diff options
| -rw-r--r-- | configuration.nix | 255 | ||||
| -rw-r--r-- | flake.nix | 27 | ||||
| -rw-r--r-- | home.nix | 1172 |
3 files changed, 806 insertions, 648 deletions
diff --git a/configuration.nix b/configuration.nix index dd696e3..150304c 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,100 +1,153 @@ { config, pkgs, ... }: { - nixpkgs.config.cudaSupport = true; imports = [ ./hardware-configuration.nix ]; - nix.settings.experimental-features = "nix-command flakes"; - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; + boot.loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; - networking.hostName = "continuity"; - networking.networkmanager.enable = true; - networking.firewall = { - allowedTCPPorts = [ 80 443 6600 8000 11434 7777 ]; + networking = { + hostName = "continuity"; + networkmanager.enable = true; + firewall = { + allowedTCPPorts = [ 80 443 6600 8000 11434 7777 ]; + }; }; - time.timeZone = "America/Vancouver"; + hardware = { + bluetooth = { + enable = true; + powerOnBoot = true; + }; + graphics = { + enable = true; + extraPackages = with pkgs; [ + vaapiVdpau + libvdpau-va-gl + nvidia-vaapi-driver + ]; + }; + nvidia = { + modesetting.enable = true; + powerManagement = { + enable = true; + finegrained = false; + }; + nvidiaSettings = true; + open = false; + package = config.boot.kernelPackages.nvidiaPackages.stable; + }; + pulseaudio.enable = false; + }; - i18n.defaultLocale = "en_CA.UTF-8"; + services = { + xserver = { + enable = true; + displayManager = { + startx.enable = true; + }; + desktopManager = { + runXdgAutostartIfNone = true; + }; + videoDrivers = [ "nvidia" ]; + xkb = { + layout = "us"; + variant = ""; + options = "caps:escape"; + }; + }; - services.xserver.enable = true; - services.xserver.displayManager.startx.enable = true; - services.xserver.desktopManager.runXdgAutostartIfNone = true; + pipewire = { + enable = true; + alsa = { + enable = true; + support32Bit = true; + }; + pulse.enable = true; + jack.enable = true; + #media-session.enable = true; + }; - hardware.bluetooth.enable = true; - hardware.bluetooth.powerOnBoot = true; - hardware.graphics = { - enable = true; - extraPackages = with pkgs; [ - vaapiVdpau - libvdpau-va-gl - nvidia-vaapi-driver - ]; - }; - services.blueman.enable = true; + kanata = { + enable = true; + }; - virtualisation.docker.enable = true; - services.xserver = { - videoDrivers = [ "nvidia" ]; - xkb.layout = "us"; - xkb.variant = ""; - xkb.options = "caps:escape"; - }; - hardware.nvidia = { - modesetting.enable = true; - powerManagement.enable = true; - powerManagement.finegrained = false; - nvidiaSettings = true; - open = false; - }; - hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable; + # External + calibre-web = { + enable = true; + user = "preston"; + openFirewall = true; + # group = "preston"; + + listen = { + port = 9999; + ip = "0.0.0.0"; + }; + + options = { + enableBookUploading = true; + enableKepubify = true; + enableBookConversion = true; + calibreLibrary = "/home/preston/books/physics/"; + }; + }; - services.ollama = { - enable = true; - acceleration = "cuda"; - host = "0.0.0.0"; - }; + ollama = { + enable = true; + acceleration = "cuda"; + host = "0.0.0.0"; + }; - services.printing.enable = true; + openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + KbdInteractiveAuthentication = false; + }; + }; - sound.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - #media-session.enable = true; - }; - services.udisks2.enable = true; + nginx = { + enable = true; + }; - services.kanata = { - enable = true; - }; - # services.xserver.libinput.enable = true; + # Misc. + udev.packages = [ + pkgs.platformio-core + pkgs.platformio-core.udev + pkgs.openocd + ]; - programs.zsh.enable = true; + printing.enable = true; + udisks2.enable = true; + blueman.enable = true; + }; - users.users.root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSshvS1N/42pH9Unp3Zj4gjqs9BXoin99oaFWYHXZDJ preston@preston-arch" - ]; + programs = { + zsh.enable = true; + light.enable = true; + ssh.enableAskPassword = false; + }; - users.users.preston = { - isNormalUser = true; - description = "Preston Pan"; - extraGroups = [ "networkmanager" "wheel" "video" "docker" ]; - shell = pkgs.zsh; - packages = with pkgs; [ + nixpkgs.config = { + allowUnfree = true; + cudaSupport = true; + permittedInsecurePackages = [ + "nix-2.15.3" ]; }; - nixpkgs.config.allowUnfree = true; + xdg.portal = { + enable = true; + wlr.enable = true; + extraPortals = [ pkgs.xdg-desktop-portal-gtk pkgs.xdg-desktop-portal pkgs.xdg-desktop-portal-hyprland ]; + config.common.default = "*"; + }; environment.systemPackages = with pkgs; [ curl @@ -108,44 +161,28 @@ linuxPackages.nvidia_x11 ]; - programs.light.enable = true; - - xdg.portal = { - enable = true; - wlr.enable = true; - extraPortals = [ pkgs.xdg-desktop-portal-gtk pkgs.xdg-desktop-portal pkgs.xdg-desktop-portal-hyprland ]; - config.common.default = "*"; + users.users = { + root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSshvS1N/42pH9Unp3Zj4gjqs9BXoin99oaFWYHXZDJ preston@preston-arch" + ]; + preston = { + isNormalUser = true; + description = "Preston Pan"; + extraGroups = [ "networkmanager" "wheel" "video" "docker" ]; + shell = pkgs.zsh; + packages = with pkgs; [ + ]; + }; }; - system.stateVersion = "23.11"; - nixpkgs.config.permittedInsecurePackages = [ - "nix-2.15.3" - ]; + nix.settings.experimental-features = "nix-command flakes"; - services.udev.packages = [ - pkgs.platformio-core - pkgs.platformio-core.udev - pkgs.openocd - ]; - services.calibre-server = { - enable = true; - host = "0.0.0.0"; - port = 7777; - user = "preston"; - group = "preston"; - }; - services.calibre-web = { - enable = true; - user = "preston"; - group = "preston"; - listen.port = 7777; - listen.ip = "0.0.0.0"; - openFirewall = true; - options = { - enableBookUploading = true; - enableKepubify = true; - enableBookConversion = true; - calibreLibrary = "/home/preston/books/"; - }; - }; + virtualisation.docker.enable = true; + security.rtkit.enable = true; + # services.xserver.libinput.enable = true; + + time.timeZone = "America/Vancouver"; + i18n.defaultLocale = "en_CA.UTF-8"; + + system.stateVersion = "23.11"; } @@ -9,17 +9,19 @@ url = "github:nix-community/home-manager/release-23.11"; inputs.nixpkgs.follows = "nixpkgs"; }; - nur.url = "github:nix-community/NUR"; + disko = { url = "github:nix-community/disko"; inputs.nixpkgs.follows = "nixpkgs"; }; + + nur.url = "github:nix-community/NUR"; wallpapers.url = "github:ret2pop/wallpapers"; sops-nix.url = "github:Mic92/sops-nix"; scripts.url = "github:ret2pop/scripts"; }; - outputs = { self, nixpkgs, home-manager, nur, disko, wallpapers, sops-nix, scripts, ... }@attrs: { + outputs = { nixpkgs, home-manager, nur, disko, ... }@attrs: { nixosConfigurations = { live = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; @@ -41,13 +43,16 @@ disko.nixosModules.disko home-manager.nixosModules.home-manager { - home-manager.useGlobalPkgs = true; - home-manager.extraSpecialArgs = attrs; - home-manager.useUserPackages = true; - home-manager.users.preston = import ./home.nix; + home-manager = { + useGlobalPkgs = true; + extraSpecialArgs = attrs; + useUserPackages = true; + users.preston = import ./home.nix; + }; } ]; }; + continuity = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = attrs; @@ -67,10 +72,12 @@ disko.nixosModules.disko home-manager.nixosModules.home-manager { - home-manager.useGlobalPkgs = true; - home-manager.extraSpecialArgs = attrs; - home-manager.useUserPackages = true; - home-manager.users.preston = import ./home.nix; + home-manager = { + useGlobalPkgs = true; + extraSpecialArgs = attrs; + useUserPackages = true; + users.preston = import ./home.nix; + }; } ]; }; @@ -1,113 +1,118 @@ { pkgs, wallpapers, scripts, ... }: { - nixpkgs.config.cudaSupport = true; - home.enableNixpkgsReleaseCheck = false; - home.username = "preston"; - home.homeDirectory = "/home/preston"; - home.packages = with pkgs; [ - vim - git - curl - wget - pfetch - cowsay - ffmpeg - grim - light - gnupg - (pass.withExtensions (ext: with ext; [ pass-otp pass-import pass-genphrase pass-update pass-tomb])) - passExtensions.pass-otp - fira-code - croc - mu - rust-analyzer - cargo - clang - bear - gnumake - clang-tools - pinentry - texliveFull - helvum - xdg-utils - noto-fonts - noto-fonts-cjk - autobuild - rsync - pavucontrol - swww - fswebcam - mpc-cli - python3 - ghostscript - pipes - cmatrix - inkscape - nixfmt-rfc-style - podman-desktop - monero-gui - # electrum - fluffychat - veracrypt - imagemagick - tor-browser - qsynth - poetry - vesktop - nixd - graphviz - vscode-langservers-extracted - alsa-scarlett-gui - openscad - blender - krita - kdenlive - # telegram-desktop - # kicad - obs-studio - obs-cli - python312Packages.jedi - octaveFull - (aspellWithDicts - (dicts: with dicts; [ en en-computers en-science ])) - (nerdfonts.override { fonts = [ "Iosevka" ]; }) - ]; - fonts.fontconfig.enable = true; - xsession.enable = true; - home.stateVersion = "23.11"; + home = { + enableNixpkgsReleaseCheck = false; + username = "preston"; + homeDirectory = "/home/preston"; + stateVersion = "23.11"; + packages = with pkgs; [ + # kicad + # telegram-desktop + (pass.withExtensions (ext: with ext; [ pass-otp pass-import pass-genphrase pass-update pass-tomb])) + alsa-scarlett-gui + autobuild + bear + blender + cargo + clang + clang-tools + cmatrix + cowsay + croc + curl + electrum + ffmpeg + fira-code + fluffychat + fswebcam + ghostscript + git + gnumake + gnupg + graphviz + grim + helvum + imagemagick + inkscape + kdenlive + krita + light + monero-gui + mpc-cli + mu + nixd + nixfmt-rfc-style + noto-fonts + noto-fonts-cjk + obs-cli + obs-studio + octaveFull + openscad + openscad-lsp + passExtensions.pass-otp + pavucontrol + pfetch + pinentry + pipes + podman-desktop + poetry + python3 + python312Packages.jedi + qsynth + rsync + rust-analyzer + swww + texliveFull + timeshift + tor-browser + veracrypt + vesktop + vim + vscode-langservers-extracted + wget + x11_ssh_askpass + xdg-utils + (aspellWithDicts + (dicts: with dicts; [ en en-computers en-science ])) + (nerdfonts.override { fonts = [ "Iosevka" ]; }) + ]; + }; - services.gpg-agent = { - enable = true; - pinentryFlavor = "emacs"; - extraConfig = '' + services = { + gpg-agent = { + enable = true; + pinentryFlavor = "emacs"; + extraConfig = '' allow-emacs-pinentry allow-loopback-pinentry - ''; - }; + }; - services.gammastep = { - enable = true; - provider = "manual"; - latitude = 49.282730; - longitude = -123.120735; - temperature.day = 5000; - temperature.night = 3000; - settings = { - general = { - adjustment-method = "wayland"; + gammastep = { + enable = true; + provider = "manual"; + latitude = 49.282730; + longitude = -123.120735; + temperature = { + day = 5000; + night = 3000; + }; + settings = { + general = { + adjustment-method = "wayland"; + }; }; }; - }; - services.mpd = { - enable = true; - dbFile = "/home/preston/.config/mpd/db"; - dataDir = "/home/preston/.config/mpd/"; - network.port = 6600; - musicDirectory = "/home/preston/music"; - playlistDirectory = "/home/preston/.config/mpd/playlists"; - network.listenAddress = "0.0.0.0"; - extraConfig = '' + + mpd = { + enable = true; + dbFile = "/home/preston/.config/mpd/db"; + dataDir = "/home/preston/.config/mpd/"; + network.port = 6600; + musicDirectory = "/home/preston/music"; + playlistDirectory = "/home/preston/.config/mpd/playlists"; + network.listenAddress = "0.0.0.0"; + extraConfig = '' audio_output { type "pipewire" name "pipewire output" @@ -124,44 +129,46 @@ tags "yes" # httpd supports sending tags to listening streams. } ''; - }; + }; - services.pantalaimon = { - enable = true; - settings = { - Default = { - LogLevel = "Debug"; - SSL = true; - }; - local-matrix = { - Homeserver = "https://social.nullring.xyz"; - ListenAddress = "0.0.0.0"; - ListenPort = 8008; - SSL = false; - UseKeyring = false; - IgnoreVerification = true; + pantalaimon = { + enable = true; + settings = { + Default = { + LogLevel = "Debug"; + SSL = true; + }; + local-matrix = { + Homeserver = "https://social.nullring.xyz"; + ListenAddress = "0.0.0.0"; + ListenPort = 8008; + SSL = false; + UseKeyring = false; + IgnoreVerification = true; + }; }; }; }; - programs.chromium = { - package = pkgs.chromium; - enable = true; - extensions = [ - "ddkjiahejlhfcafbddmgiahcphecmpfh" # ublock-origin lite - "dbepggeogbaibhgnhhndojpepiihcmeb" # vimium - "eimadpbcbfnmbkopoojfekhnkhdbieeh" # dark reader - "oicakdoenlelpjnkoljnaakdofplkgnd" # tree style tabs - "nkbihfbeogaeaoehlefnkodbefgpgknn" # metamask - ]; - }; + programs = { + chromium = { + package = pkgs.chromium; + enable = true; + extensions = [ + "ddkjiahejlhfcafbddmgiahcphecmpfh" # ublock-origin lite + "dbepggeogbaibhgnhhndojpepiihcmeb" # vimium + "eimadpbcbfnmbkopoojfekhnkhdbieeh" # dark reader + "oicakdoenlelpjnkoljnaakdofplkgnd" # tree style tabs + "nkbihfbeogaeaoehlefnkodbefgpgknn" # metamask + ]; + }; - programs.nushell = { - enable = true; - extraConfig = '' + nushell = { + enable = true; + extraConfig = '' let carapace_completer = {|spans| carapace $spans.0 nushell $spans | from json - } + } $env.config = { show_banner: false, completions: { @@ -175,67 +182,69 @@ # set to lower can improve completion performance at the cost of omitting some options max_results: 100 completer: $carapace_completer # check 'carapace_completer' - } } - } + } + } $env.PATH = ($env.PATH | split row (char esep) | prepend /home/myuser/.apps | append /usr/bin/env - ) + ) ''; - shellAliases = { - c = "clear"; - g = "git"; - v = "vim"; - h = "Hyprland"; - r = "gammastep -O 3000"; - ns = "nix-shell"; - n = "nix"; - nfu = "cd /etc/nixos/ && sudo nix flake update"; - rb = "sudo nixos-rebuild switch"; - }; - }; - programs.mpv = { - enable = true; - config = { - profile = "gpu-hq"; - force-window = true; - ytdl-format = "bestvideo+bestaudio"; - cache-default = 4000000; + + shellAliases = { + c = "clear"; + g = "git"; + v = "vim"; + h = "Hyprland"; + r = "gammastep -O 3000"; + ns = "nix-shell"; + n = "nix"; + nfu = "cd /etc/nixos/ && sudo nix flake update"; + rb = "sudo nixos-rebuild switch"; + }; }; - }; - programs.yt-dlp = { - enable = true; - settings = { - embed-thumbnail = true; - embed-subs = true; - sub-langs = "all"; - downloader = "aria2c"; - downloader-args = "aria2c:'-c -x8 -s8 -k1M'"; + mpv = { + enable = true; + config = { + profile = "gpu-hq"; + force-window = true; + ytdl-format = "bestvideo+bestaudio"; + cache-default = 4000000; + }; }; - }; - programs.wofi = { - enable = true; - settings = { - location = "bottom-right"; - allow_markup = true; - show = "drun"; - width = 750; - height = 400; - always_parse_args = true; - show_all = false; - term = "kitty"; - hide_scroll = true; - print_command = true; - insensitive = true; - prompt = "Run what, Commander?"; - columns = 2; + yt-dlp = { + enable = true; + settings = { + embed-thumbnail = true; + embed-subs = true; + sub-langs = "all"; + downloader = "aria2c"; + downloader-args = "aria2c:'-c -x8 -s8 -k1M'"; + }; }; - style = '' + wofi = { + enable = true; + settings = { + location = "bottom-right"; + allow_markup = true; + show = "drun"; + width = 750; + height = 400; + always_parse_args = true; + show_all = false; + term = "kitty"; + hide_scroll = true; + print_command = true; + insensitive = true; + prompt = "Run what, Commander?"; + columns = 2; + }; + + style = '' @define-color rosewater #f5e0dc; @define-color rosewater-rgb rgb(245, 224, 220); @define-color flamingo #f2cdcd; @@ -401,219 +410,322 @@ background-color: @lavender!important; } ''; - }; - - programs.kitty = { - enable = true; - settings = { - enable_audio_bell = false; - font_family = "Iosevka Nerd Font"; - font_size = 14; - confirm_os_window_close = 0; - background_opacity = "0.9"; - # Catppuccin theme - foreground = "#cdd6f4"; - background = "#1e1e2e"; - selection_foreground = "#1e1e2e"; - selection_background = "#f5e0dc"; - cursor = "#f5e0dc"; - cursor_text_color = "#1e1e2e"; - url_color = "#f5e0dc"; - active_border_color = "#B4BEFE"; - inactive_border_color = "#6C7086"; - bell_border_color = "#F9E2AF"; - wayland_titlebar_color = "#1E1E2E"; - macos_titlebar_color = "#1E1E2E"; - active_tab_foreground = "#11111B"; - active_tab_background = "#CBA6F7"; - inactive_tab_foreground = "#CDD6F4"; - inactive_tab_background = "#181825"; - tab_bar_background = "#11111B"; - mark1_foreground = "#1E1E2E"; - mark1_background = "#B4BEFE"; - mark2_foreground = "#1E1E2E"; - mark2_background = "#CBA6F7"; - mark3_foreground = "#1E1E2E"; - mark3_background = "#74C7EC"; - color0 = "#45475A"; - color8 = "#585B70"; - color1 = "#F38BA8"; - color9 = "#F38BA8"; - color2 = "#A6E3A1"; - color10 = "#A6E3A1"; - color3 = "#F9E2AF"; - color11 = "#F9E2AF"; - color4 = "#89B4FA"; - color12 = "#89B4FA"; - color5 = "#F5C2E7"; - color13 = "#F5C2E7"; - color6 = "#94E2D5"; - color14 = "#94E2D5"; - color7 = "#BAC2DE"; - color15 = "#A6ADC8"; }; - }; - programs.firefox = { - policies = { - EnableTrackingProtection = true; - OfferToSaveLogins = false; + kitty = { + enable = true; + settings = { + enable_audio_bell = false; + font_family = "Iosevka Nerd Font"; + font_size = 14; + confirm_os_window_close = 0; + background_opacity = "0.9"; + # Catppuccin theme + foreground = "#cdd6f4"; + background = "#1e1e2e"; + selection_foreground = "#1e1e2e"; + selection_background = "#f5e0dc"; + cursor = "#f5e0dc"; + cursor_text_color = "#1e1e2e"; + url_color = "#f5e0dc"; + active_border_color = "#B4BEFE"; + inactive_border_color = "#6C7086"; + bell_border_color = "#F9E2AF"; + wayland_titlebar_color = "#1E1E2E"; + macos_titlebar_color = "#1E1E2E"; + active_tab_foreground = "#11111B"; + active_tab_background = "#CBA6F7"; + inactive_tab_foreground = "#CDD6F4"; + inactive_tab_background = "#181825"; + tab_bar_background = "#11111B"; + mark1_foreground = "#1E1E2E"; + mark1_background = "#B4BEFE"; + mark2_foreground = "#1E1E2E"; + mark2_background = "#CBA6F7"; + mark3_foreground = "#1E1E2E"; + mark3_background = "#74C7EC"; + color0 = "#45475A"; + color8 = "#585B70"; + color1 = "#F38BA8"; + color9 = "#F38BA8"; + color2 = "#A6E3A1"; + color10 = "#A6E3A1"; + color3 = "#F9E2AF"; + color11 = "#F9E2AF"; + color4 = "#89B4FA"; + color12 = "#89B4FA"; + color5 = "#F5C2E7"; + color13 = "#F5C2E7"; + color6 = "#94E2D5"; + color14 = "#94E2D5"; + color7 = "#BAC2DE"; + color15 = "#A6ADC8"; + }; }; - package = pkgs.firefox-wayland; - enable = true; - profiles = { - default = { - id = 0; - name = "default"; - isDefault = true; - extensions = with pkgs.nur.repos.rycee.firefox-addons; [ - ublock-origin - tree-style-tab - firefox-color - vimium - metamask - ]; - settings = { - content.notify.interval = 100000; - gfx.canvas.accelerated.cache-items = 4096; - gfx.canvas.accelerated.cache-size = 512; - gfx.content.skia-font-cache-size = 20; - browser.cache.jsbc_compression_level = 3; - media.memory_cache_max_size = 65536; - media.cache_readahead_limit = 7200; - media.cache_resume_threshold = 3600; - image.mem.decode_bytes_at_a_time = 32768; - network.buffer.cache.size = 262144; - network.buffer.cache.count = 128; - network.http.max-connections = 1800; - network.http.max-persistent-connections-per-server = 10; - network.http.max-urgent-start-excessive-connections-per-host = 5; - network.http.pacing.requests.enabled = false; - network.dnsCacheExpiration = 3600; - network.dns.max_high_priority_threads = 8; - network.ssl_tokens_cache_capacity = 10240; - network.dns.disablePrefetch = true; - network.prefetch-next = false; - network.predictor.enabled = false; - layout.css.grid-template-masonry-value.enabled = true; - dom.enable_web_task_scheduling = true; - layout.css.has-selector.enabled = true; - dom.security.sanitizer.enabled = true; - browser.contentblocking.category = "strict"; - urlclassifier.trackingSkipURLs = "*.reddit.com, *.twitter.com, *.twimg.com, *.tiktok.com"; - urlclassifier.features.socialtracking.skipURLs = "*.instagram.com, *.twitter.com, *.twimg.com"; - network.cookie.sameSite.noneRequiresSecure = true; - browser.download.start_downloads_in_tmp_dir = true; - browser.helperApps.deleteTempFileOnExit = true; - browser.uitour.enabled = false; - privacy.globalprivacycontrol.enabled = true; - security.OCSP.enabled = 0; - security.remote_settings.crlite_filters.enabled = true; - security.pki.crlite_mode = 2; - security.ssl.treat_unsafe_negotiation_as_broken = true; - browser.xul.error_pages.expert_bad_cert = true; - security.tls.enable_0rtt_data = false; - browser.privatebrowsing.forceMediaMemoryCache = true; - browser.sessionstore.interval = 60000; - privacy.history.custom = true; - browser.search.separatePrivateDefault.ui.enabled = true; - browser.urlbar.update2.engineAliasRefresh = true; - browser.search.suggest.enabled = false; - browser.urlbar.suggest.quicksuggest.sponsored = false; - browser.urlbar.suggest.quicksuggest.nonsponsored = false; - browser.formfill.enable = false; - security.insecure_connection_text.enabled = true; - security.insecure_connection_text.pbmode.enabled = true; - network.IDN_show_punycode = true; - dom.security.https_first = true; - dom.security.https_first_schemeless = true; - signon.formlessCapture.enabled = false; - signon.privateBrowsingCapture.enabled = false; - network.auth.subresource-http-auth-allow = 1; - editor.truncate_user_pastes = false; - security.mixed_content.block_display_content = true; - security.mixed_content.upgrade_display_content = true; - pdfjs.enableScripting = false; - extensions.postDownloadThirdPartyPrompt = false; - network.http.referer.XOriginTrimmingPolicy = 2; - privacy.userContext.ui.enabled = true; - media.peerconnection.ice.proxy_only_if_behind_proxy = true; - media.peerconnection.ice.default_address_only = true; - browser.safebrowsing.downloads.remote.enabled = false; - permissions.default.desktop-notification = 2; - permissions.default.geo = 2; - geo.provider.network.url = "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"; - permissions.manager.defaultsUrl = ""; - webchannel.allowObject.urlWhitelist = ""; - datareporting.policy.dataSubmissionEnabled = false; - datareporting.healthreport.uploadEnabled = false; - toolkit.telemetry.unified = false; - toolkit.telemetry.enabled = false; - toolkit.telemetry.server = "data:,"; - toolkit.telemetry.archive.enabled = false; - toolkit.telemetry.newProfilePing.enabled = false; - toolkit.telemetry.shutdownPingSender.enabled = false; - toolkit.telemetry.updatePing.enabled = false; - toolkit.telemetry.bhrPing.enabled = false; - toolkit.telemetry.firstShutdownPing.enabled = false; - toolkit.telemetry.coverage.opt-out = true; - toolkit.coverage.opt-out = true; - toolkit.coverage.endpoint.base = ""; - browser.ping-centre.telemetry = false; - browser.newtabpage.activity-stream.feeds.telemetry = false; - browser.newtabpage.activity-stream.telemetry = false; - app.shield.optoutstudies.enabled = false; - app.normandy.enabled = false; - app.normandy.api_url = ""; - breakpad.reportURL = ""; - browser.tabs.crashReporting.sendReport = false; - browser.crashReports.unsubmittedCheck.autoSubmit2 = false; - captivedetect.canonicalURL = ""; - network.captive-portal-service.enabled = false; - network.connectivity-service.enabled = false; - browser.privatebrowsing.vpnpromourl = ""; - extensions.getAddons.showPane = false; - extensions.htmlaboutaddons.recommendations.enabled = false; - browser.discovery.enabled = false; - browser.shell.checkDefaultBrowser = false; - browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons = false; - browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features = false; - browser.preferences.moreFromMozilla = false; - browser.tabs.tabmanager.enabled = false; - browser.aboutConfig.showWarning = false; - browser.aboutwelcome.enabled = false; - toolkit.legacyUserProfileCustomizations.stylesheets = true; - browser.compactmode.show = true; - browser.display.focus_ring_on_anything = true; - browser.display.focus_ring_style = 0; - browser.display.focus_ring_width = 0; - layout.css.prefers-color-scheme.content-override = 2; - browser.privateWindowSeparation.enabled = false; - cookiebanners.service.mode = 1; - full-screen-api.transition-duration.enter = "0 0"; - full-screen-api.transition-duration.leave = "0 0"; - full-screen-api.warning.delay = -1; - full-screen-api.warning.timeout = 0; - browser.urlbar.suggest.calculator = true; - browser.urlbar.unitConversion.enabled = true; - browser.urlbar.trending.featureGate = false; - browser.newtabpage.activity-stream.feeds.topsites = false; - browser.newtabpage.activity-stream.feeds.section.topstories = false; - extensions.pocket.enabled = false; - browser.download.always_ask_before_handling_new_types = true; - browser.download.manager.addToRecentDocs = false; - browser.download.open_pdf_attachments_inline = true; - browser.bookmarks.openInTabClosesMenu = false; - browser.menu.showViewImageInfo = true; - findbar.highlightAll = true; - layout.word_select.eat_space_to_next_word = false; + + firefox = { + policies = { + EnableTrackingProtection = true; + OfferToSaveLogins = false; + }; + + package = pkgs.firefox-wayland; + enable = true; + + profiles = { + default = { + id = 0; + name = "default"; + isDefault = true; + + extensions = with pkgs.nur.repos.rycee.firefox-addons; [ + ublock-origin + tree-style-tab + firefox-color + vimium + metamask + ]; + + settings = { + media = { + memory_cache_max_size = 65536; + cache_readahead_limit = 7200; + cache_resume_threshold = 3600; + peerconnection.ice = { + proxy_only_if_behind_proxy = true; + default_address_only = true; + }; + }; + + gfx = { + content.skia-font-cache-size = 20; + canvas.accelerated = { + cache-items = 4096; + cache-size = 512; + }; + }; + + network = { + http = { + max-connections = 1800; + max-persistent-connections-per-server = 10; + max-urgent-start-excessive-connections-per-host = 5; + referer.XOriginTrimmingPolicy = 2; + }; + + buffer.cache = { + size = 262144; + count = 128; + }; + + dns = { + max_high_priority_threads = 8; + disablePrefetch = true; + }; + + pacing.requests.enabled = false; + dnsCacheExpiration = 3600; + ssl_tokens_cache_capacity = 10240; + prefetch-next = false; + predictor.enabled = false; + cookie.sameSite.noneRequiresSecure = true; + IDN_show_punycode = true; + auth.subresource-http-auth-allow = 1; + captive-portal-service.enabled = false; + connectivity-service.enabled = false; + }; + + browser = { + download = { + always_ask_before_handling_new_types = true; + manager.addToRecentDocs = false; + open_pdf_attachments_inline = true; + start_downloads_in_tmp_dir = true; + }; + + urlbar = { + suggest.quicksuggest.sponsored = false; + suggest.quicksuggest.nonsponsored = false; + suggest.calculator = true; + update2.engineAliasRefresh = true; + unitConversion.enabled = true; + trending.featureGate = false; + }; + + search = { + separatePrivateDefault.ui.enabled = true; + suggest.enabled = false; + }; + + newtabpage.activity-stream = { + feeds = { + topsites = false; + section.topstories = false; + telemetry = false; + }; + asrouter.userprefs.cfr = { + addons = false; + features = false; + }; + telemetry = false; + }; + + privatebrowsing = { + vpnpromourl = ""; + forceMediaMemoryCache = true; + }; |