From 5014c0ed2160393fb787b585127bce8f27fda722 Mon Sep 17 00:00:00 2001 From: tilpner Date: Fri, 6 Mar 2020 16:05:01 +0100 Subject: Separate policy into smaller modules --- nix/default.nix | 234 -------------------------------------------------------- 1 file changed, 234 deletions(-) delete mode 100644 nix/default.nix (limited to 'nix/default.nix') diff --git a/nix/default.nix b/nix/default.nix deleted file mode 100644 index b3ac1c2..0000000 --- a/nix/default.nix +++ /dev/null @@ -1,234 +0,0 @@ -with import {}; - -# http://kb.mozillazine.org/About:config_entries -# https://www.privacy-handbuch.de/download/moderat/user.js - -rec { - profiles = callPackage ./lib.nix {}; - search = callPackage ./search.nix {}; - - # Normandy enables Mozilla to push changes to the default settings - disableNormandy = { - app.normandy = { - enabled = false; - api_url = ""; - }; - }; - - disableTelemetry = { - toolkit.telemetry = { - enabled = false; - server = ""; - unified = false; - archive.enabled = false; - - newProfilePing.enabled = false; - firstShutdownPing.enabled = false; - shutdownPing.enabled = false; - updatePing.enabled = false; - }; - }; - - disableErrorReporting = { - breakpad.reportUrl = ""; - }; - - basic = { - network.captive-portal-service.enabled = false; - - # don't update search engines - browser.search = { - update = false; - geoSpecificDefaults = false; - "geoSpecificDefaults.url" = ""; - geoip.url = ""; - suggest.enabled = false; - reset.enabled = false; - reset.whitelist = ""; - }; - - # disable studies - # https://blog.mozilla.org/firefox/update-looking-glass-add/ - # https://mozilla.github.io/normandy/user/end_user_interaction.html#opt-out-preference - app.shield.optoutstudies.enabled = false; - - # disable pocket - extensions.pocket.enabled = false; - }; - - profile = profiles.profile { - preferences = basic; - search = search.mkSearchConfig { - engines = [ search.engines.qwantjunior ]; - }; - }; - - bundle = profiles.bundle { - # https://github.com/mozilla/policy-templates, about:policies#documentation - policies = { - BlockAboutAddons = false; - BlockAboutConfig = false; - BlockAboutProfiles = true; - - CaptivePortal = false; - - DisableMasterPasswordCreation = true; - DisableAppUpdate = true; - DisableFeedbackCommands = true; - DisableFirefoxAccounts = true; - DisableFirefoxStudies = true; - DisableFormHistory = true; - DisablePasswordReveal = true; - DisablePocket = true; - DisableProfileImport = true; - DisableProfileRefresh = true; - - DisableSecurityBypass = { - InvalidCertificate = true; - SafeBrowsing = false; - }; - - DisableSystemAddonUpdate = true; - DisableTelemetry = true; - - DNSOverHTTPS = { - Enabled = false; - Locked = true; - }; - - DontCheckDefaultBrowser = true; - - EnableTrackingProtection = { - Cryptomining = true; - Fingerprinting = true; - Value = true; - }; - - "3rdparty".Extensions = { - # uBlock Origin - "uBlock0@raymondhill.net".adminSettings = builtins.readFile ../ublock-config.json; - # Privacy Badger - "jid1-MnnxcxisBPnSXQ@jetpack" = { - showIntroPage = false; - }; - }; - - ExtensionSettings = - let - fetchAddon = args: "file://${pkgs.fetchurl args}"; - addon = args: { - installation_mode = "force_installed"; - install_url = fetchAddon args; - }; - in { - "*" = { - blocked_install_message = "Installation von Erweiterungen ist nicht zugelassen."; - install_sources = ["https://addons.mozilla.org/"]; - installation_mode = "blocked"; - allowed_types = ["extension"]; - }; - # Extension IDs as keys, .applications.gecko.id in manifest.json - # uBlock Origin - "uBlock0@raymondhill.net" = addon { - url = "https://addons.mozilla.org/firefox/downloads/file/3509800/ublock_origin-1.25.0-an+fx.xpi"; - sha256 = "0pyna4c2b2ffh8ifjj4c8ga9b73g37pk432nyinf8majyb1fq6rc"; - }; - # Privacy Badger - "jid1-MnnxcxisBPnSXQ@jetpack" = addon { - url = "https://addons.mozilla.org/firefox/downloads/file/3509922/privacy_badger-2020.2.19-an+fx.xpi"; - sha256 = "1issggv5wl5x3a4p3q8hrhbkhgsdx9f2qzbscg6y6f75yazswc20"; - }; - # NoScript - "{73a6fe31-595d-460b-a920-fcc0f8843232}" = addon { - url = "https://addons.mozilla.org/firefox/downloads/file/3517653/noscript_security_suite-11.0.15-an+fx.xpi"; - sha256 = "0gb0a6pp0rj9jpg1094arqvcwxh1rd2m47ijawlidybm29qmyyay"; - }; - }; - ExtensionUpdate = false; - - FlashPlugin.Default = false; - - FirefoxHome = { - Search = true; - TopSites = false; - Highlights = false; - Pocket = false; - Snippets = false; - Locked = true; - }; - - Homepage.StartPage = "none"; - - NewTabPage = false; - NoDefaultBookmarks = true; - NetworkPrediction = false; - - OfferToSaveLogins = false; - OverrideFirstRunPage = ""; - OverridePostUpdatePage = ""; - - PasswordManagerEnabled = false; - - Permissions.Location = { - BlockNewRequests = true; - Locked = true; - }; - - Preferences = profiles.flattenAttrs { - app.update.auto = false; - - browser = { - cache.disk.enable = false; - fixup.dns_first_for_single_words = true; - - safebrowsing = { - phishing.enabled = false; - malware.enabled = false; - }; - - search.update = false; - slowStartup.notificationDisabled = true; - }; - - dom.event.contextmenu.enabled = false; - - extensions = { - blocklist.enabled = false; - getAddons.showPane = false; - htmlaboutaddons.recommendations.enabled = false; - }; - - geo.enabled = false; - - media = { - eme.enabled = false; - gmp-gmpopenh264.enabled = false; - gmp-widevinecdm.enabled = false; - peerconnection.enabled = false; - }; - - network.IDN_show_punycode = true; - - security.ssl.errorReporting.enabled = false; - }; - - Proxy = { - Mode = "none"; - Locked = true; - }; - - RequestedLocales = [ "de-DE" "en-US" ]; - - SanitizeOnShutdown = true; - - SearchBar = "separate"; - SearchSuggestEnabled = false; - - SearchEngines = { - Remove = [ "twitter" "bing" ]; - }; - }; - }; - - launcher = profiles.launcher bundle; -} -- cgit v1.2.3