jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
NixOS/modules/apps/internet.nix

110 lines
4.4 KiB
Nix
Raw Blame History

{
inputs,
config,
lib,
pkgs,
...
}:
{
options.my.apps.internet.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.internet.enable {
home-manager.users.jawz.programs.librewolf = {
enable = true;
languagePacks = [
"en-CA"
"es-MX"
"it"
];
policies.DisabledFirefoxAccounts = false;
profiles.jawz = {
id = 0;
name = "jawz";
path = "jawz";
settings = {
# Enable custom userChrome.css (for GNOME theme)
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
# Enables Firefox GNOME Theme SVG icons
"svg.context-properties.content.enabled" = true;
# GNOME theme refinements
"gnomeTheme.hideSingleTab" = true;
"gnomeTheme.bookmarksToolbarUnderTabs" = true;
"gnomeTheme.allTabsButtonOnOverflow" = true;
# Normal UI density
"browser.uidensity" = 0;
"browser.toolbars.bookmarks.visibility" = "never";
"general.autoScroll" = true;
# Tabs
"browser.sessionstore.resume_from_crash" = true;
"browser.sessionstore.max_tabs_undo" = 50;
"browser.startup.page" = 3;
# DRM
"media.eme.enabled" = true;
# Prevents private windows from using dark theme
"browser.theme.dark-private-windows" = false;
# Enables rounded corners on the main window
"widget.gtk.rounded-bottom-corners.enabled" = true;
# General privacy & fingerprinting
"privacy.sanitize.sanitizeOnShutdown" = false;
"privacy.clearOnShutdown_v2.browsingHistoryAndDownloads" = false;
"privacy.resistFingerprinting" = false; # You explicitly disabled this
"privacy.fingerprintingProtection" = true;
"privacy.query_stripping.enabled" = true;
"privacy.query_stripping.enabled.pbmode" = true;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"privacy.trackingprotection.emailtracking.enabled" = true;
"privacy.bounceTrackingProtection.mode" = 1;
"privacy.clearSiteData.cookiesAndStorage" = false;
"privacy.clearSiteData.historyFormDataAndDownloads" = true;
# Do Not Track
"privacy.donottrackheader.enabled" = true;
# GPC (Global Privacy Control)
"privacy.globalprivacycontrol.was_ever_enabled" = true;
# DNS-over-HTTPS (LibreDNS with adblock)
"network.trr.mode" = 2;
"network.trr.uri" = "https://doh.libredns.gr/noads";
# Prevent predictive browsing
"network.prefetch-next" = false;
"network.predictor.enabled" = false;
"network.http.speculative-parallel-limit" = 0;
# Referrer sanitization
"network.http.referer.disallowCrossSiteRelaxingDefault.top_navigation" = true;
# Partitioning and isolation
"network.cookie.cookieBehavior.optInPartitioning" = true;
# HTTPS-only
"dom.security.https_only_mode_ever_enabled" = true;
# Disable captive portal checks
"network.captive-portal-service.enabled" = false;
"network.connectivity-service.enabled" = false;
# Permissions tightening
"permissions.delegation.enabled" = false;
# Disable safe browsing remote lookups (relies on Google)
"browser.safebrowsing.downloads.remote.enabled" = false;
"browser.safebrowsing.downloads.remote.block_potentially_unwanted" = false;
"browser.safebrowsing.downloads.remote.block_uncommon" = false;
# Enable anti-cookie tracking + purge trackers
"privacy.annotate_channels.strict_list.enabled" = true;
};
};
};
programs.geary.enable = true;
users.users.jawz.packages = builtins.attrValues {
inherit (inputs.jawz-scripts.packages.x86_64-linux)
vdhcoapp # video download helper assistant
talk # nextcloud talk client
;
inherit (pkgs)
thunderbird # email client
warp # transfer files with based ppl
brave # crypto-browser that at least somewhat integrates with gtk
nextcloud-client # self-hosted google-drive alternative
fragments # beautiful torrent client
tor-browser-bundle-bin # dark web, so dark!
telegram-desktop # furry chat
nicotine-plus # remember Ares?
discord # :3
;
};
};
}
Reference in New Issue View Git Blame Copy Permalink