diff --git a/flake.lock b/flake.lock index 517e02c..a1d0f7f 100644 --- a/flake.lock +++ b/flake.lock @@ -164,6 +164,27 @@ "type": "github" } }, + "flake-parts_5": { + "inputs": { + "nixpkgs-lib": [ + "nur", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1733312601, + "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "flake-root": { "locked": { "lastModified": 1723604017, @@ -793,6 +814,28 @@ "type": "github" } }, + "nur": { + "inputs": { + "flake-parts": "flake-parts_5", + "nixpkgs": [ + "nixpkgs" + ], + "treefmt-nix": "treefmt-nix_3" + }, + "locked": { + "lastModified": 1736632112, + "narHash": "sha256-C0H5qi53st3EcRCHanOvKbnXpPTt7jPjfkf1uRvYhEY=", + "owner": "nix-community", + "repo": "NUR", + "rev": "acc4a993dc11d71b954f7ed0c625ecefcee81fe7", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NUR", + "type": "github" + } + }, "nvim-emmet": { "flake": false, "locked": { @@ -833,6 +876,7 @@ "marleyvim": "marleyvim", "nixgl": "nixgl", "nixpkgs": "nixpkgs_3", + "nur": "nur", "rofi-themes": "rofi-themes", "rose-pine": "rose-pine", "rose-pine-amfora": "rose-pine-amfora", @@ -1036,6 +1080,27 @@ "type": "github" } }, + "treefmt-nix_3": { + "inputs": { + "nixpkgs": [ + "nur", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1733222881, + "narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "49717b5af6f80172275d47a418c9719a31a78b53", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, "unstable": { "locked": { "lastModified": 1735834308, diff --git a/flake.nix b/flake.nix index b512eab..0599e9a 100644 --- a/flake.nix +++ b/flake.nix @@ -17,6 +17,7 @@ overlays = with inputs; [ lix.overlays.default + nur.overlays.default marleyvim.overlays.default ]; @@ -41,6 +42,11 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + nur = { + url = "github:nix-community/NUR"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + lix = { url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-1.tar.gz"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/homes/x86_64-linux/marley@nyx/default.nix b/homes/x86_64-linux/marley@nyx/default.nix index 1fa4501..95ec8b7 100644 --- a/homes/x86_64-linux/marley@nyx/default.nix +++ b/homes/x86_64-linux/marley@nyx/default.nix @@ -21,6 +21,7 @@ in { eza = enabled; figlet = enabled; fish = enabled; + floorp = enabled; fzf = enabled; gh = enabled; git = enabled; diff --git a/modules/home/programs/floorp/default.nix b/modules/home/programs/floorp/default.nix new file mode 100644 index 0000000..0b85241 --- /dev/null +++ b/modules/home/programs/floorp/default.nix @@ -0,0 +1,288 @@ +{ + lib, + config, + pkgs, + ... +}: let + inherit (lib) mkEnableOption mkIf; + + cfg = config.marleyos.programs.floorp; +in { + options.marleyos.programs.floorp.enable = mkEnableOption "floorp"; + + config = mkIf cfg.enable { + programs.floorp = { + enable = true; + + profiles = { + "${config.marleyos.my.name}" = { + extensions = with pkgs.nur.repos.rycee.firefox-addons; [ + bitwarden + catppuccin-gh-file-explorer + clearurls + consent-o-matic + darkreader + facebook-container + kagi-search + # libredirect + # proton-vpn + raindropio + refined-github + shinigami-eyes + snowflake + stylus + tampermonkey + ublock-origin + # vue-js-devtools + # wappalyzer + wayback-machine + # xdebug-helper-for-firefox + ]; + + settings = { + # https://arkenfox.github.io/gui/ + # + # Introduction - - - - - - - - - - - - - - - - - - - - - - - - - - - + "browser.aboutConfig.showWarning" = false; + + # Startup - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + "browser.startup.page" = 1; # homepage + "browser.startup.homepage" = "https://punkfairie.net/start/"; + "browser.newtabpage.enabled" = false; + "browser.newtabpage.activity-stream.showSponsored" = false; + "browser.newtabpage.activity-stream.showSponsoredTopSites" = false; + "browser.newtabpage.activity-stream.default.sites" = ""; + + # Geolocation - - - - - - - - - - - - - - - - - - - - - - - - - - - + "geo.provider.use_corelocation" = false; # mac + "geo.provider.use_geoclue" = false; # linux + + # Quieter Fox - - - - - - - - - - - - - - - - - - - - - - - - - - - + # Recommendations + "extensions.getAddons.showPane" = false; # uses google analytics + "extensions.htmlaboutaddons.reccomendations.enabled" = false; + "browser.discovery.enabled" = false; + "browser.shopping.experience2023.enabled" = false; + + # Telemetry + "datareporting.policy.dataSubmissionEnabled" = false; + "datareporting.healthreport.uploadEnabled" = false; + "toolkit.telemetry.unified" = false; + "toolkit.telemetry.enabled" = false; + "toolkit.telemetry.server" = "data:,"; + "toolkit.telemetry.archive.enabled" = false; + "toolkit.telemetry.newProfilePing.enabled" = false; + "toolkit.telemetry.shutdownPingSender.enabled" = false; + "toolkit.telemetry.updatePing.enabled" = false; + "toolkit.telemetry.bhrPing.enabled" = false; + "toolkit.telemetry.firstShutdownPing.enabled" = false; + "toolkit.telemetry.coverage.opt-out" = true; + "toolkit.coverage.opt-out" = true; + "toolkit.coverage.endpoint.base" = ""; + "browser.newtabpage.activity-stream.feeds.telemetry" = false; + "browser.newtabpage.activity-stream.telemetry" = false; + + # Studies + "app.shield.optoutstudies.enabled" = false; + "app.normandy.enabled" = false; + "app.normandy.api_url" = ""; + + # Crash Reports + "breakpad.reportURL" = ""; + "browser.tabs.crashReporting.sendReport" = false; + "browser.crashReports.unsubmittedCheck.autoSubmit2" = false; + + # Other + "captivedetect.canonicalURL" = ""; + "network.captive-portal-service.enabled" = false; + "netowkr.connectivity-service.enabled" = false; + + # Safe Browsing - - - - - - - - - - - - - - - - - - - - - - - - - - + # Sends info to google. + "browser.safebrowsing.downloads.remote.enabled" = false; + + # Block Implicit Outbound - - - - - - - - - - - - - - - - - - - - - + # Disables behavior related to non-explicitly asked for browsing + # (speculative fetching of links not clicked on). + "network.prefetch-next" = false; + "network.dns.disablePrefetch" = true; + "network.dns.disablePrefetchFromHTTPS" = true; + "network.predictor.enabled" = false; + "network.predictor.enable-prefetch" = false; + "network.http.speculative-parallel-limit" = 0; + "browser.places.speculativeConnect.enabled" = false; + + # DNS / DoH / PROXY / SOCKS - - - - - - - - - - - - - - - - - - - - + "network.proxy.socks_remote_dns" = true; + "network.file.disable_unc_paths" = true; + "network.gio.supported-protocols" = ""; + + # Location Bar / Search Bar / Suggestions / History / Forms - - - - + "browser.urlbar.speculativeConnect.enabled" = false; + "browser.urlbar.quicksuggest.enabled" = false; + "browser.urlbar.suggest.quicksuggest.nonsponsored" = false; + "browser.urlbar.suggest.quicksuggest.sponsored" = false; + "browser.urlbar.trending.featureGate" = false; + "browser.urlbar.addons.featureGate" = false; + "browser.urlbar.mdn.featureGate" = false; + "browser.urlbar.pocket.featureGate" = false; + "browser.urlbar.weather.featureGate" = false; + "browser.urlbar.yelp.featureGate" = false; + "browser.formfill.enable" = false; + + # Passwords - - - - - - - - - - - - - - - - - - - - - - - - - - - - + "signon.autofillForms" = false; + "signon.formlessCapture.enabled" = false; + "network.auth.subresource-http-auth-allow" = 1; + + # Disk Avoidance - - - - - - - - - - - - - - - - - - - - - - - - - - + "browser.privatebrowsing.forceMediaMemoryCache" = true; + "media.memory_cache_max_size" = 65536; + "browser.sessionstore.privacy_level" = 2; + + # HTTPS (SSL/TLS / OCSP / CERTS / HPKP) - - - - - - - - - - - - - - + # SSL (Secure Sockets Layer) / TLS (Transport Layer Security) + "security.ssl.require_safe_negotiation" = true; + "security.tls.enable_0rtt_data" = false; + + # OCSP (Online Certificate Status Protocol) + "security.OCSP.enabled" = 1; + "security.OCSP.require" = true; + + # CERTS / HPKP (HTTP Public Key Pinning) + "security.cert_pinning.enforcement_level" = 2; + "security.remote_settings.crlite_filters.enabled" = true; + "security.pki.crlite_mode" = 2; + + # Mixed Content + "dom.security.https_only_mode" = true; + "dom.security.https_only_mode_send_http_background_request" = false; + + # UI (User Interface) + "security.ssl.treat_unsafe_negotiation_as_broken" = true; + "browser.xul.error_pages.expert_bad_cert" = true; + + # Referers - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + "network.http.referer.XOriginTrimmingPolicy" = 2; + + # Containers - - - - - - - - - - - - - - - - - - - - - - - - - - - - + "privacy.userContext.enabled" = true; + "privacy.userContext.ui.enabled" = true; + + # Plugins / Media / WebRTC - - - - - - - - - - - - - - - - - - - - - + "media.peerconnection.ice.proxy_only_if_behind_proxy" = true; + "media.peerconnection.ice.default_address_only" = true; + + # DOM (Document Object Model) - - - - - - - - - - - - - - - - - - - + "dom.disable_window_move_resize" = true; + + # Miscellaneous - - - - - - - - - - - - - - - - - - - - - - - - - - + "browser.download.start_downloads_in_tmp_dir" = true; + "browser.helperApps.deleteTempFileOnExit" = true; + "browser.uitour.enabled" = false; + "devtools.debugger.remote-enabled" = false; + "permissions.manager.defaultsUrl" = ""; + "webchannel.allowObject.urlWhiteList" = ""; + "network.IDN_show_punycode" = true; + "browser.tabs.searchclipboardfor.middleclick" = false; + "browser.contentanalysis.enabled" = false; + "browser.contentanalysis.default_result" = 0; + + # Downloads + "browser.download.alwaysOpenPanel" = false; + "browser.download.manager.addToRecentDocs" = false; + "browser.download.always_ask_before_handling_new_types" = true; + + # Extensions + "extensions.enabledScopes" = 5; + "extensions.autoDisableScopes" = 0; # auto-enable extensions + "extensions.postDownloadThirdPartyPrompt" = false; + + # ETP (Enhanced Tracking Protection) - - - - - - - - - - - - - - - - + "browser.contentblocking.category" = "strict"; + + # Shutdown & Sanitizing - - - - - - - - - - - - - - - - - - - - - - + "privacy.sanitize.sanitizeOnShutdown" = true; + + # Sanitize On Shutdown: Ignores "Allow" Site Exceptions + "privacy.clearOnShutdown.cache" = true; + "privacy.clearOnShutdown_v2.cache" = true; + "privacy.clearOnShutdown.downloads" = false; + "privacy.clearOnShutdown.formdata" = true; + "privacy.clearOnShutdown.history" = false; + "privacy.clearOnShutdown_v2.historyFormDataAndDownloads" = false; + + # Sanitize On Shutdown: Respects "Allow" Site Exceptions + "privacy.clearOnShutdown.cookies" = true; + "privacy.clearOnShutdown.offlineApps" = true; + "privacy.clearOnShutdown.sessions" = true; + "privacy.clearOnShutdown_v2.cookiesAndStorage" = true; + + # Sanitize Site Data: Ignores "Allow" Site Exceptions + "privacy.clearSiteData.cache" = true; + "privacy.clearSiteData.cookiesAndStorage" = false; + "privacy.clearSiteData.historyFormDataAndDownloads" = false; + "privacy.cpd.cache" = true; + "privacy.clearHistory.cache" = true; + "privacy.cpd.formdata" = true; + "privacy.cpd.history" = false; + "privacy.clearHistory.historyFormDataAndDownloads" = true; + "privacy.cpd.cookies" = false; + "privacy.cpd.sessions" = true; + "privacy.cpd.offlineApps" = false; + "privacy.clearHistory.cookiesAndStorage" = false; + "privacy.cpd.passwords" = false; + + # Sanitize Manual: Timerange + "privacy.sanitize.timeSpan" = 0; # everything + + # Optional RFP (resistFingerprinting) - - - - - - - - - - - - - - - + "privacy.window.maxInnerWidth" = 1200; + "privacy.window.maxInnerHeight" = 900; + "privacy.resistFingerprinting.block_mozAddonManager" = true; + "privacy.spoof_english" = 1; + "browser.display.use_system_colors" = false; + "browser.link.open_newwindow" = 3; # open in new tab instead + "browser.link.open_newwindow.restriction" = 0; + + # Optional OpSec - - - - - - - - - - - - - - - - - - - - - - - - - - + "signon.rememberSignons" = false; + "extensions.formautofill.addresses.enabled" = false; + "extensions.formautofill.creditCards.enabled" = false; + + # Don't Touch - - - - - - - - - - - - - - - - - - - - - - - - - - - + "extensions.blocklist.enabled" = true; + "network.http.referer.spoofSource" = false; + "security.dialog_enable_delay" = 1000; + "privacy.firstparty.isolate" = false; + "extensions.webcompat.enable_shims" = true; + "security.tls.version.enable-deprecated" = false; + "extensions.quarantinedDomains.enabled" = false; + + # Non-Project Related - - - - - - - - - - - - - - - - - - - - - - - + "browser.startup.homepage_override.mstone" = "ignore"; + "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons" = + false; + "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features" = + false; + "browser.urlbar.showSearchTerms.enabled" = false; + + # Floorp - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + "floorp.lepton.interface" = 3; + "userChrome.tab.lepton_like_padding" = false; + "floorp.browser.sidebar.enable" = false; + "floorp.browser.sidebar2.data" = '' + {"data":{"floorp__history":{"url":"floorp//history","width":415},"floorp__downloads":{"url":"floorp//downloads","width":415},"floorp__notes":{"url":"floorp//notes","width":550}},"index":["floorp__history","floorp__downloads","floorp__notes"]} + ''; + + # marleyOS - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + "app.update.channel" = "default"; # disable updates + "browser.search.region" = "US"; + "browser.shell.checkDefaultBrowser" = false; + "browser.toolbars.bookmarks.visibility" = "never"; + }; + }; + }; + }; + }; +}