aboutsummaryrefslogtreecommitdiff
path: root/nix/systems/desktop
diff options
context:
space:
mode:
Diffstat (limited to 'nix/systems/desktop')
-rw-r--r--nix/systems/desktop/configuration.nix403
-rw-r--r--nix/systems/desktop/home.nix14
-rw-r--r--nix/systems/desktop/sda-simple.nix39
-rw-r--r--nix/systems/desktop/user.nix1381
-rw-r--r--nix/systems/desktop/vars.nix54
5 files changed, 0 insertions, 1891 deletions
diff --git a/nix/systems/desktop/configuration.nix b/nix/systems/desktop/configuration.nix
deleted file mode 100644
index e4f2439..0000000
--- a/nix/systems/desktop/configuration.nix
+++ /dev/null
@@ -1,403 +0,0 @@
-{ pkgs, lib, ... }:
-let
- vars = import ./vars.nix;
-in
-{
- imports = [];
-
-
- documentation = {
- enable = true;
- man.enable = true;
- dev.enable = true;
- };
-
- environment = {
- etc = {
- securetty.text = ''
- # /etc/securetty: list of terminals on which root is allowed to login.
- # See securetty(5) and login(1).
- '';
- };
- };
-
- systemd = {
- coredump.enable = false;
- network.config.networkConfig.IPv6PrivacyExtensions = "kernel";
- tmpfiles.settings = {
- "restricthome"."/home/*".Z.mode = "~0700";
-
- "restrictetcnixos"."/etc/nixos/*".Z = {
- mode = "0000";
- user = "root";
- group = "root";
- };
- };
- };
-
-
- boot = {
- extraModulePackages = [ ];
-
- initrd = {
- availableKernelModules = [
- "xhci_pci"
- "ahci"
- "usb_storage"
- "sd_mod"
- "nvme"
- "sd_mod"
- "ehci_pci"
- "rtsx_pci_sdmmc"
- "usbhid"
- ];
-
- kernelModules = [ ];
- };
-
- lanzaboote = {
- enable = vars.secureBoot;
- pkiBundle = "/etc/secureboot";
- };
-
- loader = {
- systemd-boot.enable = lib.mkForce (! vars.secureBoot);
- efi.canTouchEfiVariables = true;
- };
-
- kernelModules = [
- "snd-seq"
- "snd-rawmidi"
- "xhci_hcd"
- "kvm_intel"
- ];
-
- kernelParams = [
- "debugfs=off"
- "page_alloc.shuffle=1"
- "slab_nomerge"
- "page_poison=1"
-
- # madaidan
- "pti=on"
- "randomize_kstack_offset=on"
- "vsyscall=none"
- "module.sig_enforce=1"
- "lockdown=confidentiality"
-
- # cpu
- "spectre_v2=on"
- "spec_store_bypass_disable=on"
- "tsx=off"
- "tsx_async_abort=full,nosmt"
- "mds=full,nosmt"
- "l1tf=full,force"
- "nosmt=force"
- "kvm.nx_huge_pages=force"
-
- # hardened
- "extra_latent_entropy"
-
- # mineral
- "init_on_alloc=1"
- "random.trust_cpu=off"
- "random.trust_bootloader=off"
- "intel_iommu=on"
- "amd_iommu=force_isolation"
- "iommu=force"
- "iommu.strict=1"
- "init_on_free=1"
- "quiet"
- "loglevel=0"
- ];
-
- blacklistedKernelModules = [
- "netrom"
- "rose"
-
- "adfs"
- "affs"
- "bfs"
- "befs"
- "cramfs"
- "efs"
- "erofs"
- "exofs"
- "freevxfs"
- "f2fs"
- "hfs"
- "hpfs"
- "jfs"
- "minix"
- "nilfs2"
- "ntfs"
- "omfs"
- "qnx4"
- "qnx6"
- "sysv"
- "ufs"
- ];
-
- kernel.sysctl = {
- "kernel.ftrace_enabled" = false;
- "net.core.bpf_jit_enable" = false;
- "kernel.kptr_restrict" = 2;
-
- # madaidan
- "vm.swappiness" = 1;
- "vm.unprivileged_userfaultfd" = 0;
- "dev.tty.ldisc_autoload" = 0;
- "kernel.kexec_load_disabled" = 1;
- "kernel.sysrq" = 4;
- "kernel.perf_event_paranoid" = 3;
-
- # net
- "net.ipv4.icmp_echo_ignore_broadcasts" = true;
-
- "net.ipv4.conf.all.accept_redirects" = false;
- "net.ipv4.conf.all.secure_redirects" = false;
- "net.ipv4.conf.default.accept_redirects" = false;
- "net.ipv4.conf.default.secure_redirects" = false;
- "net.ipv6.conf.all.accept_redirects" = false;
- "net.ipv6.conf.default.accept_redirects" = false;
- };
- };
-
- networking = {
- useDHCP = lib.mkDefault true;
- hostName = vars.hostName;
- networkmanager = {
- enable = true;
- # wifi.macAddress = "";
- };
- firewall = {
- allowedTCPPorts = [ ];
- allowedUDPPorts = [ ];
- };
- };
-
- hardware = {
- enableAllFirmware = true;
- cpu.intel.updateMicrocode = true;
- bluetooth = {
- enable = true;
- powerOnBoot = true;
- };
-
- graphics = {
- enable = true;
- };
-
- pulseaudio.enable = false;
- };
-
- services = {
- chrony = {
- enable = true;
- enableNTS = true;
- servers = [ "time.cloudflare.com" "ptbtime1.ptb.de" "ptbtime2.ptb.de" ];
- };
-
- jitterentropy-rngd.enable = true;
- resolved.dnssec = true;
- # usbguard.enable = true;
- usbguard.enable = false;
- dbus = {
- apparmor = "enabled";
- };
-
- tor = {
- enable = true;
- openFirewall = true;
- client = {
- enable = true;
- socksListenAddress = {
- IsolateDestAddr = true;
- addr = "127.0.0.1";
- port = 9050;
- };
- dns.enable = true;
- };
- torsocks = {
- enable = true;
- server = "127.0.0.1:9050";
- };
- };
-
- xserver = {
- displayManager = {
- startx.enable = true;
- };
-
- windowManager = {
- i3 = {
- enable = true;
- package = pkgs.i3-gaps;
- };
- };
-
- desktopManager = {
- runXdgAutostartIfNone = true;
- };
-
- xkb = {
- layout = "us";
- variant = "";
- options = "caps:escape";
- };
-
- videoDrivers = vars.videoDrivers;
- enable = true;
- };
-
- pipewire = {
- enable = true;
- alsa = {
- enable = true;
- support32Bit = true;
- };
- pulse.enable = true;
- jack.enable = true;
- wireplumber.enable = true;
- extraConfig.pipewire-pulse."92-low-latency" = {
- "context.properties" = [
- {
- name = "libpipewire-module-protocol-pulse";
- args = { };
- }
- ];
- "pulse.properties" = {
- "pulse.min.req" = "32/48000";
- "pulse.default.req" = "32/48000";
- "pulse.max.req" = "32/48000";
- "pulse.min.quantum" = "32/48000";
- "pulse.max.quantum" = "32/48000";
- };
- "stream.properties" = {
- "node.latency" = "32/48000";
- "resample.quality" = 1;
- };
- };
- };
-
- kanata = {
- enable = true;
- };
-
- openssh = {
- enable = true;
- settings = {
- PasswordAuthentication = true;
- AllowUsers = [ vars.userName ];
- PermitRootLogin = "no";
- KbdInteractiveAuthentication = false;
- };
- };
-
- # Misc.
- udev = {
- extraRules = '''';
- packages = with pkgs; [
- platformio-core
- platformio-core.udev
- openocd
- ];
- };
-
- printing.enable = true;
- udisks2.enable = true;
- };
-
- programs = {
- nix-ld.enable = true;
- zsh.enable = true;
- light.enable = true;
- ssh.enableAskPassword = false;
- };
-
- nixpkgs = {
- hostPlatform = lib.mkDefault "x86_64-linux";
- config = {
- allowUnfree = true;
- cudaSupport = false;
- };
- };
-
- security = {
- apparmor = {
- enable = true;
- killUnconfinedConfinables = true;
- };
-
- pam.loginLimits = [
- { domain = "*"; item = "nofile"; type = "-"; value = "32768"; }
- { domain = "*"; item = "memlock"; type = "-"; value = "32768"; }
- ];
- rtkit.enable = true;
-
- lockKernelModules = true;
- protectKernelImage = true;
- allowSimultaneousMultithreading = false;
- forcePageTableIsolation = true;
-
- tpm2 = {
- enable = true;
- pkcs11.enable = true;
- tctiEnvironment.enable = true;
- };
-
- auditd.enable = true;
- audit.enable = true;
- chromiumSuidSandbox.enable = true;
- sudo.enable = true;
- };
-
- xdg.portal = {
- enable = true;
- wlr.enable = true;
- extraPortals = with pkgs; [
- xdg-desktop-portal-gtk
- xdg-desktop-portal
- xdg-desktop-portal-hyprland
- ];
- config.common.default = "*";
- };
-
- environment.systemPackages = with pkgs; [
- cryptsetup
- restic
- sbctl
- linux-manual
- man-pages
- man-pages-posix
- tree
- ];
-
-
- users.users = {
- root.openssh.authorizedKeys.keys = [
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSshvS1N/42pH9Unp3Zj4gjqs9BXoin99oaFWYHXZDJ preston@preston-arch"
- ];
-
- "${vars.userName}" = {
- initialPassword = "${vars.userName}";
- isNormalUser = true;
- description = vars.fullName;
- extraGroups = [ "networkmanager" "wheel" "video" "docker" "jackaudio" "tss" "dialout" ];
- shell = pkgs.zsh;
- packages = [];
- };
- };
-
-
- nix.settings.experimental-features = "nix-command flakes";
- time.timeZone = vars.timeZone;
- i18n.defaultLocale = "en_CA.UTF-8";
-
- system = {
- stateVersion = "24.11";
- nixos = {
- tags = [ "continuity-2.0" ];
- };
- };
-}
diff --git a/nix/systems/desktop/home.nix b/nix/systems/desktop/home.nix
deleted file mode 100644
index f1a11df..0000000
--- a/nix/systems/desktop/home.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{ sops-nix, ... }:
-let
- vars = import ./vars.nix;
-in
-{
- home-manager = {
- sharedModules = [
- sops-nix.homeManagerModules.sops
- ];
- useGlobalPkgs = true;
- useUserPackages = true;
- users."${vars.userName}" = import ./user.nix;
- };
-}
diff --git a/nix/systems/desktop/sda-simple.nix b/nix/systems/desktop/sda-simple.nix
deleted file mode 100644
index 86263dd..0000000
--- a/nix/systems/desktop/sda-simple.nix
+++ /dev/null
@@ -1,39 +0,0 @@
-# This will install a simple system with a root and boot partition.
-# Make sure to change the entry device entry to the one that you
-# are installing the configuration to.
-{
- disko.devices = {
- disk = {
- my-disk = {
- # change this entry
- device = "/dev/sda";
- type = "disk";
- content = {
- type = "gpt";
- partitions = {
- ESP = {
- type = "EF00";
- size = "500M";
- priority = 1;
- content = {
- type = "filesystem";
- format = "vfat";
- mountpoint = "/boot";
- mountOptions = [ "umask=0077" ];
- };
- };
- root = {
- size = "100%";
- priority = 2;
- content = {
- type = "filesystem";
- format = "ext4";
- mountpoint = "/";
- };
- };
- };
- };
- };
- };
- };
-}
diff --git a/nix/systems/desktop/user.nix b/nix/systems/desktop/user.nix
deleted file mode 100644
index eeda20e..0000000
--- a/nix/systems/desktop/user.nix
+++ /dev/null
@@ -1,1381 +0,0 @@
-{ lib, config, pkgs, wallpapers, scripts, ... }:
-let
- vars = import ./vars.nix;
-in
-{
- sops = {
- defaultSopsFile = ../../secrets/secrets.yaml;
- age = {
- keyFile = "/home/${vars.userName}/.ssh/keys.txt";
- };
- secrets.mail = {
- format = "yaml";
- path = "${config.sops.defaultSymlinkPath}/mail";
- };
- secrets.digikey = {
- format = "yaml";
- path = "${config.sops.defaultSymlinkPath}/digikey";
- };
-
- defaultSymlinkPath = "/run/user/1000/secrets";
- defaultSecretsMountPoint = "/run/user/1000/secrets.d";
- };
-
- home = {
- activation.startup-files = lib.hm.dag.entryAfter [ "installPackages" ] ''
- if [ ! -d "/home/${vars.userName}/src/publish-org-roam-ui" ]; then
- mkdir -p /home/${vars.userName}/src
- ${pkgs.git}/bin/git clone https://git.${vars.remoteHost}/publish-org-roam-ui.git /home/${vars.userName}/src/publish-org-roam-ui
- fi
- if [ ! -d "/home/${vars.userName}/email/ret2pop/" ]; then
- mkdir -p /home/${vars.userName}/email/ret2pop/
- fi
- if [ ! -d "/home/${vars.userName}/music" ]; then
- mkdir -p /home/${vars.userName}/music
- fi
- if [ ! -d "/home/${vars.userName}/sounds" ]; then
- mkdir -p /home/${vars.userName}/sounds
- fi
- touch /home/${vars.userName}/org/agenda.org
- touch /home/${vars.userName}/org/notes.org
- if [ ! -f "/home/${vars.userName}/.toughnix" ]; then
- echo "Don't delete this file. Autogen by home manager" > "/home/${vars.userName}/.toughnix"
- fi
- '';
-
- enableNixpkgsReleaseCheck = false;
- username = vars.userName;
- homeDirectory = "/home/${vars.userName}";
- stateVersion = "24.11";
-
- packages = with pkgs; [
- age
- acpilight
- alsa-utils
- autobuild
- bash-language-server
- bear
- bitcoin
- bun
- cargo
- clang
- clang-tools
- curl
- electrum
- ffmpeg
- fira-code
- font-awesome_6
- fswebcam
- gdb
- ghostscript
- git
- gnumake
- gnupg
- graphviz
- grim
- gum
- (writeShellScriptBin "post-install" ''
-cd $HOME
-ping -q -c1 google.com &>/dev/null && echo "online! Proceeding with the post-install..." || nmtui
-sudo chown -R "$(whoami)":users ./monorepo
-
-sudo nixos-rebuild switch --flake ./monorepo/nix#continuity
-echo "Post install done! Now install your ssh and gpg keys. Log in again."
-sleep 3
-exit
-'')
- helvum
- imagemagick
- inkscape
- jq
- krita
- libnotify
- miniserve
- monero-cli
- monero-gui
- mpc-cli
- mu
- nil
- nixd
- nixfmt-rfc-style
- nodejs
- noto-fonts
- noto-fonts-cjk-sans
- noto-fonts-emoji
- octaveFull
- openscad
- openscad-lsp
- pandoc
- passExtensions.pass-otp
- pavucontrol
- pfetch
- pinentry
- poetry
- python3
- python312Packages.jedi
- rsync
- rust-analyzer
- rustfmt
- solc
- sops
- sox
- swww
- texliveFull
- tor-browser
- torsocks
- typescript
- vesktop
- vim
- vscode-langservers-extracted
- x11_ssh_askpass
- xdg-utils
- yarn
- (aspellWithDicts
- (dicts: with dicts; [ en en-computers en-science ]))
- (nerdfonts.override { fonts = [ "Iosevka" ]; })
- (pass.withExtensions (ext: with ext; [
- pass-otp
- pass-import
- pass-genphrase
- pass-update
- pass-tomb
- ]))
- ];
- };
-
- services = {
- mako = {
- enable = true;
- backgroundColor = "#11111bf8";
- textColor = "#cdd6f4";
- borderColor = "#89b4faff";
- borderRadius = 1;
- font = "Fira Code 10";
- defaultTimeout = 3000;
- extraConfig = ''
-on-notify=exec mpv /home/${vars.userName}/sounds/notification.wav --no-config --no-video
-'';
- };
-
- gpg-agent = {
- pinentryPackage = pkgs.pinentry-emacs;
- enable = true;
- extraConfig = ''
- allow-emacs-pinentry
- allow-loopback-pinentry
- '';
- };
-
- gammastep = {
- enable = true;
- provider = "manual";
- latitude = 49.282730;
- longitude = -123.120735;
-
- temperature = {
- day = 5000;
- night = 3000;
- };
-
- settings = {
- general = {
- adjustment-method = "wayland";
- };
- };
- };
-
- mpd = {
- enable = true;
- dbFile = "/home/${vars.userName}/.config/mpd/db";
- dataDir = "/home/${vars.userName}/.config/mpd/";
- network.port = 6600;
- musicDirectory = "/home/${vars.userName}/music";
- playlistDirectory = "/home/${vars.userName}/.config/mpd/playlists";
- network.listenAddress = "0.0.0.0";
- extraConfig = ''
- audio_output {
- type "pipewire"
- name "pipewire output"
- }
- audio_output {
- type "httpd"
- name "My HTTP Stream"
- encoder "opus" # optional
- port "8000"
- # quality "5.0" # do not define if bitrate is defined
- bitrate "128000" # do not define if quality is defined
- format "48000:16:1"
- always_on "yes" # prevent MPD from disconnecting all listeners when playback is stopped.
- tags "yes" # httpd supports sending tags to listening streams.
- }
- '';
- };
- };
-
- programs = {
- chromium = {
- package = pkgs.chromium;
- enable = true;
- extensions = [
- "ddkjiahejlhfcafbddmgiahcphecmpfh" # ublock-origin lite
- "dbepggeogbaibhgnhhndojpepiihcmeb" # vimium
- "eimadpbcbfnmbkopoojfekhnkhdbieeh" # dark reader
- "oicakdoenlelpjnkoljnaakdofplkgnd" # tree style tabs
- "nkbihfbeogaeaoehlefnkodbefgpgknn" # metamask
- ];
- };
-
- mpv = {
- enable = true;
- config = {
- profile = "gpu-hq";
- force-window = true;
- ytdl-format = "bestvideo+bestaudio";
- cache-default = 4000000;
- };
- };
-
- yt-dlp = {
- enable = true;
- settings = {
- embed-thumbnail = true;
- embed-subs = true;
- sub-langs = "all";
- downloader = "aria2c";
- downloader-args = "aria2c:'-c -x8 -s8 -k1M'";
- };
- };
-
- wofi = {
- enable = true;
- settings = {
- location = "bottom-right";
- allow_markup = true;
- show = "drun";
- width = 750;
- height = 400;
- always_parse_args = true;
- show_all = false;
- term = "kitty";
- hide_scroll = true;
- print_command = true;
- insensitive = true;
- prompt = "Run what, Commander?";
- columns = 2;
- };
-
- style = ''
- @define-color rosewater #f5e0dc;
- @define-color rosewater-rgb rgb(245, 224, 220);
- @define-color flamingo #f2cdcd;
- @define-color flamingo-rgb rgb(242, 205, 205);
- @define-color pink #f5c2e7;
- @define-color pink-rgb rgb(245, 194, 231);
- @define-color mauve #cba6f7;
- @define-color mauve-rgb rgb(203, 166, 247);
- @define-color red #f38ba8;
- @define-color red-rgb rgb(243, 139, 168);
- @define-color maroon #eba0ac;
- @define-color maroon-rgb rgb(235, 160, 172);
- @define-color peach #fab387;
- @define-color peach-rgb rgb(250, 179, 135);
- @define-color yellow #f9e2af;
- @define-color yellow-rgb rgb(249, 226, 175);
- @define-color green #a6e3a1;
- @define-color green-rgb rgb(166, 227, 161);
- @define-color teal #94e2d5;
- @define-color teal-rgb rgb(148, 226, 213);
- @define-color sky #89dceb;
- @define-color sky-rgb rgb(137, 220, 235);
- @define-color sapphire #74c7ec;
- @define-color sapphire-rgb rgb(116, 199, 236);
- @define-color blue #89b4fa;
- @define-color blue-rgb rgb(137, 180, 250);
- @define-color lavender #b4befe;
- @define-color lavender-rgb rgb(180, 190, 254);
- @define-color text #cdd6f4;
- @define-color text-rgb rgb(205, 214, 244);
- @define-color subtext1 #bac2de;
- @define-color subtext1-rgb rgb(186, 194, 222);
- @define-color subtext0 #a6adc8;
- @define-color subtext0-rgb rgb(166, 173, 200);
- @define-color overlay2 #9399b2;
- @define-color overlay2-rgb rgb(147, 153, 178);
- @define-color overlay1 #7f849c;
- @define-color overlay1-rgb rgb(127, 132, 156);
- @define-color overlay0 #6c7086;
- @define-color overlay0-rgb rgb(108, 112, 134);
- @define-color surface2 #585b70;
- @define-color surface2-rgb rgb(88, 91, 112);
- @define-color surface1 #45475a;
- @define-color surface1-rgb rgb(69, 71, 90);
- @define-color surface0 #313244;
- @define-color surface0-rgb rgb(49, 50, 68);
- @define-color base #1e1e2e;
- @define-color base-rgb rgb(30, 30, 46);
- @define-color mantle #181825;
- @define-color mantle-rgb rgb(24, 24, 37);
- @define-color crust #11111b;
- @define-color crust-rgb rgb(17, 17, 27);
-
- * {
- font-family: 'Iosevka Nerd Font', monospace;
- font-size: 14px;
- }
-
- /* Window */
- window {
- margin: 0px;
- padding: 10px;
- border: 0.16em solid @lavender;
- border-radius: 0.1em;
- background-color: @base;
- animation: slideIn 0.5s ease-in-out both;
- }
-
- /* Slide In */
- @keyframes slideIn {
- 0% {
- opacity: 0;
- }
-
- 100% {
- opacity: 1;
- }
- }
-
- /* Inner Box */
- #inner-box {
- margin: 5px;
- padding: 10px;
- border: none;
- background-color: @base;
- animation: fadeIn 0.5s ease-in-out both;
- }
-
- /* Fade In */
- @keyframes fadeIn {
- 0% {
- opacity: 0;
- }
-
- 100% {
- opacity: 1;
- }
- }
-
- /* Outer Box */
- #outer-box {
- margin: 5px;
- padding: 10px;
- border: none;
- background-color: @base;
- }
-
- /* Scroll */
- #scroll {
- margin: 0px;
- padding: 10px;
- border: none;
- background-color: @base;
- }
-
- /* Input */
- #input {
- margin: 5px 20px;
- padding: 10px;
- border: none;
- border-radius: 0.1em;
- color: @text;
- background-color: @base;
- animation: fadeIn 0.5s ease-in-out both;
- }
-
- #input image {
- border: none;
- color: @red;
- }
-
- #input * {
- outline: 4px solid @red!important;
- }
-
- /* Text */
- #text {
- margin: 5px;
- border: none;
- color: @text;
- animation: fadeIn 0.5s ease-in-out both;
- }
-
- #entry {
- background-color: @base;
- }
-
- #entry arrow {
- border: none;
- color: @lavender;
- }
-
- /* Selected Entry */
- #entry:selected {
- border: 0.11em solid @lavender;
- }
-
- #entry:selected #text {
- color: @mauve;
- }
-
- #entry:drop(active) {
- background-color: @lavender!important;
- }
- '';
- };
-
- kitty = {
- enable = true;
- settings = {
- enable_audio_bell = false;
- font_family = "Iosevka Nerd Font";
- font_size = 14;
- confirm_os_window_close = 0;
- background_opacity = "0.9";
- # Catppuccin theme
- foreground = "#cdd6f4";
- background = "#1e1e2e";
- selection_foreground = "#1e1e2e";
- selection_background = "#f5e0dc";
- cursor = "#f5e0dc";
- cursor_text_color = "#1e1e2e";
- url_color = "#f5e0dc";
- active_border_color = "#B4BEFE";
- inactive_border_color = "#6C7086";
- bell_border_color = "#F9E2AF";
- wayland_titlebar_color = "#1E1E2E";
- macos_titlebar_color = "#1E1E2E";
- active_tab_foreground = "#11111B";
- active_tab_background = "#CBA6F7";
- inactive_tab_foreground = "#CDD6F4";
- inactive_tab_background = "#181825";
- tab_bar_background = "#11111B";
- mark1_foreground = "#1E1E2E";
- mark1_background = "#B4BEFE";
- mark2_foreground = "#1E1E2E";
- mark2_background = "#CBA6F7";
- mark3_foreground = "#1E1E2E";
- mark3_background = "#74C7EC";
- color0 = "#45475A";
- color8 = "#585B70";
- color1 = "#F38BA8";
- color9 = "#F38BA8";
- color2 = "#A6E3A1";
- color10 = "#A6E3A1";
- color3 = "#F9E2AF";
- color11 = "#F9E2AF";
- color4 = "#89B4FA";
- color12 = "#89B4FA";
- color5 = "#F5C2E7";
- color13 = "#F5C2E7";
- color6 = "#94E2D5";
- color14 = "#94E2D5";
- color7 = "#BAC2DE";
- color15 = "#A6ADC8";
- };
- };
-
- firefox = {
- policies = {
- EnableTrackingProtection = true;
- OfferToSaveLogins = false;
- };
-
- package = pkgs.firefox-wayland;
- enable = true;
-
- profiles = {
- default = {
- id = 0;
- name = "default";
- isDefault = true;
-
- extensions = with pkgs.nur.repos.rycee.firefox-addons; [
- ublock-origin
- tree-style-tab
- firefox-color
- vimium
- metamask
- ];
-
- settings = {
- media = {
- memory_cache_max_size = 65536;
- cache_readahead_limit = 7200;
- cache_resume_threshold = 3600;
- peerconnection.ice = {
- proxy_only_if_behind_proxy = true;
- default_address_only = true;
- };
- };
-
- gfx = {
- content.skia-font-cache-size = 20;
- canvas.accelerated = {
- cache-items = 4096;
- cache-size = 512;
- };
- };
-
- network = {
- http = {
- max-connections = 1800;
- max-persistent-connections-per-server = 10;
- max-urgent-start-excessive-connections-per-host = 5;
- referer.XOriginTrimmingPolicy = 2;
- };
-
- buffer.cache = {
- size = 262144;
- count = 128;
- };
-
- dns = {
- max_high_priority_threads = 8;
- disablePrefetch = true;
- };
-
- pacing.requests.enabled = false;
- dnsCacheExpiration = 3600;
- ssl_tokens_cache_capacity = 10240;
- prefetch-next = false;
- predictor.enabled = false;
- cookie.sameSite.noneRequiresSecure = true;
- IDN_show_punycode = true;
- auth.subresource-http-auth-allow = 1;
- captive-portal-service.enabled = false;
- connectivity-service.enabled = false;
- };
-
- browser = {
- download = {
- always_ask_before_handling_new_types = true;
- manager.addToRecentDocs = false;
- open_pdf_attachments_inline = true;
- start_downloads_in_tmp_dir = true;
- };
-
- urlbar = {
- suggest.quicksuggest.sponsored = false;
- suggest.quicksuggest.nonsponsored = false;
- suggest.calculator = true;
- update2.engineAliasRefresh = true;
- unitConversion.enabled = true;
- trending.featureGate = false;
- };
-
- search = {
- separatePrivateDefault.ui.enabled = true;
- suggest.enabled = false;
- };
-
- newtabpage.activity-stream = {
- feeds = {
- topsites = false;
- section.topstories = false;
- telemetry = false;
- };
- asrouter.userprefs.cfr = {
- addons = false;
- features = false;
- };
- telemetry = false;
- };
-
- privatebrowsing = {
- vpnpromourl = "";
- forceMediaMemoryCache = true;
- };
-
- display = {
- focus_ring_on_anything = true;
- focus_ring_style = 0;
- focus_ring_width = 0;
- };
-
- cache.jsbc_compression_level = 3;
- helperApps.deleteTempFileOnExit = true;
- uitour.enabled = false;
- sessionstore.interval = 60000;
- formfill.enable = false;
- xul.error_pages.expert_bad_cert = true;
- contentblocking.category = "strict";
- ping-centre.telemetry = false;
- discovery.enabled = false;
- shell.checkDefaultBrowser = false;
- preferences.moreFromMozilla = false;
- tabs.tabmanager.enabled = false;
- aboutConfig.showWarning = false;
- aboutwelcome.enabled = false;
- bookmarks.openInTabClosesMenu = false;
- menu.showViewImageInfo = true;
- compactmode.show = true;
- safebrowsing.downloads.remote.enabled = false;
- tabs.crashReporting.sendReport = false;
- crashReports.unsubmittedCheck.autoSubmit2 = false;
- privateWindowSeparation.enabled = false;
- };
-
- security = {
- mixed_content = {
- block_display_content = true;
- upgrade_display_content = true;
- };
- insecure_connection_text = {
- enabled = true;
- pbmode.enabled = true;
- };
- OCSP.enabled = 0;
- remote_settings.crlite_filters.enabled = true;
- pki.crlite_mode = 2;
- ssl.treat_unsafe_negotiation_as_broken = true;
- tls.enable_0rtt_data = false;
- };
-
- toolkit = {
- telemetry = {
- unified = false;
- enabled = false;
- server = "data:,";
- archive.enabled = false;
- newProfilePing.enabled = false;
- shutdownPingSender.enabled = false;
- updatePing.enabled = false;
- bhrPing.enabled = false;
- firstShutdownPing.enabled = false;
- coverage.opt-out = true;
- };
- coverage = {
- opt-out = true;
- endpoint.base = "";
- };
- legacyUserProfileCustomizations.stylesheets = true;
- };
-
- dom = {
- security = {
- https_first = true;
- https_first_schemeless = true;
- sanitizer.enabled = true;
- };
- enable_web_task_scheduling = true;
- };
-
- layout = {
- css = {
- grid-template-masonry-value.enabled = true;
- has-selector.enabled = true;
- prefers-color-scheme.content-override = 2;
- };
- word_select.eat_space_to_next_word = false;
- };
-
- urlclassifier = {
- trackingSkipURLs = "*.reddit.com, *.twitter.com, *.twimg.com, *.tiktok.com";
- features.socialtracking.skipURLs = "*.instagram.com, *.twitter.com, *.twimg.com";
- };
-
- privacy = {
- globalprivacycontrol.enabled = true;
- history.custom = true;
- userContext.ui.enabled = true;
- };
-
- full-screen-api = {
- transition-duration = {
- enter = "0 0";
- leave = "0 0";
- };
- warning = {
- delay = -1;
- timeout = 0;
- };
- };
-
- permissions.default = {
- desktop-notification = 2;
- geo = 2;
- };
-
- signon = {
- formlessCapture.enabled = false;
- privateBrowsingCapture.enabled = false;
- };
-
- datareporting = {
- policy.dataSubmissionEnabled = false;
- healthreport.uploadEnabled = false;
- };
-
- extensions = {
- pocket.enabled =