Hello,
I want to add my firefox to my home manager config and one thing that I would really like is to have all my user scripts in nix. I often use two PCs and syncing my user script collection is a pain.
Can nix help me there? Or are extensions too locked down to import the myscript.user.js files after each home manager activation?
If someone else is also using user scripts in firefox, how do you manage them?
Declarative extension settings management is not really feasible due to firefox’s design. At least from what I found.
Declarative extension settings management is not really feasible due to firefox’s design. At least from what I found.
It works pretty well for extensions that support it. Usually via managed settings which Home Manager supports through policy settings or extensions.settings. It’s often pretty easy to add support for managed settings to an extension.
There’s also native messaging which is sometimes used for config.
For user scripts specifically, it’s possible you could use AutoConfig instead of an extension. When general.config.sandbox.enabled is false, AutoConfig allows you to run arbitrary JS in the browser. From a quick search I see that GitHub - MrOtherGuy/fx-autoconfig: Load custom javascript in browser context exists as a framework for running user scripts using AutoConfig. I can confirm that configuring AutoConfig does work with Nix.
I also see that a TamperMonkey developer has said they plan on supporting managed settings.
The detail is appreciated, but that simply validates my answer - policies.json is unsupported for this extension and most other extensions, so it’s not feasible. (Not sure what this has to do with “managed storage”, and I don’t see any of those links talking about “managed settings”.) Tampermonkey does not appear to be adding support for this either (3 year old issue, last reply >1 year ago).
Native messaging is a whole other topic, but of course the extension has to support it, and it requires runtime communication which is not really the same as config.
I can’t find any documentation on general.config.sandbox_enabled, but disabling any browser sandboxing sounds unwise in this day and age.
hmm.
the only extension which i have declaratively configured SO FAR (without home-manager) in librewolf (firefox) is uBlock, and it goes a little bit like this:
programs.firefox.policies."3rdparty".Extensions."uBlock0@raymondhill.net".adminSettings = {
userSettings = { # "rec"?
uiTheme = "dark";
uiAccentCustom = true;
uiAccentCustom0 = "#ff00ff";
cloudStorageEnabled = lib.mkForce false;
# noCosmeticFiltering = true; # "no-cosmetic-filtering"
# noLargeMedia = true; # "no-large-media"
# noRemoteFonts = true; # "no-remote-fonts"
# noScripting = true; # "no-scripting"
/*
importedLists = [
"https://github.com/DandelionSprout/adfilt/raw/master/LegitimateURLShortener.txt" # test
];
*/
# externalLists = lib.concatStringsSep "\n" importedLists; # TODO
selectedFilterLists = [ # "assets.json"
"ublock-filters"
"ublock-badware"
"ublock-privacy"
"ublock-unbreak"
"ublock-quick-fixes"
# "user-filters" # "importedLists" & "externalLists"?
"adguard-generic"
"adguard-mobile"
"easylist"
"adguard-spyware-url"
"adguard-spyware"
"block-lan"
"easyprivacy"
"urlhaus-1"
"curben-phishing"
"adguard-cookies"
"ublock-cookies-adguard"
"fanboy-cookiemonster"
"ublock-cookies-easylist"
"adguard-social"
"fanboy-social"
"fanboy-thirdparty_social"
"adguard-popup-overlays"
"adguard-mobile-app-banners"
"adguard-other-annoyances"
"adguard-widgets"
"easylist-annoyances"
"easylist-chat"
"easylist-newsletters"
"easylist-notifications"
"ublock-annoyances"
"dpollock-0" # hosts
"plowe-0" # tracking
# ...
];
};
};
(example)
so the “3rdparty” policy (click) is what one would need here?
sorry, its probably the wrong thing, but you can for sure configure SOME of the extensions…
policies.jsonis unsupported for this extension and most other extensions, so it’s not feasible.
It’s not widely supported but is where it counts (for me at least). Almost all of the extensions I use are declaritevly configured. Also, as I said it’s often easy to add support. Ex: The JS for supporting it with Firefox in keepassxc-browser is just a few lines that were added earlier this year. Besides that, it’s just takes some JSON of the available options.
Not sure what this has to do with “managed storage”, and I don’t see any of those links talking about “managed settings”.
storage.managed is the API that extension developers use to get access to the declarative config. The most common way for users to configure the managed storage is with policies.
Native messaging is a whole other topic, but of course the extension has to support it, and it requires runtime communication which is not really the same as config.
Config isn’t usually the use case but it works. Ex: I currently configure Trydactyl that way with a patched version of the native messenger that strips it down to just read-only config file access.
I can’t find any documentation on
general.config.sandbox_enabled, but disabling any browser sandboxing sounds unwise in this day and age.
As with most browser customization, it’s all about informed decisions. In general, extensions and especially user scripts are dangerous but it might be worthwhile to use some. That setting only affects the parsing of the autoconfig file, so the main concern is whether the code put in autoconfig is trustworthy (especially because the code is privileged). You can see this at the only place that setting is used in the Firefox source code: nsReadConfig.cpp - mozsearch
I think the main takeaway is that declarative browser customization is very possible but could use better support and needs to be done with care. I personally find what Nix brings to the table with it pretty exciting.
so the “3rdparty” policy (click) is what one would need here?
That is the relevant policies section for this stuff. I’m not sure exactly what the question is but what you linked is what that Nix code you shared is customizing. The other link in what you linked also talks briefly about how to add support to an extension.
Yes, almost only ublock supports this, which happens to be the one extension you’ve tried. There are open issues in the repositories of many other extensions, but barely any implement it, since it’s simply not the standard way of implementing persistent storage for anything web related, and we’re very much the outliers for caring about declarative configuration managed outside the browser. Most extensions instead support at-runtime settings import/export (if they care about declarative config at all).
ublock is a bit different because practically anyone who uses browser extensions uses it, and the maintainer is rather motivated to work on it because of the political mess with ABP. Plus it sees a fair bit of business use, where firefox policies are used extensively for fleet deployment. I imagine this is also the motivation that drove the keepass plugin’s implementation.
It’d be nice if it were more widespread, but browser plugins seem like they’re particularly bad as far as FOSS maintainer burnout goes, so good luck configuring almost anything else without forking the extension.
I maintain a Violentmonkey fork you should be able to use to do this: