diff --git a/programs/firefox.nix b/programs/firefox.nix index e14e27a..dcf0553 100644 --- a/programs/firefox.nix +++ b/programs/firefox.nix @@ -34,12 +34,8 @@ extensions.packages = with firefox-addons; [ bitwarden - darkreader - dearrow - enhancer-for-youtube multi-account-containers old-reddit-redirect - sponsorblock ublock-origin user-agent-string-switcher zotero-connector @@ -180,50 +176,11 @@ # - Google Scholar }; }; - settings = let - isUuid = str: - (builtins.match - "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" - str) != null; - prefix = addon: if isUuid addon then "_" else ""; - button = addon: - "${prefix addon}${addon}${prefix addon}-browser-action"; - always-in-container = "a1e9543e-5f73-4763-b376-04e53fd12cbd"; - bitwarden = "446900e4-71c2-419f-a6a7-df9c091e268b"; - dark-reader = "addon_darkreader_org"; - dearrow = "dearrow_ajay_app"; - enhancer-for-youtube = - "enhancerforyoutube_maximerf_addons_mozilla_org"; - old-reddit-redirect = "9063c2e9-e07c-4c2c-9646-cfe7ca8d0498"; - open-with = "openwith_darktrojan_net"; - plasma = "plasma-browser-integration"; - sponsorblock = "sponsorblocker_ajay_app"; - ublock-origin = "ublock0_raymondhill_net"; - user-agent-switcher = "a6c4a591-f1b2-4f03-b3ff-767e5bedf4e7"; - zotero = "zotero_chnm_gmu_edu"; - containers = "_testpilot-containers"; - in { + settings = { "app.normandy.first_run" = false; "app.shield.optoutstudies.enabled" = false; - "browser.ai.control.default" = "blocked"; - "browser.ai.control.linkPreviewKeyPoints" = "blocked"; - "browser.ai.control.pdfjsAltText" = "blocked"; - "browser.ai.control.sidebarChatbot" = "blocked"; - "browser.ai.control.smartTabGroups" = "blocked"; - "browser.ai.control.translations" = "blocked"; "browser.contentblocking.category" = "strict"; "browser.formfill.enable" = false; - "browser.ml.chat.enabled" = false; - "browser.ml.chat.menu" = false; - "browser.ml.chat.page" = false; - "browser.ml.chat.page.footerBadge" = false; - "browser.ml.chat.page.menuBadge" = false; - "browser.ml.chat.shortcuts" = false; - "browser.ml.chat.sidebar" = false; - "browser.ml.enable" = false; - "browser.ml.linkPreview.enabled" = false; - "browser.ml.pageAssist.enabled" = false; - "browser.ml.smartAssist.enabled" = false; "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons" = false; "browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features" = @@ -274,46 +231,25 @@ baseDomain = "ksu.one45.com"; } ]; - "browser.search.visualSearch.featureGate" = false; "browser.shopping.experience2023.active" = false; "browser.startup.homepage_override.mstone" = "ignore"; "browser.tabs.closeWindowWithLastTab" = false; - "browser.tabs.groups.smart.enabled" = false; - "browser.tabs.groups.smart.userEnabled" = false; "browser.tabs.inTitlebar" = 0; "browser.theme.content-theme" = 0; "browser.theme.toolbar-theme" = 0; "browser.toolbars.bookmarks.visibility" = "never"; - "browser.uiCustomization.navBarWhenVerticalTabs" = [ - "sidebar-button" - "back-button" - "forward-button" - "customizableui-special-spring1" - "vertical-spacer" - "urlbar-container" - "stop-reload-button" - "customizableui-special-spring2" - "downloads-button" - (button bitwarden) - (button ublock-origin) - "unified-extensions-button" - (button containers) - ]; "browser.uiCustomization.state" = { placements = { - unified-extensions-area = map button [ - dark-reader - open-with - zotero - user-agent-switcher - enhancer-for-youtube - sponsorblock - dearrow - always-in-container - old-reddit-redirect - plasma + "widget-overflow-fixed-list" = [ ]; + "unified-extensions-area" = [ + "floccus_handmadeideas_org-browser-action" + "7esoorv3_alefvanoon_anonaddy_me-browser-action" + "plasma-browser-integration_kde_org-browser-action" + "_d07ccf11-c0cd-4938-a265-2a4d6ad01189_-browser-action" # Web Archives + "openwith_darktrojan_net-browser-action" + "zotero_chnm_gmu_edu-browser-action" ]; - nav-bar = [ + "nav-bar" = [ "back-button" "forward-button" "customizableui-special-spring1" @@ -322,62 +258,52 @@ "stop-reload-button" "customizableui-special-spring2" "downloads-button" - (button bitwarden) - (button ublock-origin) + "_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action" # Bitwarden + "ublock0_raymondhill_net-browser-action" "unified-extensions-button" - (button containers) + "_testpilot-containers-browser-action" ]; - vertical-tabs = [ "tabbrowser-tabs" ]; - PersonalToolbar = [ "import-button" "personal-bookmarks" ]; - TabsToolbar = [ ]; - widget-overflow-fixed-list = [ ]; + "TabsToolbar" = [ + "firefox-view-button" + "tabbrowser-tabs" + "new-tab-button" + "alltabs-button" + ]; + "vertical-tabs" = [ ]; + "PersonalToolbar" = [ "import-button" "personal-bookmarks" ]; }; - seen = - [ "save-to-pocket-button" "developer-button" "screenshot-button" ] - ++ (map button [ - always-in-container - bitwarden - dark-reader - dearrow - enhancer-for-youtube - old-reddit-redirect - open-with - plasma - sponsorblock - ublock-origin - user-agent-switcher - zotero - containers - ]); + seen = [ + "save-to-pocket-button" + "developer-button" + "_446900e4-71c2-419f-a6a7-df9c091e268b_-browser-action" + "_testpilot-containers-browser-action" + "floccus_handmadeideas_org-browser-action" + "7esoorv3_alefvanoon_anonaddy_me-browser-action" + "plasma-browser-integration_kde_org-browser-action" + "ublock0_raymondhill_net-browser-action" + "_d07ccf11-c0cd-4938-a265-2a4d6ad01189_-browser-action" + "zotero_chnm_gmu_edu-browser-action" + "openwith_darktrojan_net-browser-action" + ]; dirtyAreaCache = [ "nav-bar" "vertical-tabs" "PersonalToolbar" "unified-extensions-area" - "TabsToolbar" ]; - currentVersion = 23; - newElementCount = 0; + currentVersion = 21; + newElementCount = 3; }; - "browser.uitour.enabled" = false; - "browser.urlbar.quicksuggest.mlEnabled" = false; + "browser.urlbar.suggest.showSearchSuggestionsFirst" = false; "browser.urlbar.suggest.quicksuggest.nonsponsored" = false; "browser.urlbar.suggest.quicksuggest.sponsored" = false; "browser.urlbar.suggest.quicksuggest.trending" = false; - "browser.urlbar.suggest.showSearchSuggestionsFirst" = false; "browser.warnOnQuitShortcut" = false; "datareporting.healthreport.uploadEnabled" = false; "datareporting.usage.uploadEnabled" = false; - "extensions.autoDisableScopes" = 0; "extensions.formautofill.addresses.enabled" = false; "extensions.formautofill.creditCards.enabled" = false; - "extensions.ml.enabled" = false; - "extensions.update.autoUpdateDefault" = false; - "extensions.update.enabled" = false; - "pdfjs.enableAltText" = false; - "pdfjs.enableAltTextModelDownload" = false; - "pdfjs.enableGuessAltText" = false; - "places.semanticHistory.featureGate" = false; + "extensions.autoDisableScopes" = 0; "privacy.bounceTrackingProtection.mode" = 1; "privacy.clearOnShutdown_v2.browsingHistoryAndDownloads" = false; "privacy.clearOnShutdown_v2.cache" = true; @@ -391,14 +317,6 @@ "privacy.trackingprotection.emailtracking.enabled" = true; "privacy.trackingprotection.enabled" = true; "privacy.trackingprotection.socialtracking.enabled" = true; - "sidebar.installed.extensions" = "{${bitwarden}}"; - "sidebar.main.tools" = "syncedtabs,history,{${bitwarden}},bookmarks"; - "sidebar.new-sidebar.has-used" = true; - "sidebar.revamp" = true; - "sidebar.verticalTabs" = true; - "sidebar.verticalTabs.dragToPinPromo.dismissed" = true; - "sidebar.visibility" = "expand-on-hover"; - "signon.rememberSignons" = false; "widget.use-xdg-desktop-portal.file-picker" = 1; }; }; diff --git a/services/peertube.nix b/services/peertube.nix index b528703..59b5f41 100644 --- a/services/peertube.nix +++ b/services/peertube.nix @@ -55,6 +55,20 @@ in { }; }; + # This is a hack - I'm deliberately hijacking the systemd service that is + # set up by `services.caddy` in order to sync the `let` variables with the + # external Caddyfile via environment variables + # This is safe for NixOS 25.11 - see + # + systemd.services.caddy.environment = { + MILLIRONX_PEERTUBE_PORT = port; + MILLIRONX_PEERTUBE_ASSETS_DIR = peertubeAssetsDir; + MILLIRONX_PEERTUBE_DATA_DIR = "${stateDirectory}/data"; + }; + # Another hack - allows the Caddy user to be able to read files that + # PeerTube writes into its dist/ folders + users.users.${config.services.caddy.user}.extraGroups = [ user ]; + # Forward RTMP (privileged) port to container-accessible (non-privileged) port systemd = { sockets."peertube-rtmp" = { @@ -67,28 +81,15 @@ in { }; }; - services = { - "peertube-rtmp-forward" = { - description = "PeerTube RTMP Port Forwarder"; - requires = [ "peertube-rtmp.socket" ]; - after = [ "network.target" ]; - serviceConfig = { - Type = "notify"; - ExecStart = - "${pkgs.systemd}/lib/systemd/systemd-socket-proxyd 127.0.0.1:${rtmpHostPort}"; - PrivateTmp = true; - }; - }; - - # This is a hack - I'm deliberately hijacking the systemd service that is - # set up by `services.caddy` in order to sync the `let` variables with the - # external Caddyfile via environment variables - # This is safe for NixOS 25.11 - see - # - caddy.environment = { - MILLIRONX_PEERTUBE_PORT = port; - MILLIRONX_PEERTUBE_ASSETS_DIR = peertubeAssetsDir; - MILLIRONX_PEERTUBE_DATA_DIR = "${stateDirectory}/data"; + services."peertube-rtmp-forward" = { + description = "PeerTube RTMP Port Forwarder"; + requires = [ "peertube-rtmp.socket" ]; + after = [ "network.target" ]; + serviceConfig = { + Type = "notify"; + ExecStart = + "${pkgs.systemd}/lib/systemd/systemd-socket-proxyd 127.0.0.1:${rtmpHostPort}"; + PrivateTmp = true; }; }; }; @@ -103,9 +104,6 @@ in { autoSubUidGidRange = true; }; users.groups.${user} = { }; - # Another hack - allows the Caddy user to be able to read files that - # PeerTube writes into its dist/ folders - users.users.${config.services.caddy.user}.extraGroups = [ user ]; home-manager.users.${user} = { config, osConfig, ... }: { imports = [ home-manager-quadlet-nix ];