{ config, nixosConfig, pkgs, lib, ... }:
with lib;
let
firefox-addons = pkgs.nur.repos.rycee.firefox-addons;
prefer-dark-theme =
config.gtk.gtk3.extraConfig.gtk-application-prefer-dark-theme;
sharedSettings = {
# Privacy & Security Improvements
"browser.contentblocking.category" = "strict";
"browser.urlbar.speculativeConnect.enabled" = false;
"dom.security.https_only_mode" = true;
"media.eme.enabled" = false; # disables DRM
# causes CORS error on waves.exchange when set to 2
"network.http.referer.XOriginPolicy" = 1;
"network.http.referer.XOriginTrimmingPolicy" = 2;
"network.IDN_show_punycode" = true;
# forces ui.systemUsesDarkTheme to false
# "privacy.resistFingerprinting" = true;
# "webgl.disabled" = true;
# Disable DNS over HTTPS (done system-wide)
"network.trr.mode" = 5;
# Theme
"browser.theme.toolbar-theme" = 0;
"ui.systemUsesDarkTheme" = prefer-dark-theme;
"extensions.activeThemeID" = concatStrings [
"firefox-compact-"
(if prefer-dark-theme then "dark" else "light")
"@mozilla.org"
];
"devtools.theme" = if prefer-dark-theme then "dark" else "light";
# i18n
"intl.accept_languages" = "en-GB, en";
"intl.regional_prefs.use_os_locales" = true;
# dev tools
"devtools.inspector.color-scheme-simulation.enabled" = true;
"devtools.inspector.showAllAnonymousContent" = true;
# Other
"browser.startup.page" = 3;
"browser.toolbars.bookmarks.visibility" = "newtab";
"browser.tabs.drawInTitlebar" = true;
"browser.aboutConfig.showWarning" = false;
"signon.rememberSignons" = false;
"services.sync.engine.passwords" = false;
"browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons" = false;
"browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features" =
false;
"browser.newtabpage.activity-stream.feeds.snippets" = false;
"extensions.update.enabled" = false;
"extensions.update.autoUpdateDefault" = false;
} // optionalAttrs nixosConfig.services.mullvad-vpn.enable {
# Mullvad SOCKS proxy
"network.proxy.type" = 1;
"network.proxy.socks" = "10.64.0.1";
"network.proxy.socks_port" = 1080;
"network.proxy.socks_remote_dns" = true;
"network.proxy.no_proxies_on" = "192.168.1.1/24";
};
in {
programs.firefox = {
enable = true;
package = with pkgs; wrapFirefox firefox-unwrapped { forceWayland = true; };
profiles = {
private = {
id = 0;
settings = sharedSettings;
};
work = {
id = 1;
settings = sharedSettings;
};
};
extensions = with firefox-addons; [
ublock-origin
terms-of-service-didnt-read
vimium
ipfs-companion
bitwarden
darkreader
languagetool
metamask
privacy-redirect
to-deepl
# not available yet:
# google-lighthouse
];
};
home.packages = let
makeFirefoxProfileBin = args@{ profile, ... }:
let
name = "firefox-${profile}";
scriptBin = pkgs.writeScriptBin name ''
firefox -P "${profile}" --name="${name}" $@
'';
desktopFile = pkgs.makeDesktopItem ((removeAttrs args [ "profile" ])
// {
inherit name;
exec = "${scriptBin}/bin/${name} %U";
extraConfig.StartupWMClass = name;
genericName = "Web Browser";
mimeTypes = [
"text/html"
"text/xml"
"application/xhtml+xml"
"application/vnd.mozilla.xul+xml"
"x-scheme-handler/http"
"x-scheme-handler/https"
];
categories = [ "Network" "WebBrowser" ];
});
in pkgs.runCommand name { } ''
mkdir -p $out/{bin,share}
cp -r ${scriptBin}/bin/${name} $out/bin/${name}
cp -r ${desktopFile}/share/applications $out/share/applications
'';
in with pkgs; [
(tor-browser-bundle-bin.override { pulseaudioSupport = true; })
(makeFirefoxProfileBin {
profile = "work";
desktopName = "Firefox (Work)";
icon = "firefox";
})
];
}