aboutsummaryrefslogtreecommitdiff
path: root/profiles/disableNormandy.nix
diff options
context:
space:
mode:
authortilpner2020-06-15 09:53:06 +0200
committertilpner2020-06-15 09:53:06 +0200
commit367b0c114f38d5c332f5ee971ad13dd69e302dec (patch)
treeec0c5ee3e7e1f0a30517599e51bd0c8172635158 /profiles/disableNormandy.nix
parent2992d92e6ce0d7c96ccded0747d8815d8cfed956 (diff)
downloadfirefox-profiles-367b0c114f38d5c332f5ee971ad13dd69e302dec.tar.gz
firefox-profiles-367b0c114f38d5c332f5ee971ad13dd69e302dec.tar.xz
firefox-profiles-367b0c114f38d5c332f5ee971ad13dd69e302dec.zip
WIP towards module based configuration
Diffstat (limited to 'profiles/disableNormandy.nix')
-rw-r--r--profiles/disableNormandy.nix23
1 files changed, 23 insertions, 0 deletions
diff --git a/profiles/disableNormandy.nix b/profiles/disableNormandy.nix
new file mode 100644
index 0000000..1dc2dc9
--- /dev/null
+++ b/profiles/disableNormandy.nix
@@ -0,0 +1,23 @@
+{ config, lib, ... }: with lib; {
+ options.features.disableNormandy = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Normandy enables Mozilla to push changes to the default settings.
+ Recently this was used to re-enable TLS 1.0 and 1.1 in FF 74, without releasing
+ a new update.
+
+ Normandy could be used to improve security, by pushing fixes to the default configuration
+ after a bad release, but it can also be used to introduce/enable anti-features.
+
+ Past activity can be reviewed at https://normandy.cdn.mozilla.net/api/v1/recipe/
+ '';
+ };
+
+ config.preferences = mkIf config.features.disableNormandy {
+ app.normandy = {
+ enabled = false;
+ api_url = "";
+ };
+ };
+}