62 lines
2.0 KiB
Nix
62 lines
2.0 KiB
Nix
{phoenix, ...}: rec {
|
|
phoenixOverlay = final: prev: {
|
|
phoenix = (final.callPackage (import "${phoenix}/nix/package.nix")
|
|
{
|
|
}).overrideAttrs {
|
|
patches = [
|
|
../../patches/0001-autoDisableScopes-unlocked.patch
|
|
];
|
|
};
|
|
withPhoenix = firefoxPackage:
|
|
firefoxPackage.override {
|
|
extraPoliciesFiles = ["${final.phoenix}/policies.json"];
|
|
extraPrefsFiles = ["${final.phoenix}/phoenix.cfg"];
|
|
};
|
|
};
|
|
phoenixModule = {
|
|
pkgs,
|
|
config,
|
|
lib,
|
|
...
|
|
}: {
|
|
options.programs.firefox.phoenix = {
|
|
enable =
|
|
lib.mkEnableOption "Enable privacy & security hardening of Firefox using the Phoenix configs"
|
|
// {
|
|
default = true;
|
|
};
|
|
firefoxPackages = lib.mkOption {
|
|
type = lib.types.listOf lib.types.str;
|
|
default = ["firefox"];
|
|
description = "The name of Firefox packages of current pkgs to patch with phoenix config and policy.";
|
|
};
|
|
};
|
|
config = let
|
|
cfg = config.programs.firefox.phoenix;
|
|
in
|
|
lib.mkIf cfg.enable {
|
|
assertions = [
|
|
{
|
|
assertion = !pkgs.stdenv.isDarwin;
|
|
message = "Phoenix module has not been ported to nix-darwin yet. Contributions welcomed.";
|
|
}
|
|
];
|
|
environment.etc."firefox/defaults/pref/phoenix-desktop.js".source = "${pkgs.phoenix}/pref/phoenix-desktop.js";
|
|
environment.etc."firefox/phoenix/userjs".source = "${pkgs.phoenix}/userjs";
|
|
environment.etc."firefox/phoenix/configs".source = "${pkgs.phoenix}/configs";
|
|
environment.etc."firefox/phoenix/assets".source = "${pkgs.phoenix}/assets";
|
|
programs.firefox.policies =
|
|
(builtins.fromJSON (builtins.readFile "${pkgs.phoenix}/policies.json")).policies;
|
|
nixpkgs.overlays = [
|
|
phoenixOverlay
|
|
(
|
|
final: prev:
|
|
builtins.listToAttrs (
|
|
map (p: lib.nameValuePair p (final.withPhoenix prev.${p})) cfg.firefoxPackages
|
|
)
|
|
)
|
|
];
|
|
};
|
|
};
|
|
}
|