Combining best of system Firefox and home-manager Firefox settings

I haven’t seen this documented yet, and wanted to point out that it’s possible to use BOTH the system-level Firefox and the home-manager-level Firefox settings.

Why would you want to do this? Well, each has its advantages:

System-level Firefox

  • allows you to create system-wide “policies” that include “locked” preferences which cannot be sneakily modified by Firefox (e.g. I’ve noticed *sponsored settings change based on internal API calls, I guess)
  • allows you to create force_installed Firefox extensions that skip the permission dialog to the user upon first-time use of a new Firefox profile

Home-manager-level Firefox

  • allows you to re-apply preferences to an existing Firefox profile, rather than set defaults for new profiles

How does this look in practice?

I have the following system-level Firefox nix settings:

{ config, pkgs, ... }:
let
  lock-false = {
    Value = false;
    Status = "locked";
  };
  lock-true = {
    Value = true;
    Status = "locked";
  };
  lock-empty-string = {
    Value = "";
    Status = "locked";
  };
in {
  programs.firefox = {
    enable = true;

    policies = {
      DisableTelemetry = true;
      DisableFirefoxStudies = true;
      DontCheckDefaultBrowser = true;
      DisablePocket = true;
      SearchBar = "unified";

      Preferences = {
        # Privacy settings
        "extensions.pocket.enabled" = lock-false;
        "browser.newtabpage.pinned" = lock-empty-string;
        "browser.topsites.contile.enabled" = lock-false;
        "browser.newtabpage.activity-stream.showSponsored" = lock-false;
        "browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
        "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
      };

      ExtensionSettings = {
        "uBlock0@raymondhill.net" = {
          install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
          installation_mode = "force_installed";
        };
        "{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
          install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
          installation_mode = "force_installed";
        };
        "jid1-MnnxcxisBPnSXQ@jetpack" = {
          install_url = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi";
          installation_mode = "force_installed";
        };
        "extension@tabliss.io" = {
          install_url = "https://addons.mozilla.org/firefox/downloads/file/3940751/tabliss-2.6.0.xpi";
          installation_mode = "force_installed";
        };
      };
    };
  };
}

And in my home-manager, I have the following:

    programs.firefox = {
      enable = true;
      profiles = {
        default = {
          id = 0;
          name = "default";
          isDefault = true;
          settings = {
            # "browser.startup.homepage" = "https://duckduckgo.com";
            "browser.search.defaultenginename" = "DuckDuckGo";
            "browser.search.order.1" = "DuckDuckGo";

            "signon.rememberSignons" = false;
            "widget.use-xdg-desktop-portal.file-picker" = 1;
            "browser.aboutConfig.showWarning" = false;
            "browser.compactmode.show" = true;
            "browser.cache.disk.enable" = false; # Be kind to hard drive

            "mousewheel.default.delta_multiplier_x" = 20;
            "mousewheel.default.delta_multiplier_y" = 20;
            "mousewheel.default.delta_multiplier_z" = 20;

            # Firefox 75+ remembers the last workspace it was opened on as part of its session management.
            # This is annoying, because I can have a blank workspace, click Firefox from the launcher, and
            # then have Firefox open on some other workspace.
            "widget.disable-workspace-management" = true;
          };
          search = {
            force = true;
            default = "DuckDuckGo";
            order = [ "DuckDuckGo" "Google" ];
          };
        };
      };
    };

If anyone has additional details, or understands better how these interact, by all means keep us apprised. Thanks.

16 Likes

I’ve been breaking my back to set Kagi as the default search, and instead Google is being forced on every nixos-rebuild (even after manually switching to Kagi).
I can see that some settings from the policies and profiles are being applied which is weird.
I do have ```

          search = {
            force = true;
            default = "DuckDuckGo";
            order = [ "DuckDuckGo" "Google" ];
          };

in the config. Has anyone else encountered this issue?

EDIT: I copy-pasted the search = from the post above and obviously yes, there’s DuckDuckGo instead of Kagi. But this makes me think out loud - Kagi search comes from the Kagi extension. Maybe there’s something different that needs to be done in the setup in order to select the custom search provider. After installing the extension, Kagi is listed with all the other search engines in Firefox Settings.
I’m installing Kagi via kagi-search package in NUR, all in the same programs.firefox = declaration.

2 Likes
search = {
           force = true;
           default = "Kagi";
        
           engines = {
        
             "Kagi" = {
               urls = [
                 {
                   template = "https://kagi.com/search?";
                   params = [
                     {
                       name = "q";
                       value = "{searchTerms}";
                     }
                   ];
                 }
               ];
             };
        }; 
     };

is what i came up with and it works for kagi

1 Like

For locking settings, I set everything via policies.Preferences. Policies can’t be changed by the user, so it makes sure that I don’t accidentally change anything. I don’t know if settings set like this are fully locked internally, though (if anyone does, let me know).

Here’s the link to my configuration if it’s helpful.

1 Like