diff options
| author | andromeda <andromeda@lenovo> | 2026-01-25 10:58:46 +0100 |
|---|---|---|
| committer | andromeda <andromeda@lenovo> | 2026-01-25 10:59:20 +0100 |
| commit | e4305c15ac624e5f39ca1122bc6e922660a833ad (patch) | |
| tree | d643110d9e581286c88428d4f03379c7ce4db4e6 /modules/nixos/phoenix.nix | |
| parent | 6e7e52aecfb98f9cfec748acef50ecf6845aea77 (diff) | |
| parent | 5c99e52e09e7fa83edfad0213c81db2bc6fa7104 (diff) | |
failed to npins, patch phoenix
Diffstat (limited to 'modules/nixos/phoenix.nix')
| -rw-r--r-- | modules/nixos/phoenix.nix | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/modules/nixos/phoenix.nix b/modules/nixos/phoenix.nix new file mode 100644 index 0000000..c5d59de --- /dev/null +++ b/modules/nixos/phoenix.nix @@ -0,0 +1,61 @@ +{phoenix, ...}: rec { + phoenixOverlay = final: prev: { + phoenix = (final.callPackage (import "${phoenix}/nix/package.nix") + { + }).overrideAttrs { + patches = [ + ../../patches/0001-autoDisableScopes-unlocked.patch + ]; + }; + withPhoenix = firefoxPackage: + firefoxPackage.override { + extraPoliciesFiles = ["${final.phoenix}/policies.json"]; + extraPrefsFiles = ["${final.phoenix}/phoenix.cfg"]; + }; + }; + phoenixModule = { + pkgs, + config, + lib, + ... + }: { + options.programs.firefox.phoenix = { + enable = + lib.mkEnableOption "Enable privacy & security hardening of Firefox using the Phoenix configs" + // { + default = true; + }; + firefoxPackages = lib.mkOption { + type = lib.types.listOf lib.types.str; + default = ["firefox"]; + description = "The name of Firefox packages of current pkgs to patch with phoenix config and policy."; + }; + }; + config = let + cfg = config.programs.firefox.phoenix; + in + lib.mkIf cfg.enable { + assertions = [ + { + assertion = !pkgs.stdenv.isDarwin; + message = "Phoenix module has not been ported to nix-darwin yet. Contributions welcomed."; + } + ]; + environment.etc."firefox/defaults/pref/phoenix-desktop.js".source = "${pkgs.phoenix}/pref/phoenix-desktop.js"; + environment.etc."firefox/phoenix/userjs".source = "${pkgs.phoenix}/userjs"; + environment.etc."firefox/phoenix/configs".source = "${pkgs.phoenix}/configs"; + environment.etc."firefox/phoenix/assets".source = "${pkgs.phoenix}/assets"; + programs.firefox.policies = + (builtins.fromJSON (builtins.readFile "${pkgs.phoenix}/policies.json")).policies; + nixpkgs.overlays = [ + phoenixOverlay + ( + final: prev: + builtins.listToAttrs ( + map (p: lib.nameValuePair p (final.withPhoenix prev.${p})) cfg.firefoxPackages + ) + ) + ]; + }; + }; +} |