = true;
		208	"privacy.resistFingerprinting.autoDeclineNoUserInputCanvasPrompts" = false;
		209	"privacy.trackingprotection.enabled" = true;
		210	"privacy.trackingprotection.pbmode.enabled" = true;
		211	# Enable containers
		212	"privacy.userContext.enabled" = true;
227		213
228	"app.normandy.enabled" = false;	214	"security.fileuri.strict_origin_policy" = true;
229	"app.normandy.api_url" = "";	215	"security.mixed_content.block_active_content" = true;
230	"app.shield.optoutstudies.enabled" = true;	216	"security.mixed_content.block_display_content" = true;
231		217
232	"datareporting.healthreport.uploadEnabled" = false;	218	"webgl.min_capability_mode" = true;
233	"datareporting.healthreport.service.enabled" = false;	219	"webgl.disable-extensions" = true;
234	"datareporting.policy.dataSubmissionEnabled" = false;	220	"webgl.disable-fail-if-major-performance-caveat" = true;
		221	"webgl.enable-debug-renderer-info" = false;
235		222
236	"extensions.shield-recipe-client.enabled" = false;	223	# == Telemetry :( ==
237	"extensions.pocket.enabled" = false;
238		224
239	"loop.logDomains" = false;	225	"app.normandy.enabled" = false;
		226	"app.normandy.api_url" = "";
		227	"app.shield.optoutstudies.enabled" = true;
240		228
241	"toolkit.telemetry.archive.enabled" = false;	229	"datareporting.healthreport.uploadEnabled" = false;
242	"toolkit.telemetry.enabled" = false;	230	"datareporting.healthreport.service.enabled" = false;
243	"toolkit.telemetry.unified" = false;	231	"datareporting.policy.dataSubmissionEnabled" = false;
244		232
245	# == Other Firefox privacy weirdness ==	233	"extensions.shield-recipe-client.enabled" = false;
		234	"extensions.pocket.enabled" = false;
246		235
247	# Crash reporting	236	"loop.logDomains" = false;
248	"breakpad.reportURL" = "";
249		237
250	"browser.casting.enabled" = false;	238	"toolkit.telemetry.archive.enabled" = false;
251	"browser.crashReports.unsubmittedCheck.enabled" = false;	239	"toolkit.telemetry.enabled" = false;
252	"browser.discovery.enabled" = false; # Firefox add-on recommendations	240	"toolkit.telemetry.unified" = false;
253	"browser.formfill.enable" = false;
254	"browser.search.update" = false;
255	"browser.pagethumbnails.capturing_disabled" = true;
256	"browser.tabs.crashReporting.sendReport" = false;
257	"browser.uitour.enabled" = true;
258	"browser.urlbar.filter.javascript" = true;
259	"browser.urlbar.suggest.searches" = false;
260	"browser.urlbar.trimURLs" = false;
261	"browser.urlbar.suggest.quicksuggest.nonsponsored" = false;
262	"browser.urlbar.suggest.quicksuggest.sponsored" = false;
263		241
264	# Discovery of LAN/proximity IoT devices that expose a Web interface	242	# == Other Firefox privacy weirdness ==
265	"dom.flyweb.enabled" = false;
266		243
267	"experiments.supported" = false;	244	# Crash reporting
268	"experiments.enabled" = false;	245	"breakpad.reportURL" = "";
269	"experiments.manifest.uri" = false;
270		246
271	"network.allow-experiments" = false;	247	"browser.casting.enabled" = false;
272	"network.captive-portal-service.enabled" = false;	248	"browser.crashReports.unsubmittedCheck.enabled" = false;
		249	"browser.discovery.enabled" = false; # Firefox add-on recommendations
		250	"browser.formfill.enable" = false;
		251	"browser.search.update" = false;
		252	"browser.pagethumbnails.capturing_disabled" = true;
		253	"browser.tabs.crashReporting.sendReport" = false;
		254	"browser.uitour.enabled" = true;
		255	"browser.urlbar.filter.javascript" = true;
		256	"browser.urlbar.suggest.searches" = false;
		257	"browser.urlbar.trimURLs" = false;
		258	"browser.urlbar.suggest.quicksuggest.nonsponsored" = false;
		259	"browser.urlbar.suggest.quicksuggest.sponsored" = false;
273		260
274	"plugin.state.flash" = 0;	261	# Discovery of LAN/proximity IoT devices that expose a Web interface
275	"plugin.state.java" = 0;	262	"dom.flyweb.enabled" = false;
276		263
277	"signon.rememberSignons" = false;	264	"experiments.supported" = false;
278	};	265	"experiments.enabled" = false;
		266	"experiments.manifest.uri" = false;
279		267
280	# Hide tab bar	268	"network.allow-experiments" = false;
281	userChrome = ''	269	"network.captive-portal-service.enabled" = false;
282	#main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar {
283	opacity: 0;
284	pointer-events: none;
285	}
286		270
287	#main-window:not([tabsintitlebar="true"]) #TabsToolbar {	271	"plugin.state.flash" = 0;
288	visibility: collapse !important;	272	"plugin.state.java" = 0;
289	}
290	'';
291		273
292	};	274	"signon.rememberSignons" = false;
293	};	275	};
		276
		277	# Hide tab bar
		278	userChrome = ''
		279	#main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar {
		280	opacity: 0;
		281	pointer-events: none;
		282	}
		283
		284	#main-window:not([tabsintitlebar="true"]) #TabsToolbar {
		285	visibility: collapse !important;
		286	}
		287	'';
294	};	288	};
		289	};
295	}	290	}