diff --git a/modules/apps/internet.nix b/modules/apps/internet.nix index f182404..f4d4050 100644 --- a/modules/apps/internet.nix +++ b/modules/apps/internet.nix @@ -32,85 +32,7 @@ in { options.my.apps.internet.enable = lib.mkEnableOption "enable"; config = lib.mkIf config.my.apps.internet.enable { - home-manager.users.jawz.programs.librewolf = { - enable = true; - languagePacks = [ - "en-CA" - "es-MX" - "it" - ]; - policies.DisabledFirefoxAccounts = false; - profiles.jawz = { - id = 0; - name = "jawz"; - path = "jawz"; - settings = { - # Enable custom userChrome.css (for GNOME theme) - "toolkit.legacyUserProfileCustomizations.stylesheets" = true; - # Enables Firefox GNOME Theme SVG icons - "svg.context-properties.content.enabled" = true; - # GNOME theme refinements - "gnomeTheme.hideSingleTab" = true; - "gnomeTheme.bookmarksToolbarUnderTabs" = true; - "gnomeTheme.allTabsButtonOnOverflow" = true; - # Normal UI density - "browser.uidensity" = 0; - "browser.toolbars.bookmarks.visibility" = "never"; - "general.autoScroll" = true; - # Tabs - "browser.sessionstore.resume_from_crash" = true; - "browser.sessionstore.max_tabs_undo" = 50; - "browser.startup.page" = 3; - # DRM - "media.eme.enabled" = true; - # Prevents private windows from using dark theme - "browser.theme.dark-private-windows" = false; - # Enables rounded corners on the main window - "widget.gtk.rounded-bottom-corners.enabled" = true; - # General privacy & fingerprinting - "privacy.sanitize.sanitizeOnShutdown" = false; - "privacy.clearOnShutdown_v2.browsingHistoryAndDownloads" = false; - "privacy.resistFingerprinting" = false; # You explicitly disabled this - "privacy.fingerprintingProtection" = true; - "privacy.query_stripping.enabled" = true; - "privacy.query_stripping.enabled.pbmode" = true; - "privacy.trackingprotection.enabled" = true; - "privacy.trackingprotection.socialtracking.enabled" = true; - "privacy.trackingprotection.emailtracking.enabled" = true; - "privacy.bounceTrackingProtection.mode" = 1; - "privacy.clearSiteData.cookiesAndStorage" = false; - "privacy.clearSiteData.historyFormDataAndDownloads" = true; - # Do Not Track - "privacy.donottrackheader.enabled" = true; - # GPC (Global Privacy Control) - "privacy.globalprivacycontrol.was_ever_enabled" = true; - # DNS-over-HTTPS (LibreDNS with adblock) - "network.trr.mode" = 2; - "network.trr.uri" = "https://doh.libredns.gr/noads"; - # Prevent predictive browsing - "network.prefetch-next" = false; - "network.predictor.enabled" = false; - "network.http.speculative-parallel-limit" = 0; - # Referrer sanitization - "network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation" = true; - # Partitioning and isolation - "network.cookie.cookieBehavior.optInPartitioning" = true; - # HTTPS-only - "dom.security.https_only_mode_ever_enabled" = true; - # Disable captive portal checks - "network.captive-portal-service.enabled" = false; - "network.connectivity-service.enabled" = false; - # Permissions tightening - "permissions.delegation.enabled" = false; - # Disable safe browsing remote lookups (relies on Google) - "browser.safebrowsing.downloads.remote.enabled" = false; - "browser.safebrowsing.downloads.remote.block_potentially_unwanted" = false; - "browser.safebrowsing.downloads.remote.block_uncommon" = false; - # Enable anti-cookie tracking + purge trackers - "privacy.annotate_channels.strict_list.enabled" = true; - }; - }; - }; + home-manager.users.jawz.programs.librewolf = import ./librewolf.nix; programs.geary.enable = true; users.users.jawz.packages = builtins.attrValues { inherit krisp-patcher; @@ -124,6 +46,7 @@ in telegram-desktop # furry chat nicotine-plus # remember Ares? discord # :3 + vesktop # >:3 vdhcoapp # video download helper assistant nextcloud-talk-desktop # nextcloud talk client fractal # matrix client diff --git a/modules/apps/librewolf.nix b/modules/apps/librewolf.nix new file mode 100644 index 0000000..363833c --- /dev/null +++ b/modules/apps/librewolf.nix @@ -0,0 +1,79 @@ +{ + enable = true; + languagePacks = [ + "en-CA" + "es-MX" + "it" + ]; + policies.DisabledFirefoxAccounts = false; + profiles.jawz = { + id = 0; + name = "jawz"; + path = "jawz"; + settings = { + # Enable custom userChrome.css (for GNOME theme) + "toolkit.legacyUserProfileCustomizations.stylesheets" = true; + # Enables Firefox GNOME Theme SVG icons + "svg.context-properties.content.enabled" = true; + # GNOME theme refinements + "gnomeTheme.hideSingleTab" = true; + "gnomeTheme.bookmarksToolbarUnderTabs" = true; + "gnomeTheme.allTabsButtonOnOverflow" = true; + # Normal UI density + "browser.uidensity" = 0; + "browser.toolbars.bookmarks.visibility" = "never"; + "general.autoScroll" = true; + # Tabs + "browser.sessionstore.resume_from_crash" = true; + "browser.sessionstore.max_tabs_undo" = 50; + "browser.startup.page" = 3; + # DRM + "media.eme.enabled" = true; + # Prevents private windows from using dark theme + "browser.theme.dark-private-windows" = false; + # Enables rounded corners on the main window + "widget.gtk.rounded-bottom-corners.enabled" = true; + # General privacy & fingerprinting + "privacy.sanitize.sanitizeOnShutdown" = false; + "privacy.clearOnShutdown_v2.browsingHistoryAndDownloads" = false; + "privacy.resistFingerprinting" = false; # You explicitly disabled this + "privacy.fingerprintingProtection" = true; + "privacy.query_stripping.enabled" = true; + "privacy.query_stripping.enabled.pbmode" = true; + "privacy.trackingprotection.enabled" = true; + "privacy.trackingprotection.socialtracking.enabled" = true; + "privacy.trackingprotection.emailtracking.enabled" = true; + "privacy.bounceTrackingProtection.mode" = 1; + "privacy.clearSiteData.cookiesAndStorage" = false; + "privacy.clearSiteData.historyFormDataAndDownloads" = true; + # Do Not Track + "privacy.donottrackheader.enabled" = true; + # GPC (Global Privacy Control) + "privacy.globalprivacycontrol.was_ever_enabled" = true; + # DNS-over-HTTPS (LibreDNS with adblock) + "network.trr.mode" = 2; + "network.trr.uri" = "https://doh.libredns.gr/noads"; + # Prevent predictive browsing + "network.prefetch-next" = false; + "network.predictor.enabled" = false; + "network.http.speculative-parallel-limit" = 0; + # Referrer sanitization + "network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation" = true; + # Partitioning and isolation + "network.cookie.cookieBehavior.optInPartitioning" = true; + # HTTPS-only + "dom.security.https_only_mode_ever_enabled" = true; + # Disable captive portal checks + "network.captive-portal-service.enabled" = false; + "network.connectivity-service.enabled" = false; + # Permissions tightening + "permissions.delegation.enabled" = false; + # Disable safe browsing remote lookups (relies on Google) + "browser.safebrowsing.downloads.remote.enabled" = false; + "browser.safebrowsing.downloads.remote.block_potentially_unwanted" = false; + "browser.safebrowsing.downloads.remote.block_uncommon" = false; + # Enable anti-cookie tracking + purge trackers + "privacy.annotate_channels.strict_list.enabled" = true; + }; + }; +} diff --git a/modules/modules.nix b/modules/modules.nix index 720fc4b..6b28668 100644 --- a/modules/modules.nix +++ b/modules/modules.nix @@ -13,7 +13,7 @@ let config.my.servers.go-vod.enable config.my.servers.tranga.enable ]; - filterNames = file: file != "base.nix" && file != "setup.nix"; + filterNames = file: file != "base.nix" && file != "setup.nix" && file != "librewolf.nix"; autoImport = dir: builtins.readDir ./${dir}