nix: added a policy for firefox

2025-05-03 16:15:58 +10:00 · 2025-05-03 16:15:58 +10:00 · 01fae1a1e0
commit 01fae1a1e0
parent ef92d7870c
1 changed files with 97 additions and 2 deletions
--- a/modules/firefox.nix
+++ b/modules/firefox.nix
@ -1,7 +1,102 @@
 { config, lib, pkgs, ... }:

 {
-  programs.firefox = {
-    enable = true;
+  programs.firefox.enable = true;
+  programs.firefox.policies = {
+    ExtensionSettings = {
+      "uBlock0@raymondhill.net" = {
+        installation_mode = "force_installed";
+        install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
+      };
+      "@testpilot-containers" = {
+        installation_mode = "force_installed";
+        install_url = "https://addons.mozilla.org/firefox/downloads/latest/multi-account-containers/latest.xpi";
+      };
+      "addon@darkreader.org" = {
+        installation_mode = "force_installed";
+        install_url = "https://addons.mozilla.org/firefox/downloads/latest/darkreader/latest.xpi";
+      };
+      "{7b5c3b96-01b3-48d8-a019-cdc24c31befb}" = {
+        installation_mode = "force_installed";
+        install_url = "https://addons.mozilla.org/firefox/downloads/latest/temporarytabcontainer/latest.xpi";
+      };
+      "keepassxc-browser@keepassxc.org" = {
+        installation_mode = "force_installed";
+        install_url = "https://addons.mozilla.org/firefox/downloads/latest/keepassxc-browser/latest.xpi";
+      };
+    };
+
+    # Privacy & Security
+    DisableTelemetry = true;
+    DisableFirefoxStudies = true;
+    DisableFirefoxAccounts = true;
+    DisableSecurityBypass.InvalidCertificate = true;
+    DisableSecurityBypass.SafeBrowsing = true;
+
+    EnableTrackingProtection.Value = true;
+    EnableTrackingProtection.Locked = true;
+    EnableTrackingProtection.Cryptomining = true;
+    EnableTrackingProtection.FingerPrinting = true;
+
+    HttpsOnlyMode = "force_enabled";
+    PostQuantumKeyAgreementEnabled = true;
+    DNSOverHTTPS.Enabled = true;
+    DNSOverHTTPS.ProviderURL = "https://mozilla.cloudflare-dns.com/dns-query";
+    DNSOverHTTPS.Locked = true;
+    DNSOverHTTPS.Fallback = true;
+
+    NetworkPrediction = false;
+    SearchSuggestEnabled = false;
+    FirefoxSuggest.WebSuggestions = false;
+    FirefoxSuggest.SponsoredSuggestions = false;
+    FirefoxSuggest.ImproveSuggest = false;
+    FirefoxSuggest.Locked = false;
+
+    SanitizeOnShutdown.Cache = true;
+    SanitizeOnShutdown.History = true;
+    
+    # Cosmetic
+    DisplayBookmarksToolbar = "newtab";
+    DisplayMenuBar = "never";
+    ShowHomeButton = false;
+
+    NewTabPage = false;
+    Homepage.URL = "about:blank";
+    Homepage.Locked = true;
+
+    NoDefaultBookmarks = true;
+
+    # Containers
+    Containers = {
+      Default = [
+        {
+          name = "personal";
+          icon = "fingerprint";
+          color = "blue";
+        }
+        {
+          name = "nico";
+          icon = "vacation";
+          color = "red";
+        }
+        {
+          name = "work";
+          icon = "briefcase";
+          color = "green";
+        }
+      ];
+    };
+
+    # Autofill
+    PasswordManagerEnabled = false;
+    OfferToSaveLogins = false;
+    AutofillAddressEnabled = false;
+    AutofillCreditCardEnabled = false;
+    DisableFormHistory = true;
+
+    # Other
+    DontCheckDefaultBrowser = true;
+    DisableMasterPasswordCreation = true;
+    DisableProfileImport = true;
  };
 }