{ config, pkgs, ... }: { programs.firefox = { enable = true; languagePacks = [ "de" ]; preferences = { "extensions.pocket.enabled" = false; "extensions.screenshots.disabled" = false; "browser.topsites.contile.enabled" = false; "browser.formfill.enable" = false; "browser.search.suggest.enabled" = false; "browser.search.suggest.enabled.private" = false; "browser.urlbar.suggest.searches" = false; "browser.urlbar.showSearchSuggestionsFirst" = false; "browser.newtabpage.activity-stream.feeds.section.topstories" = false; "browser.newtabpage.activity-stream.feeds.snippets" = false; "browser.newtabpage.activity-stream.section.highlights.includePocket" = false; "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = false; "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = false; "browser.newtabpage.activity-stream.section.highlights.includeVisited" = false; "browser.newtabpage.activity-stream.showSponsored" = false; "browser.newtabpage.activity-stream.system.showSponsored" = false; "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; }; policies = { CaptivePortal = false; DisableFirefoxAccounts = false; DisableAccounts = false; DisableFirefoxScreenshots = true; DisableTelemetry = true; DisableFirefoxStudies = true; DisablePocket = true; DontCheckDefaultBrowser = true; PasswordManagerEnabled = false; OverrideFirstRunPage = ""; OverridePostUpdatePage = ""; DisplayBookmarksToolbar = "always"; # alternatives: "always" or "newtab" DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on" SearchBar = "separate"; # alternative: "unified" EnableTrackingProtection = { Value= true; Locked = true; Cryptomining = true; Fingerprinting = true; }; FirefoxHome = { Highlights = false; Pocket = false; Search = true; Snippets = false; TopSites = false; }; settings = { "browser.download.panel.shown" = true; "dom.security.https_only_mode" = true; "general.smoothScroll" = true; "gfx.webrender.enabled" = true; "layout.css.backdrop-filter.enabled" = true; "media.videocontrols.picture-in-picture.video-toggle.enabled" = false; "signon.rememberSignons" = false; "svg.context-properties.content.enabled" = true; # We handle this elsewhere "browser.shell.checkDefaultBrowser" = false; # Don't allow websites to prevent use of right-click, or otherwise # messing with the context menu. "dom.event.contextmenu.enabled" = true; # Don't allow websites to prevent copy and paste. Disable # notifications of copy, paste, or cut functions. Stop webpage # knowing which part of the page had been selected. "dom.event.clipboardevents.enabled" = true; # Do not track from battery status. "dom.battery.enabled" = false; # Show punycode. Help protect from character 'spoofing'. "network.IDN_show_punycode" = true; # Disable site reading installed plugins. "plugins.enumerable_names" = ""; # Use Mozilla instead of Google here. "geo.provider.network.url" = "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"; # Safe browsing "browser.safebrowsing.enabled" = false; "browser.safebrowsing.phishing.enabled" = false; "browser.safebrowsing.malware.enabled" = false; "browser.safebrowsing.downloads.enabled" = false; "browser.safebrowsing.provider.google4.updateURL" = ""; "browser.safebrowsing.provider.google4.reportURL" = ""; "browser.safebrowsing.provider.google4.reportPhishMistakeURL" = ""; "browser.safebrowsing.provider.google4.reportMalwareMistakeURL" = ""; "browser.safebrowsing.provider.google4.lists" = ""; "browser.safebrowsing.provider.google4.gethashURL" = ""; "browser.safebrowsing.provider.google4.dataSharingURL" = ""; "browser.safebrowsing.provider.google4.dataSharing.enabled" = false; "browser.safebrowsing.provider.google4.advisoryURL" = ""; "browser.safebrowsing.provider.google4.advisoryName" = ""; "browser.safebrowsing.provider.google.updateURL" = ""; "browser.safebrowsing.provider.google.reportURL" = ""; "browser.safebrowsing.provider.google.reportPhishMistakeURL" = ""; "browser.safebrowsing.provider.google.reportMalwareMistakeURL" = ""; "browser.safebrowsing.provider.google.pver" = ""; "browser.safebrowsing.provider.google.lists" = ""; "browser.safebrowsing.provider.google.gethashURL" = ""; "browser.safebrowsing.provider.google.advisoryURL" = ""; "browser.safebrowsing.downloads.remote.url" = ""; # Don't call home on new tabs "browser.selfsupport.url" = ""; "browser.aboutHomeSnippets.updateUrL" = ""; "browser.startup.homepage_override.mstone" = "ignore"; "browser.startup.homepage_override.buildID" = ""; "startup.homepage_welcome_url" = ""; "startup.homepage_welcome_url.additional" = ""; "startup.homepage_override_url" = ""; # Firefox experiments... "experiments.activeExperiment" = false; "experiments.enabled" = false; "experiments.supported" = false; "extensions.pocket.enabled" = false; "identity.fxaccounts.enabled" = false; # Privacy "privacy.donottrackheader.enabled" = true; "privacy.donottrackheader.value" = 1; "privacy.trackingprotection.enabled" = true; "privacy.trackingprotection.socialtracking.enabled" = true; "privacy.firstparty.isolate" = true; "toolkit.legacyUserProfileCustomizations.stylesheets" = true; "toolkit.telemetry.enabled" = false; "toolkit.telemetry.unified" = false; "toolkit.telemetry.archive.enabled" = false; "browser.toolbars.bookmarks.visibility" = "never"; # Cookies "network.cookie.cookieBehavior" = 1; # Perf "gfx.webrender.all" = true; "media.ffmpeg.vaapi.enabled" = true; "media.ffvpx.enabled" = false; "media.rdd-vpx.enabled" = false; "gfx.webrender.compositor.force-enabled" = true; "media.navigator.mediadatadecoder_vpx_enabled" = true; "webgl.force-enabled" = true; "layers.acceleration.force-enabled" = true; "layers.offmainthreadcomposition.enabled" = true; "layers.offmainthreadcomposition.async-animations" = true; "layers.async-video.enabled" = true; "html5.offmainthread" = true; }; }; }; programs.firefox.policies = { ExtensionSettings = with builtins; let extension = shortId: uuid: { name = uuid; value = { install_url = "https://addons.mozilla.org/en-US/firefox/downloads/latest/${shortId}/latest.xpi"; installation_mode = "normal_installed"; }; }; in listToAttrs [ (extension "torrent-to-web" "torrent-to-web@dasprids.de") (extension "Cookie-AutoDelete" "CookieAutoDelete@kennydo.com") (extension "ublock-origin" "uBlock0@raymondhill.net") (extension "bitwarden-password-manager" "{446900e4-71c2-419f-a6a7-df9c091e268b}") (extension "no-gender" "{f0bb47a1-a5b1-4a4c-80fb-556d6a60e45c}") (extension "get-rss-feed-url" "{15bdb1ce-fa9d-4a00-b859-66c214263ac0}") (extension "freshrss-watcher" "{8276b2b6-a974-4254-8647-79c691694b10}") (extension "bookmarked-speed-dial" "{83a9ecbd-0360-4fee-8822-233ed92cf930}") (extension "i-still-don't-care-about-cookies" "idcac-pub@guus.ninja") #(extension "joplin-web-clipper" "{8419486a-54e9-11e8-9401-ac9e17909436}") #(extension "umatrix" "uMatrix@raymondhill.net") #(extension "libredirect" "7esoorv3@alefvanoon.anonaddy.me") #(extension "clearurls" "{74145f27-f039-47ce-a470-a662b129930a}") ]; # To add additional extensions, find it on addons.mozilla.org, find # the short ID in the url (like https://addons.mozilla.org/en-US/firefox/addon/!SHORT_ID!/) # Then, download the XPI by filling it in to the install_url template, unzip it, # run `jq .browser_specific_settings.gecko.id manifest.json` or # `jq .applications.gecko.id manifest.json` to get the UUID }; }