nixos/firefox: init

This commit is contained in:
Daniel Thwaites 2022-11-10 19:07:37 +00:00
parent 717ccacc16
commit 01b3d0bf25
No known key found for this signature in database
GPG key ID: D8AFC4BF05670F9D
4 changed files with 104 additions and 0 deletions

View file

@ -1390,6 +1390,16 @@ signald -d /var/lib/signald/db \
for those who want to use it.
</para>
</listitem>
<listitem>
<para>
A NixOS module for Firefox has been added which allows
preferences and
<link xlink:href="https://github.com/mozilla/policy-templates/blob/master/README.md">policies</link>
to be set. This also allows extensions to be installed via the
<literal>ExtensionSettings</literal> policy. The new options
are under <literal>programs.firefox</literal>.
</para>
</listitem>
</itemizedlist>
</section>
</section>

View file

@ -420,4 +420,6 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
- The `mame` package does not ship with its tools anymore in the default output. They were moved to a separate `tools` output instead. For convenience, `mame-tools` package was added for those who want to use it.
- A NixOS module for Firefox has been added which allows preferences and [policies](https://github.com/mozilla/policy-templates/blob/master/README.md) to be set. This also allows extensions to be installed via the `ExtensionSettings` policy. The new options are under `programs.firefox`.
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->

View file

@ -157,6 +157,7 @@
./programs/extra-container.nix
./programs/feedbackd.nix
./programs/file-roller.nix
./programs/firefox.nix
./programs/firejail.nix
./programs/fish.nix
./programs/flashrom.nix

View file

@ -0,0 +1,91 @@
{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.programs.firefox;
policyFormat = pkgs.formats.json { };
organisationInfo = ''
When this option is in use, Firefox will inform you that "your browser
is managed by your organisation". That message appears because NixOS
installs what you have declared here such that it cannot be overridden
through the user interface. It does not mean that someone else has been
given control of your browser, unless of course they also control your
NixOS configuration.
'';
in {
options.programs.firefox = {
enable = mkEnableOption (mdDoc "the Firefox web browser");
package = mkOption {
description = mdDoc "Firefox package to use.";
type = types.package;
default = pkgs.firefox;
defaultText = literalExpression "pkgs.firefox";
relatedPackages = [
"firefox"
"firefox-beta-bin"
"firefox-bin"
"firefox-devedition-bin"
"firefox-esr"
"firefox-esr-wayland"
"firefox-wayland"
];
};
policies = mkOption {
description = mdDoc ''
Group policies to install.
See [Mozilla's documentation](https://github.com/mozilla/policy-templates/blob/master/README.md")
for a list of available options.
This can be used to install extensions declaratively! Check out the
documentation of the `ExtensionSettings` policy for details.
${organisationInfo}
'';
type = policyFormat.type;
default = {};
};
preferences = mkOption {
description = mdDoc ''
Preferences to set from `about://config`.
Some of these might be able to be configured more ergonomically
using policies.
${organisationInfo}
'';
type = with types; attrsOf (oneOf [ bool int string ]);
default = {};
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
environment.etc."firefox/policies/policies.json".source =
let policiesJSON =
policyFormat.generate
"firefox-policies.json"
{ inherit (cfg) policies; };
in mkIf (cfg.policies != {}) "${policiesJSON}";
# Preferences are converted into a policy
programs.firefox.policies =
mkIf (cfg.preferences != {})
{
Preferences = (mapAttrs (name: value: {
Value = value;
Status = "locked";
}) cfg.preferences);
};
};
meta.maintainers = with maintainers; [ danth ];
}