aboutsummaryrefslogtreecommitdiff
path: root/profiles
diff options
context:
space:
mode:
authortilpner2020-06-15 09:53:06 +0200
committertilpner2020-06-15 09:53:06 +0200
commit367b0c114f38d5c332f5ee971ad13dd69e302dec (patch)
treeec0c5ee3e7e1f0a30517599e51bd0c8172635158 /profiles
parent2992d92e6ce0d7c96ccded0747d8815d8cfed956 (diff)
downloadfirefox-profiles-367b0c114f38d5c332f5ee971ad13dd69e302dec.tar.gz
firefox-profiles-367b0c114f38d5c332f5ee971ad13dd69e302dec.tar.xz
firefox-profiles-367b0c114f38d5c332f5ee971ad13dd69e302dec.zip
WIP towards module based configuration
Diffstat (limited to 'profiles')
-rw-r--r--profiles/addons/default.nix90
-rw-r--r--profiles/addons/noscript/config.json101
-rw-r--r--profiles/addons/qwantjunior/content-script.js34
-rw-r--r--profiles/addons/qwantjunior/favicon.icobin2285 -> 0 bytes
-rw-r--r--profiles/addons/qwantjunior/managed_storage.json20
-rw-r--r--profiles/addons/qwantjunior/manifest.json40
-rw-r--r--profiles/addons/ublock/config.json84
-rw-r--r--profiles/defaults.nix2
-rw-r--r--profiles/disableAccounts.nix18
-rw-r--r--profiles/disableClutter.nix21
-rw-r--r--profiles/disableLocation.nix22
-rw-r--r--profiles/disableMedia.nix30
-rw-r--r--profiles/disableNormandy.nix23
-rw-r--r--profiles/disablePasswordManager.nix37
-rw-r--r--profiles/disablePocket.nix21
-rw-r--r--profiles/disableStudies.nix25
-rw-r--r--profiles/disableTunnels.nix27
-rw-r--r--profiles/disableUpdates.nix44
-rw-r--r--profiles/distrustUser.nix2
-rw-r--r--profiles/enableFission.nix7
-rw-r--r--profiles/fewerSimplifications.nix5
-rw-r--r--profiles/forgetActivity.nix26
-rw-r--r--profiles/lessFingerprinting.nix2
-rw-r--r--profiles/minimalConnections.nix4
-rw-r--r--profiles/minimalHome.nix2
-rw-r--r--profiles/noAccounts.nix14
-rw-r--r--profiles/noClutter.nix15
-rw-r--r--profiles/noLocation.nix18
-rw-r--r--profiles/noMedia.nix26
-rw-r--r--profiles/noNormandy.nix19
-rw-r--r--profiles/noPasswords.nix27
-rw-r--r--profiles/noPocket.nix15
-rw-r--r--profiles/noStudies.nix19
-rw-r--r--profiles/noTunnels.nix23
-rw-r--r--profiles/noUpdates.nix38
-rw-r--r--profiles/ocsp.nix40
-rw-r--r--profiles/replaceAllUrls.nix35
-rw-r--r--profiles/restrict.nix2
-rw-r--r--profiles/safebrowsing.nix40
-rw-r--r--profiles/trackingprotection.nix7
40 files changed, 377 insertions, 648 deletions
diff --git a/profiles/addons/default.nix b/profiles/addons/default.nix
deleted file mode 100644
index 2e648ce..0000000
--- a/profiles/addons/default.nix
+++ /dev/null
@@ -1,90 +0,0 @@
-{ pkgs, lib, fetchurl, runCommand }:
-
-let
- # Extension IDs are used as keys, see .applications.gecko.id in manifest.json
- localAddon = { id, src, settings ? null }: {
- policies = {
- ExtensionSettings.${id} = {
- installation_mode = "force_installed";
- install_url = "file://${src}";
- };
- } // (lib.optionalAttrs (settings != null) {
- "3rdparty".Extensions.${id} = settings;
- });
- };
-
- addon = { id, url, sha256, settings ? null }: localAddon {
- inherit id settings;
- src = fetchurl {
- inherit url sha256;
- };
- };
-in {
- # This can be safe-ish, if extension installation is also disabled
- disableExtensionSignatureChecking.preferences = {
- xpinstall.signatures.required = false;
- };
-
- privacybadger = addon {
- id = "jid1-MnnxcxisBPnSXQ@jetpack";
- url = "https://addons.mozilla.org/firefox/downloads/file/3509922/privacy_badger-2020.2.19-an+fx.xpi";
- sha256 = "1issggv5wl5x3a4p3q8hrhbkhgsdx9f2qzbscg6y6f75yazswc20";
- settings = {
- showIntroPage = false;
- };
- };
-
- noscript = addon {
- id = "{73a6fe31-595d-460b-a920-fcc0f8843232}";
- url = "https://addons.mozilla.org/firefox/downloads/file/3517653/noscript_security_suite-11.0.15-an+fx.xpi";
- sha256 = "0gb0a6pp0rj9jpg1094arqvcwxh1rd2m47ijawlidybm29qmyyay";
- };
-
- noscriptFork = localAddon {
- id = "{73a6fe31-595d-460b-a920-fcc0f8843232}";
- src = import (pkgs.fetchzip {
- url = https://git.tx0.co/firefox-profiles/noscript/snapshot/noscript-63e23c676fb86f33e70d7362bf625b534ce65346.tar.xz ;
- sha256 = "0f0hna8fjj7vdjgmnjkd567smg8gda8jp9sl21nz3dx0s5d0vw8f";
- });
- settings.defaultSettings = builtins.readFile ./noscript/config.json;
- };
-
- ublock = addon {
- id = "uBlock0@raymondhill.net";
- url = "https://addons.mozilla.org/firefox/downloads/file/3509800/ublock_origin-1.25.0-an+fx.xpi";
- sha256 = "0pyna4c2b2ffh8ifjj4c8ga9b73g37pk432nyinf8majyb1fq6rc";
- settings.adminSettings = builtins.readFile ./ublock/config.json;
- };
-
- qwantjunior = localAddon {
- id = "qwantjunior@search.mozilla.org";
- src = runCommand "addon.xpi" { nativeBuildInputs = [ pkgs.zip ]; } ''
- SRC=${./qwantsearch}
- cd $SRC
- zip -r $out .
- '';
-
- settings.settings = {
- searchRegionKey = "DE";
- searchLanguageKey = "de";
- interfaceLanguageKey = "de_de";
- };
- };
-
- qwantjuniorSystem.policies = {
- "3rdparty".Extensions."qwantjunior@search.mozilla.org".settings = {
- searchRegionKey = "DE";
- searchLanguageKey = "de";
- interfaceLanguageKey = "de_de";
- };
- };
-
-/*
- borderify.policies = {
- ExtensionSettings."borderify@example.com" = {
- installation_mode = "force_installed";
- install_url = "file://${../../borderify.xpi}";
- };
- };
-*/
-}
diff --git a/profiles/addons/noscript/config.json b/profiles/addons/noscript/config.json
deleted file mode 100644
index 57e121d..0000000
--- a/profiles/addons/noscript/config.json
+++ /dev/null
@@ -1,101 +0,0 @@
-{
- "policy": {
- "DEFAULT": {
- "capabilities": [
- "frame",
- "fetch",
- "other",
- "script",
- "object",
- "font",
- "media",
- "webgl",
- "ping"
- ],
- "temp": false
- },
- "TRUSTED": {
- "capabilities": [
- "script",
- "object",
- "media",
- "frame",
- "font",
- "webgl",
- "fetch",
- "ping",
- "other"
- ],
- "temp": false
- },
- "UNTRUSTED": {
- "capabilities": [],
- "temp": false
- },
- "sites": {
- "trusted": [
- "§:addons.mozilla.org",
- "§:afx.ms",
- "§:ajax.aspnetcdn.com",
- "§:ajax.googleapis.com",
- "§:bootstrapcdn.com",
- "§:code.jquery.com",
- "§:firstdata.com",
- "§:firstdata.lv",
- "§:gfx.ms",
- "§:google.com",
- "§:googlevideo.com",
- "§:gstatic.com",
- "§:hotmail.com",
- "§:live.com",
- "§:live.net",
- "§:maps.googleapis.com",
- "§:mozilla.net",
- "§:netflix.com",
- "§:nflxext.com",
- "§:nflximg.com",
- "§:nflxvideo.net",
- "§:noscript.net",
- "§:outlook.com",
- "§:passport.com",
- "§:passport.net",
- "§:passportimages.com",
- "§:paypal.com",
- "§:paypalobjects.com",
- "§:securecode.com",
- "§:securesuite.net",
- "§:sfx.ms",
- "§:tinymce.cachefly.net",
- "§:wlxrs.com",
- "§:yahoo.com",
- "§:yahooapis.com",
- "§:yimg.com",
- "§:youtube.com",
- "§:ytimg.com",
- "§:qwantjunior.com",
- "§:qwant.com"
- ],
- "untrusted": [],
- "custom": {}
- },
- "enforced": true,
- "autoAllowTop": false
- },
- "local": {
- "debug": false,
- "showCtxMenuItem": true,
- "showCountBadge": true,
- "showFullAddresses": false,
- "storage": "local",
- "uuid": "82ea8b50-5fb6-45c2-8748-0dc29c8d2e49"
- },
- "sync": {
- "global": false,
- "xss": true,
- "cascadeRestrictions": false,
- "overrideTorBrowserPolicy": false,
- "clearclick": true,
- "storage": "sync"
- },
- "xssUserChoices": {}
-} \ No newline at end of file
diff --git a/profiles/addons/qwantjunior/content-script.js b/profiles/addons/qwantjunior/content-script.js
deleted file mode 100644
index 01b3976..0000000
--- a/profiles/addons/qwantjunior/content-script.js
+++ /dev/null
@@ -1,34 +0,0 @@
-"use strict";
-
-function changeSettings(managed) {
- var preferred = managed.settings;
- var userStorage = JSON.parse(localStorage.getItem('user'));
- var needsReload = false;
-
- if (userStorage == null) {
- localStorage.setItem('user', JSON.stringify({
- userSetting: preferred
- }));
-
- needsReload = true;
- } else if (userStorage.version == "2") {
- var setting = userStorage.userSetting;
-
- for (const [key, value] of Object.entries(preferred)) {
- if (setting[key] != preferred[key]) {
- setting[key] = preferred[key];
- needsReload = true;
- }
- }
-
- localStorage.setItem('user', JSON.stringify(userStorage));
- }
-
- if (needsReload) {
- location.reload();
- }
-}
-
-browser.storage.managed
- .get("settings")
- .then(changeSettings);
diff --git a/profiles/addons/qwantjunior/favicon.ico b/profiles/addons/qwantjunior/favicon.ico
deleted file mode 100644
index 5e44aac..0000000
--- a/profiles/addons/qwantjunior/favicon.ico
+++ /dev/null
Binary files differ
diff --git a/profiles/addons/qwantjunior/managed_storage.json b/profiles/addons/qwantjunior/managed_storage.json
deleted file mode 100644
index 00afb5a..0000000
--- a/profiles/addons/qwantjunior/managed_storage.json
+++ /dev/null
@@ -1,20 +0,0 @@
-{
- "$schema": "http://json-schema.org/draft-03/schema#",
- "type": "object",
- "properties": {
- "settings": {
- "type": "object",
- "properties": {
- "searchRegionKey": {
- "type": "string"
- },
- "searchLanguageKey": {
- "type": "string"
- },
- "interfaceLanguageKey": {
- "type": "string"
- }
- }
- }
- }
-}
diff --git a/profiles/addons/qwantjunior/manifest.json b/profiles/addons/qwantjunior/manifest.json
deleted file mode 100644
index f38a086..0000000
--- a/profiles/addons/qwantjunior/manifest.json
+++ /dev/null
@@ -1,40 +0,0 @@
-{
- "name": "QwantJunior",
- "description": "Search Qwant Junior",
- "manifest_version": 2,
- "version": "1.0",
- "applications": {
- "gecko": {
- "id": "qwantjunior@search.mozilla.org"
- }
- },
- "hidden": true,
- "icons": {
- "16": "favicon.ico"
- },
- "web_accessible_resources": [
- "favicon.ico"
- ],
- "chrome_settings_overrides": {
- "search_provider": {
- "is_default": true,
- "name": "Qwant Junior",
- "search_url": "https://www.qwantjunior.com",
- "search_form": "https://www.qwantjunior.com/?q={searchTerms}",
- "search_url_get_params": "q={searchTerms}",
- "suggest_url": "https://api.qwant.com/egp/suggest/",
- "suggest_url_get_params": "q={searchTerms}&client=opensearch"
- }
- },
-
- "permissions": [
- "storage",
- "https://www.qwantjunior.com/*"
- ],
-
- "content_scripts": [
- { "matches": [ "https://www.qwantjunior.com/*" ],
- "run_at": "document_idle",
- "js": [ "content-script.js" ] }
- ]
-}
diff --git a/profiles/addons/ublock/config.json b/profiles/addons/ublock/config.json
deleted file mode 100644
index 67ba236..0000000
--- a/profiles/addons/ublock/config.json
+++ /dev/null
@@ -1,84 +0,0 @@
-{
- "timeStamp": 1583409728051,
- "version": "1.25.0",
- "userSettings": {
- "advancedUserEnabled": true,
- "alwaysDetachLogger": true,
- "autoUpdate": true,
- "cloudStorageEnabled": false,
- "collapseBlocked": true,
- "colorBlindFriendly": false,
- "contextMenuEnabled": true,
- "dynamicFilteringEnabled": true,
- "externalLists": "",
- "firewallPaneMinimized": true,
- "hyperlinkAuditingDisabled": true,
- "ignoreGenericCosmeticFilters": false,
- "largeMediaSize": 50,
- "parseAllABPHideFilters": true,
- "prefetchingDisabled": true,
- "requestLogMaxEntries": 1000,
- "showIconBadge": true,
- "tooltipsDisabled": false,
- "webrtcIPAddressHidden": false
- },
- "selectedFilterLists": [
- "user-filters",
- "easylist",
- "easyprivacy",
- "malware-0",
- "malware-1",
- "plowe-0"
- ],
- "hiddenSettings": {
- "allowGenericProceduralFilters": false,
- "assetFetchTimeout": 30,
- "autoCommentFilterTemplate": "{{date}} {{origin}}",
- "autoUpdateAssetFetchPeriod": 120,
- "autoUpdateDelayAfterLaunch": 180,
- "autoUpdatePeriod": 7,
- "blockingProfiles": "11111/#F00 11011/#C0F 11001/#00F 00001",
- "cacheStorageAPI": "unset",
- "cacheStorageCompression": true,
- "cacheControlForFirefox1376932": "no-cache, no-store, must-revalidate",
- "cnameIgnoreList": "unset",
- "cnameIgnore1stParty": true,
- "cnameIgnoreExceptions": true,
- "cnameIgnoreRootDocument": true,
- "cnameMaxTTL": 120,
- "cnameReplayFullURL": false,
- "cnameUncloak": true,
- "consoleLogLevel": "unset",
- "debugScriptlets": false,
- "debugScriptletInjector": false,
- "disableWebAssembly": false,
- "extensionUpdateForceReload": false,
- "ignoreRedirectFilters": false,
- "ignoreScriptInjectFilters": false,
- "filterAuthorMode": false,
- "loggerPopupType": "popup",
- "manualUpdateAssetFetchPeriod": 500,
- "popupFontSize": "unset",
- "requestJournalProcessPeriod": 1000,
- "selfieAfter": 3,
- "strictBlockingBypassDuration": 120,
- "suspendTabsUntilReady": "unset",
- "uiFlavor": "unset",
- "updateAssetBypassBrowserCache": false,
- "userResourcesLocation": "unset"
- },
- "whitelist": [
- "about-scheme",
- "chrome-extension-scheme",
- "chrome-scheme",
- "moz-extension-scheme",
- "opera-scheme",
- "vivaldi-scheme",
- "wyciwyg-scheme"
- ],
- "netWhitelist": "about-scheme\nchrome-extension-scheme\nchrome-scheme\nmoz-extension-scheme\nopera-scheme\nvivaldi-scheme\nwyciwyg-scheme",
- "dynamicFilteringString": "behind-the-scene * * noop\nbehind-the-scene * inline-script noop\nbehind-the-scene * 1p-script noop\nbehind-the-scene * 3p-script noop\nbehind-the-scene * 3p-frame noop\nbehind-the-scene * image noop\nbehind-the-scene * 3p noop",
- "urlFilteringString": "",
- "hostnameSwitchesString": "no-large-media: behind-the-scene false",
- "userFilters": ""
-} \ No newline at end of file
diff --git a/profiles/defaults.nix b/profiles/defaults.nix
index 72315f6..9931452 100644
--- a/profiles/defaults.nix
+++ b/profiles/defaults.nix
@@ -1,4 +1,4 @@
-{ ffLib }: {
+{ ff, ... }: {
policies = {
/*EnableTrackingProtection = {
Cryptomining = true;
diff --git a/profiles/disableAccounts.nix b/profiles/disableAccounts.nix
new file mode 100644
index 0000000..b074b39
--- /dev/null
+++ b/profiles/disableAccounts.nix
@@ -0,0 +1,18 @@
+{ config, lib, ... }: with lib; {
+ options.features.disableAccounts = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Disable Firefox Accounts.
+
+ This may inconvenience users who already use them on other devices,
+ but if we otherwise prevent the local storage of browsing information,
+ it would be inconsistent to let the user sign in and potentionally
+ store that same information remotely.
+ '';
+ };
+
+ config.preferences = mkIf config.features.disableAccounts {
+ identity.fxaccounts.enabled = false;
+ };
+}
diff --git a/profiles/disableClutter.nix b/profiles/disableClutter.nix
new file mode 100644
index 0000000..a19d531
--- /dev/null
+++ b/profiles/disableClutter.nix
@@ -0,0 +1,21 @@
+{ config, lib, ... }: with lib; {
+ options.ui.removeClutter = lib.mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Disable potentionally distracting features, to let the user focus.
+
+ This module does not aim to improve privacy or security.
+ '';
+ };
+
+ config = lib.mkIf config.ui.removeClutter {
+ policies = {
+ Homepage.StartPage = "none";
+ };
+
+ preferences = {
+ browser.slowStartup.notificationDisabled = true;
+ };
+ };
+}
diff --git a/profiles/disableLocation.nix b/profiles/disableLocation.nix
new file mode 100644
index 0000000..1592dbb
--- /dev/null
+++ b/profiles/disableLocation.nix
@@ -0,0 +1,22 @@
+{ config, lib, ff, ... }: with lib; {
+ options.features.disableLocation = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Forbid requests for the users precise location.
+ The remote end will still be able to look up the users IP address in a database, for
+ an approximate location.
+ '';
+ };
+
+ config.policies = mkIf config.features.disableLocation {
+ Permissions.Location = {
+ BlockNewRequests = true;
+ Locked = true;
+ };
+
+ Preferences = ff.flattenAttrs {
+ geo.enabled = false;
+ };
+ };
+}
diff --git a/profiles/disableMedia.nix b/profiles/disableMedia.nix
new file mode 100644
index 0000000..c09efa2
--- /dev/null
+++ b/profiles/disableMedia.nix
@@ -0,0 +1,30 @@
+{ config, lib, ff, ... }: with lib; {
+ options.features.disableMedia = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ This assumes a deployment where video consumption does not occur often.
+ It disables DRM and other encrypted media, as well as autoplay.
+ '';
+ };
+
+ config.policies = lib.mkIf config.features.disableMedia {
+ Preferences = ff.flattenAttrs {
+ media = {
+ eme.enabled = false;
+ gmp-gmpopenh264 = {
+ enabled = false;
+ autoupdate = false;
+ };
+ gmp-widevinecdm.enabled = false;
+ peerconnection.enabled = false;
+
+ autoplay = {
+ default = 1;
+ enabled.user-gestures-needed = true;
+ allow-muted = false;
+ };
+ };
+ };
+ };
+}
diff --git a/profiles/disableNormandy.nix b/profiles/disableNormandy.nix
new file mode 100644
index 0000000..1dc2dc9
--- /dev/null
+++ b/profiles/disableNormandy.nix
@@ -0,0 +1,23 @@
+{ config, lib, ... }: with lib; {
+ options.features.disableNormandy = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Normandy enables Mozilla to push changes to the default settings.
+ Recently this was used to re-enable TLS 1.0 and 1.1 in FF 74, without releasing
+ a new update.
+
+ Normandy could be used to improve security, by pushing fixes to the default configuration
+ after a bad release, but it can also be used to introduce/enable anti-features.
+
+ Past activity can be reviewed at https://normandy.cdn.mozilla.net/api/v1/recipe/
+ '';
+ };
+
+ config.preferences = mkIf config.features.disableNormandy {
+ app.normandy = {
+ enabled = false;
+ api_url = "";
+ };
+ };
+}
diff --git a/profiles/disablePasswordManager.nix b/profiles/disablePasswordManager.nix
new file mode 100644
index 0000000..cf71db6
--- /dev/null
+++ b/profiles/disablePasswordManager.nix
@@ -0,0 +1,37 @@
+{ config, lib, ... }: with lib; {
+ options.features.disablePasswordManager = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Prevent the user from storing any passwords in the browser.
+ This can be justified if the physical security of the device is uncertain, or
+ if the provider wants to avoid the responsiblity of storing such sensitive data.
+
+ However, the users alternatives must be considered: what will a user do without the
+ password manager?
+
+ Possible "alternatives" (from user perspective) include:
+ - Choose much weaker passwords
+ - Store the passwords in an unencrypted form (e.g. on the desktop)
+ '';
+ };
+
+ config = mkMerge [
+ (mkIf config.features.disablePasswordManager {
+ policies = {
+ # TODO: how exactly are passwords stored?
+ OfferToSaveLogins = false;
+ PasswordManagerEnabled = false;
+ };
+ })
+
+ (mkIf (!config.features.disablePasswordManager) {
+ preferences = {
+ # Ask for password every 15 minutes
+ security.ask_for_password = 2;
+ security.password_lifetime = 15; # minutes
+ signon.masterPasswordReprompt.timeout_ms = 15 * 60 * 1000;
+ };
+ })
+ ];
+}
diff --git a/profiles/disablePocket.nix b/profiles/disablePocket.nix
new file mode 100644
index 0000000..8014c6e
--- /dev/null
+++ b/profiles/disablePocket.nix
@@ -0,0 +1,21 @@
+{ config, lib, ... }: with lib; {
+ options.features.disablePocket = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Pocket allows saving sites to an external services.
+ For some reason, it has been integrated into Firefox directly,
+ instead of being offered as an extension.
+ '';
+ };
+
+ config = mkIf config.features.disablePocket {
+ policies = {
+ DisablePocket = true;
+ };
+
+ preferences = {
+ extensions.pocket.enabled = false;
+ };
+ };
+}
diff --git a/profiles/disableStudies.nix b/profiles/disableStudies.nix
new file mode 100644
index 0000000..b401fe0
--- /dev/null
+++ b/profiles/disableStudies.nix
@@ -0,0 +1,25 @@
+{ config, lib, ... }: with lib; {
+ options.features.disableStudies = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Firefox Shield Studies are meant to allow Mozilla to perform A/B testing
+ on Firefox users.
+ Studies have been used in the past to introduce surprising behaviour [1],
+ and we may want to prevent that from happening to our users.
+
+ [1]: https://blog.mozilla.org/firefox/update-looking-glass-add/
+ https://mozilla.github.io/normandy/user/end_user_interaction.html#opt-out-preference
+ '';
+ };
+
+ config = mkIf config.features.disableStudies {
+ policies = {
+ DisableFirefoxStudies = true;
+ };
+
+ preferences = {
+ app.shield.optoutstudies.enabled = false;
+ };
+ };
+}
diff --git a/profiles/disableTunnels.nix b/profiles/disableTunnels.nix
new file mode 100644
index 0000000..bf15485
--- /dev/null
+++ b/profiles/disableTunnels.nix
@@ -0,0 +1,27 @@
+{ config, lib, ... }: with lib; {
+ options.features.disableTunnels = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Take reasonable precautions against the use of a proxy, or an encrypted DNS tunnel.
+
+ This can make sense if we do DNS-level filtering, and the user does not have full control
+ over the device they're using.
+
+ If a motivated user has local write and execution privileges, it is unlikely that we can prevent
+ them from circumventing these restrictions.
+ '';
+ };
+
+ config.policies = mkIf config.features.disableTunnels {
+ DNSOverHTTPS = {
+ Enabled = false;
+ Locked = true;
+ };
+
+ Proxy = {
+ Mode = "none";
+ Locked = true;
+ };
+ };
+}
diff --git a/profiles/disableUpdates.nix b/profiles/disableUpdates.nix
new file mode 100644
index 0000000..ed5cccb
--- /dev/null
+++ b/profiles/disableUpdates.nix
@@ -0,0 +1,44 @@
+{ config, lib, ff, ... }: with lib; {
+ options.features.disableUpdates = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Disable all automatic updates, including:
+ - Firefox itself
+ - Extensions
+ - Search providers
+
+ If some or all of these are externally managed, we may want to prevent automatic
+ updates from undoing our changes.
+
+ If any properties of our deployment have been audited, automatic updates may introduce
+ unaudited components and compromise any guarantees made about the users security or privacy.
+ '';
+ };
+
+ config = lib.mkIf config.features.disableUpdates {
+ policies = {
+ DisableAppUpdate = true;
+ DisableSystemAddonUpdate = true;
+ ExtensionUpdate = false;
+
+ Preferences = ff.flattenAttrs {
+ app.update.auto = false;
+ browser.search.update = false;
+ };
+ };
+
+ preferences = {
+ # try really hard to prevent search engine resets, probably wrong
+ browser.search = {
+ update = false;
+ geoSpecificDefaults = false;
+ "geoSpecificDefaults.url" = "";
+ geoip.url = "";
+ suggest.enabled = false;
+ reset.enabled = false;
+ reset.whitelist = "";
+ };
+ };
+ };
+}
diff --git a/profiles/distrustUser.nix b/profiles/distrustUser.nix
index b90175b..0132224 100644
--- a/profiles/distrustUser.nix
+++ b/profiles/distrustUser.nix
@@ -1,4 +1,4 @@
-{ ffLib }: {
+{ ... }: {
policies = {
BlockAboutAddons = true;
BlockAboutConfig = true;
diff --git a/profiles/enableFission.nix b/profiles/enableFission.nix
new file mode 100644
index 0000000..036375b
--- /dev/null
+++ b/profiles/enableFission.nix
@@ -0,0 +1,7 @@
+{ ... }: {
+ # https://wiki.mozilla.org/Project_Fission#Enabling_Fission
+ preferences = {
+ fission.autostart = true;
+ gfx.webrender.all = true;
+ };
+}
diff --git a/profiles/fewerSimplifications.nix b/profiles/fewerSimplifications.nix
new file mode 100644
index 0000000..798a356
--- /dev/null
+++ b/profiles/fewerSimplifications.nix
@@ -0,0 +1,5 @@
+{ ... }: {
+ preferences = {
+ browser.urlbar.trimURLs = false;
+ };
+}
diff --git a/profiles/forgetActivity.nix b/profiles/forgetActivity.nix
index ba45b0b..85e2093 100644
--- a/profiles/forgetActivity.nix
+++ b/profiles/forgetActivity.nix
@@ -1,14 +1,20 @@
-{ }: {
- meta.description = ''
- Delete all data accumulated during the users browsing session,
- or prevent persistent storage in the first place.
- '';
-
- policies = {
- SanitizeOnShutdown = true;
+{ config, lib, ... }: with lib; {
+ options.dataFrugality.forgetActivity = lib.mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Delete all data accumulated during the users browsing session,
+ or prevent persistent storage in the first place.
+ '';
};
- preferences = {
- browser.cache.disk.enabled = false;
+ config = lib.mkIf config.dataFrugality.forgetActivity {
+ policies = {
+ SanitizeOnShutdown = true;
+ };
+
+ preferences = {
+ browser.cache.disk.enabled = false;
+ };
};
}
diff --git a/profiles/lessFingerprinting.nix b/profiles/lessFingerprinting.nix
index 71c8be5..2f31574 100644
--- a/profiles/lessFingerprinting.nix
+++ b/profiles/lessFingerprinting.nix
@@ -1,4 +1,4 @@
-{}: {
+{ ... }: {
# The specific pattern of anti-fingerprinting measures taken can itself be used for fingerprinting
preferences = {
dom.battery.enabled = false;
diff --git a/profiles/minimalConnections.nix b/profiles/minimalConnections.nix
index 8bf3a72..7ca2f1c 100644
--- a/profiles/minimalConnections.nix
+++ b/profiles/minimalConnections.nix
@@ -1,4 +1,4 @@
-{ ffLib }: {
+{ ff, ... }: {
meta.description = ''
Prevent unnecessary connections while browsing.
@@ -17,7 +17,7 @@
NetworkPrediction = false;
SearchSuggestEnabled = false;
- Preferences = ffLib.flattenAttrs {
+ Preferences = ff.flattenAttrs {
extensions = {
blocklist.enabled = false;
getAddons.showPane = false;
diff --git a/profiles/minimalHome.nix b/profiles/minimalHome.nix
index 475a562..3e53249 100644
--- a/profiles/minimalHome.nix
+++ b/profiles/minimalHome.nix
@@ -1,4 +1,4 @@
-{ ffLib }: {
+{ ff, ... }: {
meta.description = ''
The default start page contains a search field, selected default sites,
and past activity.
diff --git a/profiles/noAccounts.nix b/profiles/noAccounts.nix
deleted file mode 100644
index 3ca523d..0000000
--- a/profiles/noAccounts.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{ }: {
- meta.description = ''
- Disable Firefox Accounts.
-
- This may inconvenience users who already use them on other devices,
- but if we otherwise prevent the local storage of browsing information,
- it would be inconsistent to let the user sign in and potentionally
- store that same information remotely.
- '';
-
- preferences = {
- identity.fxaccounts.enabled = false;
- };
-}
diff --git a/profiles/noClutter.nix b/profiles/noClutter.nix
deleted file mode 100644
index 42e864a..0000000
--- a/profiles/noClutter.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ }: {
- meta.description = ''
- Disable potentionally distracting features, to let the user focus.
-
- This module does not aim to improve privacy or security.
- '';
-
- policies = {
- HomePage.StartPage = "none";
- };
-
- preferences = {
- browser.slowStartup.notificationDisabled = true;
- };
-}
diff --git a/profiles/noLocation.nix b/profiles/noLocation.nix
deleted file mode 100644
index 83563df..0000000
--- a/profiles/noLocation.nix
+++ /dev/null
@@ -1,18 +0,0 @@
-{ ffLib }: {
- meta.description = ''
- Forbid requests for the users precise location.
- The remote end will still be able to look up the users IP address in a database, for
- an approximate location.
- '';
-
- policies = {
- Permissions.Location = {
- BlockNewRequests = true;
- Locked = true;
- };
-
- Preferences = ffLib.flattenAttrs {
- geo.enabled = false;
- };
- };
-}
diff --git a/profiles/noMedia.nix b/profiles/noMedia.nix
deleted file mode 100644
index 32c960a..0000000
--- a/profiles/noMedia.nix
+++ /dev/null
@@ -1,26 +0,0 @@
-{ ffLib }: {
- meta.description = ''
- This assumes a deployment where video consumption does not occur often.
- It disables DRM and other encrypted media, as well as autoplay.
- '';
-
- policies = {
- Preferences = ffLib.flattenAttrs {
- media = {
- eme.enabled = false;
- gmp-gmpopenh264 = {
- enabled = false;
- autoupdate = false;
- };
- gmp-widevinecdm.enabled = false;
- peerconnection.enabled = false;
-
- autoplay = {
- default = 1;
- enabled.user-gestures-needed = true;
- allow-muted = false;
- };
- };
- };
- };
-}
diff --git a/profiles/noNormandy.nix b/profiles/noNormandy.nix
deleted file mode 100644
index 60decd2..0000000
--- a/profiles/noNormandy.nix
+++ /dev/null
@@ -1,19 +0,0 @@
-{ ffLib }: {
- meta.description = ''
- Normandy enables Mozilla to push changes to the default settings.
- Recently this was used to re-enable TLS 1.0 and 1.1 in FF 74, without releasing
- a new update.
-
- Normandy could be used to improve security, by pushing fixes to the default configuration
- after a bad release, but it can also be used to introduce/enable anti-features.
-
- Past activity can be reviewed at https://normandy.cdn.mozilla.net/api/v1/recipe/
- '';
-
- preferences = {
- app.normandy = {
- enabled = false;
- api_url = "";
- };
- };
-}
diff --git a/profiles/noPasswords.nix b/profiles/noPasswords.nix
deleted file mode 100644
index 9adceb7..0000000
--- a/profiles/noPasswords.nix
+++ /dev/null
@@ -1,27 +0,0 @@
-{ }: {
- meta.description = ''
- Prevent the user from storing any passwords in the browser.
- This can be justified if the physical security of the device is uncertain, or
- if the provider wants to avoid the responsiblity of storing such sensitive data.
-
- However, the users alternatives must be considered: what will a user do without the
- password manager?
-
- Possible "alternatives" (from user perspective) include:
- - Choose much weaker passwords
- - Store the passwords in an unencrypted form (e.g. on the desktop)
- '';
-
- policies = {
- # TODO: how exactly are passwords stored?
- OfferToSaveLogins = false;
- PasswordManagerEnabled = false;
- };
-
- preferences = {
- # Ask for password every 15 minutes
- security.ask_for_password = 2;
- security.password_lifetime = 15; # minutes
- signon.masterPasswordReprompt.timeout_ms = 15 * 60 * 1000;
- };
-}
diff --git a/profiles/noPocket.nix b/profiles/noPocket.nix
deleted file mode 100644
index 7582fd6..0000000
--- a/profiles/noPocket.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ ffLib }: {
- meta.description = ''
- Pocket allows saving sites to an external services.
- For some reason, it has been integrated into Firefox directly,
- instead of being offered as an extension.
- '';
-
- policies = {
- DisablePocket = true;
- };
-
- preferences = {
- extensions.pocket.enabled = false;
- };
-}
diff --git a/profiles/noStudies.nix b/profiles/noStudies.nix
deleted file mode 100644
index c6398d5..0000000
--- a/profiles/noStudies.nix
+++ /dev/null
@@ -1,19 +0,0 @@
-{ ffLib }: {
- meta.description = ''
- Firefox Shield Studies are meant to allow Mozilla to perform A/B testing
- on Firefox users.
- Studies have been used in the past to introduce surprising behaviour [1],
- and we may want to prevent that from happening to our users.
-
- [1]: https://blog.mozilla.org/firefox/update-looking-glass-add/
- https://mozilla.github.io/normandy/user/end_user_interaction.html#opt-out-preference
- '';
-
- policies = {
- DisableFirefoxStudies = true;
- };
-
- preferences = {
- app.shield.optoutstudies.enabled = false;
- };
-}
diff --git a/profiles/noTunnels.nix b/profiles/noTunnels.nix
deleted file mode 100644
index 292b034..0000000
--- a/profiles/noTunnels.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-{ }: {
- meta.description = ''
- Take reasonable precautions against the use of a proxy, or an encrypted DNS tunnel.
-
- This can make sense if we do DNS-level filtering, and the user does not have full control
- over the device they're using.
-
- If a motivated user has local write and execution privileges, it is unlikely that we can prevent
- them from circumventing these restrictions.
- '';
-
- policies = {
- DNSOverHTTPS = {
- Enabled = false;
- Locked = true;
- };
-
- Proxy = {
- Mode = "none";
- Locked = true;
- };
- };
-}
diff --git a/profiles/noUpdates.nix b/profiles/noUpdates.nix
deleted file mode 100644
index 921a969..0000000
--- a/profiles/noUpdates.nix
+++ /dev/null
@@ -1,38 +0,0 @@
-{ ffLib }: {
- meta.description = ''
- Disable all automatic updates, including:
- - Firefox itself
- - Extensions
- - Search providers
-
- If some or all of these are externally managed, we may want to prevent automatic
- updates from undoing our changes.
-
- If any properties of our deployment have been audited, automatic updates may introduce
- unaudited components and compromise any guarantees made about the users security or privacy.
- '';
-
- policies = {
- DisableAppUpdate = true;
- DisableSystemAddonUpdate = true;
- ExtensionUpdate = false;
-
- Preferences = ffLib.flattenAttrs {
- app.update.auto = false;
- browser.search.update = false;
- };
- };
-
- preferences = {
- # try really hard to prevent search engine resets, probably wrong
- browser.search = {
- update = false;
- geoSpecificDefaults = false;
- "geoSpecificDefaults.url" = "";
- geoip.url = "";
- suggest.enabled = false;
- reset.enabled = false;
- reset.whitelist = "";
- };
- };
-}
diff --git a/profiles/ocsp.nix b/profiles/ocsp.nix
index d56d8df..d109b54 100644
--- a/profiles/ocsp.nix
+++ b/profiles/ocsp.nix
@@ -1,4 +1,4 @@
-{ }: {
+{ config, lib, ... }: {
meta.description = ''
The Online Certificate Status Protocol is used to distrust revoked certificates.
When a new TLS connection is established, and OCSP stapling is not used, the browser checks with the
@@ -6,20 +6,30 @@
It should not be disabled for security-sensitive situations, but it may be disabled for privacy reasons.
'';
- enabled.preferences = {
- security.OCSP = {
- enabled = 1;
- # OCSP is useless, if the response is not mandatory
- require = true;
- };
-
- security.ssl = {
- enable_ocsp_stapling = true;
- enable_ocsp_must_staple = true;
- };
+ options = {
+ ocsp.enable = lib.mkEnableOption "OCSP";
};
- disabled.preferences = {
- security.OCSP.enabled = 0;
- };
+ config = lib.mkMerge [
+ (lib.mkIf config.ocsp.enable {
+ preferences = {
+ security.OCSP = {
+ enabled = 1;
+ # OCSP is useless, if the response is not mandatory
+ require = true;
+ };
+
+ security.ssl = {
+ enable_ocsp_stapling = true;
+ enable_ocsp_must_staple = true;
+ };
+ };
+ })
+
+ (lib.mkIf (!config.ocsp.enable) {
+ preferences = {
+ security.OCSP.enabled = 0;
+ };
+ })
+ ];
}
diff --git a/profiles/replaceAllUrls.nix b/profiles/replaceAllUrls.nix
index 8b71033..4c047ea 100644
--- a/profiles/replaceAllUrls.nix
+++ b/profiles/replaceAllUrls.nix
@@ -1,30 +1,35 @@
-{ ... }:
+{ config, lib, ... }:
+with lib;
let
# Requirements:
# - is valid connection target (from FF perspective)
# - doesn't have any negative effects on the user privacy or security
h = "127.0.0.1";
- u = "http://${h}";
+ u = lib.mkForce "http://${h}";
in {
- meta.description = ''
- Firefox communicates with external services in many different ways. Not all of them
- happen on startup, and they can be triggered on different intervals.
+ options.dataFrugality.replaceAllUrls = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Firefox communicates with external services in many different ways. Not all of them
+ happen on startup, and they can be triggered on different intervals.
- This is a desperate effort to prevent as much of that communication as possible, by depriving FF of all configurable
- URLs. It will break things, put the users security/privacy at risk, and probably shouldn't be enabled.
+ This is a desperate effort to prevent as much of that communication as possible, by depriving FF of all configurable
+ URLs. It will break things, put the users security/privacy at risk, and probably shouldn't be enabled.
- Even so, this list may be insufficient. It was created manually from an about:config listing
- for the searchterms "url", "uri", "endpoint", and "server", so it will miss hidden (but defaulted) and hardcoded URLs.
+ Even so, this list may be insufficient. It was created manually from an about:config listing
+ for the searchterms "url", "uri", "endpoint", and "server", so it will miss hidden (but defaulted) and hardcoded URLs.
- Further consideration for the placeholder value is required.
+ Further consideration for the placeholder value is required.
- Known issues:
- - This list will get outdated rather quickly
- - Typos and renaming of keys are not caught in any way
- '';
+ Known issues:
+ * This list will get outdated rather quickly
+ * Typos and renaming of keys are not caught in any way
+ '';
+ };
- preferences = {
+ config.preferences = lib.mkIf config.dataFrugality.replaceAllUrls {
app = {
feedback.baseURL = u;
releaseNotesURL = u;
diff --git a/profiles/restrict.nix b/profiles/restrict.nix
index 60f8516..3d0a26a 100644
--- a/profiles/restrict.nix
+++ b/profiles/restrict.nix
@@ -1,4 +1,4 @@
-{ ffLib }: {
+{ ff, ... }: {
meta.description = ''
This module assumes the user means to misconfigure the browser, and tries to prevent that.
It also attempts to keep the user from giving us any sensitive information in the first place.
diff --git a/profiles/safebrowsing.nix b/profiles/safebrowsing.nix
index 79f3c82..9a14c2c 100644
--- a/profiles/safebrowsing.nix
+++ b/profiles/safebrowsing.nix
@@ -1,4 +1,10 @@
-{ ffLib }: rec {
+{ config, lib, ... }:
+
+with lib;
+let
+ cfg = config.safebrowsing;
+ all = cfg.disableAll;
+in {
meta.description = ''
Safebrowsing is a feature meant to protect the user from malicious websites and downloads.
@@ -7,26 +13,24 @@
- https://wiki.mozilla.org/Security/Application_Reputation
'';
- disableDownloads.preferences = {
- browser.safebrowsing = {
- downloads = {
- # TODO: does this do offline checks?
+ options.safebrowsing = {
+ disableAll = lib.mkEnableOption "Disable all safebrowsing features";
+ disableDownloads = lib.mkEnableOption "Disable safebrowsing for downloads";
+ disablePhishing = lib.mkEnableOption "Disable safebrowsing regarding phishing";
+ disableMalware = lib.mkEnableOption "Disable safebrowsing regarding malware";
+ };
+
+ config.preferences.browser.safebrowsing = {
+ downloads = lib.mkIf (all || cfg.disableDownloads) {
+ # TODO: does this do offline checks?
+ enabled = false;
+ remote = {
enabled = false;
- remote = {
- enabled = false;
- url = "";
- };
+ url = "";
};
};
- };
- disablePhishing.preferences = {
- browser.safebrowsing.phishing.enabled = false;
+ phishing.enabled = mkIf (all || cfg.safebrowsing.disableDownloads) false;
+ malware.enabled = mkIf (all || cfg.safebrowsing.disableMalware) false;
};
-
- disableMalware.preferences = {
- browser.safebrowsing.malware.enabled = false;
- };
-
- disableAll = ffLib.mergeProfiles [ disableDownloads disablePhishing disableMalware ];
}
diff --git a/profiles/trackingprotection.nix b/profiles/trackingprotection.nix
new file mode 100644
index 0000000..f729df2
--- /dev/null
+++ b/profiles/trackingprotection.nix
@@ -0,0 +1,7 @@
+{ config, lib, ... }: {
+ options.trackingProtection.disableAll =
+ lib.mkEnableOption "Disable all inbuilt tracking protection";
+
+ config.preferences.browser.contentblocking.enabled =
+ lib.mkIf config.trackingProtection.disableAll false;
+}