From 1a59e2b5003f9f229394157ac4aad6fed47b3dff Mon Sep 17 00:00:00 2001 From: Freya Murphy Date: Sun, 3 Nov 2024 13:28:10 -0500 Subject: [PATCH] udpate nix home configuration --- home/home.nix | 37 -------- home/home.scm | 13 ++- home/nix/flake.nix | 30 ++++++ home/nix/home.nix | 31 ++++++ home/{ => nix}/nix-channels | 1 - home/nix/nix.conf | 1 + home/nix/programs/default.nix | 5 + home/nix/programs/firefox.nix | 172 ++++++++++++++++++++++++++++++++++ 8 files changed, 247 insertions(+), 43 deletions(-) delete mode 100644 home/home.nix create mode 100644 home/nix/flake.nix create mode 100644 home/nix/home.nix rename home/{ => nix}/nix-channels (67%) create mode 100644 home/nix/nix.conf create mode 100644 home/nix/programs/default.nix create mode 100644 home/nix/programs/firefox.nix diff --git a/home/home.nix b/home/home.nix deleted file mode 100644 index 4872086..0000000 --- a/home/home.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ config, pkgs, ... }: - -{ - # Home Manager needs a bit of information about you and the paths it should - # manage. - home.username = "freya"; - home.homeDirectory = "/home/freya"; - home.stateVersion = "24.05"; # Please read the comment before changing. - - # This value will set some environment variables to allow home-manager to - # function better outside of NixOS - nixpkgs.config.allowUnfree = true; - targets.genericLinux.enable = true; - fonts.fontconfig.enable = true; - - # The home.packages option allows you to install Nix packages into your - # environment. - home.packages = with pkgs; [ - # Main packages - starship - discord - thunderbird - cider - - # Rust - rustup - gcc-unwrapped - openssl - - # Java - jdk - ]; - - # Let Home Manager install and manage itself. - programs.home-manager.enable = true; -} - diff --git a/home/home.scm b/home/home.scm index c3dbf16..e55be0d 100644 --- a/home/home.scm +++ b/home/home.scm @@ -58,7 +58,6 @@ "network-manager-applet" "wl-clip-persist" "easyeffects" - "librewolf-wrapped" "gamescope" "overskride" @@ -67,8 +66,11 @@ "lavanda-gtk-theme" "mint-themes" + ;qt + "qtbase" + "qtwayland" + ; terminal - "alacritty" "kitty" "neovim" @@ -97,7 +99,6 @@ "gcc-toolchain" "clang-toolchain" "rust" - "racket" "python" ; social @@ -162,7 +163,9 @@ ("user-dirs.dirs" ,(local-file "config/xdg/user-dirs.dirs" #:recursive? #t)) ("xdg-desktop-portal/portals.conf" ,(local-file "config/xdg/portals.conf")) ("starship.toml" ,(local-file "config/starship/starship.toml" #:recursive? #t)) - ("home-manager/home.nix" ,(local-file "home.nix" #:recursive? #t)) )) + ("home-manager" ,(local-file "nix" #:recursive? #t)) + ("nix/nix.conf" ,(local-file "nix/nix.conf")) + )) (service home-files-service-type `((".local/share/nvim/site/autoload/plug.vim" ,(file-append vim-plug "/share/vim/plug.vim")) @@ -172,7 +175,7 @@ (".local/share/applications" ,(local-file "local/applications" #:recursive? #t)) (".local/share/icons" ,(local-file "local/icons" #:recursive? #t)) (".local/share/dbus-1/services" ,(local-file "local/dbus/services" #:recursive? #t)) - (".nix-channels" ,(local-file "nix-channels")) + (".nix-channels" ,(local-file "nix/nix-channels")) (".gitconfig" ,(local-file "config/git/gitconfig")))) (service home-syncthing-service-type diff --git a/home/nix/flake.nix b/home/nix/flake.nix new file mode 100644 index 0000000..6738db4 --- /dev/null +++ b/home/nix/flake.nix @@ -0,0 +1,30 @@ +{ + description = "Freya Nix Flake"; + + inputs = { + # nixpkgs + nixpkgs.url = "github:nixos/nixpkgs/release-24.05"; + + # home manager + home-manager.url = "github:nix-community/home-manager/release-24.05"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = { + self, + nixpkgs, + home-manager, + ... + } @ inputs: let + inherit (self) outputs; + system = "x86_64-linux"; + pkgs = nixpkgs.legacyPackages.${system}; + in { + homeConfigurations."freya" = + home-manager.lib.homeManagerConfiguration { + inherit pkgs; + extraSpecialArgs = {inherit inputs outputs;}; + modules = [./home.nix]; + }; + }; +} diff --git a/home/nix/home.nix b/home/nix/home.nix new file mode 100644 index 0000000..e897caf --- /dev/null +++ b/home/nix/home.nix @@ -0,0 +1,31 @@ +{ config, pkgs, ... }: { + + imports = [ + ./programs + ]; + + news.display = "silent"; + fonts.fontconfig.enable = true; + nixpkgs.config.allowUnfree = true; + programs.home-manager.enable = true; + + home = { + username = "freya"; + homeDirectory = "/home/freya"; + stateVersion = "24.05"; + + packages = with pkgs; [ + # desktop + starship + discord + thunderbird + + # devlopment + rustup + gcc + openssl + ]; + + }; +} + diff --git a/home/nix-channels b/home/nix/nix-channels similarity index 67% rename from home/nix-channels rename to home/nix/nix-channels index 811c0f6..c040488 100644 --- a/home/nix-channels +++ b/home/nix/nix-channels @@ -1,4 +1,3 @@ https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager -https://github.com/nix-community/nixGL/archive/main.tar.gz nixgl https://nixos.org/channels/nixpkgs-unstable nixpkgs diff --git a/home/nix/nix.conf b/home/nix/nix.conf new file mode 100644 index 0000000..c7d7291 --- /dev/null +++ b/home/nix/nix.conf @@ -0,0 +1 @@ +experimental-features = nix-command flakes diff --git a/home/nix/programs/default.nix b/home/nix/programs/default.nix new file mode 100644 index 0000000..1c7c3ee --- /dev/null +++ b/home/nix/programs/default.nix @@ -0,0 +1,5 @@ +{ + imports = [ + ./firefox.nix + ]; +} diff --git a/home/nix/programs/firefox.nix b/home/nix/programs/firefox.nix new file mode 100644 index 0000000..8d5923e --- /dev/null +++ b/home/nix/programs/firefox.nix @@ -0,0 +1,172 @@ +{ config, pkgs, ... }: + let + lock-false = { + Value = false; + Status = "locked"; + }; + lock-true = { + Value = true; + Status = "locked"; + }; + in +{ + programs.firefox = { + enable = true; + + policies = { + EnableTrackingProtection = { + Value = true; + Locked = true; + Cryptomining = true; + Fingerprinting = true; + }; + + # Certificates + Certificates = { + ImportEnterpriseRoots = true; + }; + + # Cookies + Cookies = { + Behavior = "reject-foreign"; + Locked = true; + }; + + # DNS + DNSOverHTTPS = { + Enabled = false; + Locked = true; + }; + + # Disable Bad + DisableAppUpdate = true; + DisableAccounts = true; + DisableFirefoxAccounts = true; + DisableFirefoxScreenshots = true; + DisableFirefoxStudies = true; + DisablePoket = true; + DisableTelemetry = true; + AutofillAddressEnabled = false; + AutofillCreditCardEnabled = false; + + # Disable Certain Messages + UserMessaging = { + WhatsNew = false; + ExtensionRecommendations = false; + FeatureRecommendations = false; + UrlbarInterventions = false; + SkipOnboarding = true; + MoreFromMozilla = false; + Locked = true; + }; + + # Disable Password Manager + PasswordManagerEnabled = false; + OfferToSaveLogins = false; + OfferToSaveLoginsDefault = false; + + # Remove Special Pages + OverrideFirstRunPage = ""; + OverridePostUpdatePage = ""; + + # Start Page + Homepage = { + StartPage = "previous-session"; + Loked = true; + }; + + # Home Page + FirefoxHome = { + Search = true; + TopSites = false; + SponsoredTopSites = false; + Highlights = false; + Pocket = false; + SponsoredPocket = false; + Snippets = false; + Locked = true; + }; + + # Search Suggestions + FirefoxSuggest = { + WebSuggestions = false; + SponsoredSuggestions = false; + ImproveSuggest = false; + Locked = true; + }; + + # Save All on Shutdown + SanitizeOnShutdown = { + Cache = false; + Cookies = false; + Downloads = false; + Histroy = false; + Sessions = false; + SiteSettings = false; + OfflineApps = false; + Locked = true; + }; + + # Miscellaneous + SearchBar = "unified"; + DisplayMenuBar = "default-off"; + DisplayBookmarksToolbar = "newtab"; + NoDefaultBookmarks = true; + HardwareAcceleration = true; + DontCheckDefaultBrowser = true; + PromptForDownloadLocation = false; + + # Extensions + ExtensionSettings = { + "*".installation_mode = "blocked"; + # uBlock Origin + "uBlock0@raymondhill.net" = { + install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; + installation_mode = "force_installed"; + }; + # Bitwarden + "{446900e4-71c2-419f-a6a7-df9c091e268b}" = { + install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi"; + installation_mode = "force_installed"; + }; + }; + + # about:config Preferences + Preferences = { + # theme + "toolkit.legacyUserProfileCustomizations.stylesheets" = lock-true; + "extensions.activeThemeID" = "firefox-compact-dark@mozilla.org"; + # privacy + "privacy.donottrack.enabled" = lock-true; + "privacy.fingerprintingProtection" = lock-false; + "privacy.globalprivacycontrol.enabled" = lock-true; + # security + "security.OCSP.enabled" = { + Value = 0; + Status = "locked"; + }; + "browser.contentblocking.category" = { + Value = "strict"; + Status = "locked"; + }; + # graphics + "webgl.disable" = lock-false; + "dom.webgpu.enabled" = lock-true; + "media.eme.enabled" = lock-true; + # tabs + "browser.tabs.warnOnClose" = lock-true; + "browser.tabs.firefox-view" = lock-false; + # user messaging + "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false; + "browser.newtabpage.activity-stream.feeds.snippets" = lock-false; + "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false; + "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false; + "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false; + "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false; + "browser.newtabpage.activity-stream.showSponsored" = lock-false; + "browser.newtabpage.activity-stream.system.showSponsored" = lock-false; + "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false; + }; + }; + }; +}