Firefox-addons allow unfree

Hi, I’ve spent multiple hours trying different variations without luck. I have firefox-addons working fine and am able to install firefox extensions ok but unable to install unfree extensions.

Tried:

  • Using nur as input
  • using the allowUnfree option in home-manager config every other place I could think
  • Followed multiple posts and articles without luck

flake.nix

{
  description = "Multi-System Configs";

  inputs = {
    nixpkgs = {
      url = "nixpkgs/nixos-24.05";
    };

    nixpkgs-unstable = {
      url = "nixpkgs/nixos-unstable";
    };

    home-manager = {
      url = "github:nix-community/home-manager/release-24.05";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    nix-vscode-extensions = {
      url = "github:nix-community/nix-vscode-extensions";
      inputs.nixpkgs.follows = "nixpkgs-unstable";
    };

    nixvim.url = "github:nix-community/nixvim/nixos-24.05";
    nixvim.inputs.nixpkgs.follows = "nixpkgs";

    firefox-addons = {
      url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };

  outputs = {
    nixpkgs,
    nixpkgs-unstable,
    home-manager,
    nix-vscode-extensions,
    nixvim,
    firefox-addons,
    ...
  } @inputs: let
    lib = nixpkgs.lib;
    sharedSettings = {
      homeDir,
      userName,
      hostName,
    }: {
      uid = 1000;
      userName = userName;
      homeDir = homeDir;
      hostName = hostName;
      dotFiles = "${homeDir}/.dotfiles";
      configDir = "${homeDir}/.config";
      fullName = "Harvey";
      email = "redacted";
      theme = "catppuccin";
      font = "FiraCode Nerd Font Mono";
      fontSize = "12";
      extraGroups = ["networkmanager" "wheel" "docker"];
    };
    in {
      nixosConfigurations = let
        system = "x86_64-linux";
        unstablePkgs = import "${nixpkgs-unstable}" {
          inherit system;
          config.allowUnfree = true;
        };
        userName = "harvey";
        homeDir = "/home/${userName}";
        hostName = "nixos";
        settings = sharedSettings {
          userName = userName;
          homeDir = homeDir;
          hostName = hostName;
        };
        in {
          x270 = lib.nixosSystem {
            
            inherit system;
            specialArgs = {
              inherit inputs unstablePkgs;
              settings = settings;
            };
            modules = [
              ./hosts/x270/configuration.nix
              home-manager.nixosModules.home-manager {
                nixpkgs.overlays = [
                  # OVERLAYS HERE
                ];
                home-manager.useGlobalPkgs = true;
                home-manager.useUserPackages = true;
                home-manager.users.harvey.imports = [./hosts/x270/home.nix];
                home-manager.backupFileExtension = "backup";
                home-manager.extraSpecialArgs = {
                  inherit inputs unstablePkgs firefox-addons;
                  nix-vscode-extensions = nix-vscode-extensions.extensions.${system};
                  settings = settings;
                  # firefox-addons-allowUnfree = firefox-addons.packages.${system} {
                  #   config.allowUnfree = true;
                  # };
                };
                home-manager.sharedModules = [
                  nixvim.homeManagerModules.nixvim
                ];
              }
            ];
          };
        };
    };
}

home.nix

{...}: {
    imports = [ ../../home/default.nix ];
}

home/default.nix

{ config, pkgs, lib, unstablePkgs, ... }:
{
  imports = [
    ./desktop-apps
    ./shell
  ];

  home.stateVersion = "24.05"; # Please read the comment before changing.

  programs.home-manager.enable = true;
  programs.nix-index.enable = false;

  fonts.fontconfig.enable = true;
  home.packages = with pkgs; [
    (nerdfonts.override {
      fonts = [
        "FiraCode"
      ];
    })
]; 

}

desktop-apps/default.nix

{...}: {
    imports = [ 
        ./vscode.nix 
        ./kitty.nix
        ./firefox.nix
    ];
}

firefox.nix

{pkgs, lib, inputs, ...}: 

    {
    
    programs.firefox = {
        enable = true;
        profiles = {
            default = {
                id = 0;
                name = "default";
                isDefault = true;
                search = {
                    force = true;
                    default = "SearXNG";
                    privateDefault = "SearXNG";
                    order = ["SearXNG" "DuckDuckGo" "Google"];
                    engines = {
                        "SearXNG" = {
                            urls = [{template = "https://redacted/search?q={searchTerms}";}];
                            iconUpdateURL = "https://redacted/static/themes/simple/img/favicon.png";
                        };
                    };
                };
                extensions = with inputs.firefox-addons.packages.${pkgs.system}; [
                    ublock-origin
                    # onepassword-password-manager.  # <----- PROBLEM ENABLING THIS
                ];
                bookmarks = [
                    {
                        name = "toolbar";
                        toolbar = true;
                        bookmarks = [
                            {
                                name = "DASH";
                                url = "https://redacted";
                            }
                            {
                                name = "Jellfin";
                                url = "https://redacted";
                            }
                        ];
                    }
                ];
                settings = {
                    "signon.rememberSignons" = false;
                    "browser.newtabpage.activity-stream.showSponsored" = false;
                    "browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
                    "browser.bookmarks.addedImportButton" = false;
                    "extensions.autoDisableScopes" = 0; # Don't auto-disable extensions
                };
            };
        };
        policies = {
            DisableTelemetry = true;
            DisableFirefoxStudies = true;
            DisablePocket = true;
            DisableFirefoxScreenshots = true;
            DisplayBookmarksToolbar = "always";
            FirefoxSuggest = {
                WebSuggestions = false;
                SponsoredSuggestions = false;
                ImproveSuggest = false;
            };

            EnableTrackingProtection = {
                Value = true;
                Cryptomining = true;
                Fingerprinting = true;
            };

            FirefoxHome = {
                Search = true;
                TopSites = false;
                SponsoredTopSites = false;
                Highlights = false;
                Pocket = false;
                SponsoredPocket = false;
                Snippets = false;
            };
        };
    };
}

This is what I currently have, what am I missing?

Many thanks
Harvey

The main problem is that the flake you’re using is using a completely different nixpkgs instance than the one you’re using, and they don’t expose an overlay (which would allow you to use their expression in your nixpkgs instance more easily). So when you allow unfree in your instance, it’s not affecting the instance that FA uses.

But you can impose your own nixpkgs instance nonetheless, by callPackage-ing it yourself:

--- a/flake.nix
+++ b/flake.nix
@@ -60,7 +60,7 @@
     in {
       nixosConfigurations = let
         system = "x86_64-linux";
-        unstablePkgs = import "${nixpkgs-unstable}" {
+        unstablePkgs = import nixpkgs-unstable {
           inherit system;
           config.allowUnfree = true;
         };
@@ -74,15 +74,14 @@
         };
         in {
           x270 = lib.nixosSystem {
-            
-            inherit system;
             specialArgs = {
               inherit inputs unstablePkgs;
               settings = settings;
             };
             modules = [
               ./hosts/x270/configuration.nix
-              home-manager.nixosModules.home-manager {
+              home-manager.nixosModules.home-manager
+              {
                 nixpkgs.overlays = [
                   # OVERLAYS HERE
                 ];
@@ -91,12 +90,10 @@
                 home-manager.users.harvey.imports = [./hosts/x270/home.nix];
                 home-manager.backupFileExtension = "backup";
                 home-manager.extraSpecialArgs = {
-                  inherit inputs unstablePkgs firefox-addons;
+                  inherit inputs unstablePkgs;
                   nix-vscode-extensions = nix-vscode-extensions.extensions.${system};
                   settings = settings;
-                  # firefox-addons-allowUnfree = firefox-addons.packages.${system} {
-                  #   config.allowUnfree = true;
-                  # };
+                  firefox-addons-allowUnfree = unstablePkgs.callPackage firefox-addons { };
                 };
                 home-manager.sharedModules = [
                   nixvim.homeManagerModules.nixvim
--- a/firefox.nix
+++ b/firefox.nix
@@ -1,4 +1,4 @@
-{pkgs, lib, inputs, ...}: 
+{pkgs, lib, inputs, firefox-addons-allowUnfree, ...}: 
 
     {
     
@@ -21,9 +21,9 @@
                         };
                     };
                 };
-                extensions = with inputs.firefox-addons.packages.${pkgs.system}; [
+                extensions = with firefox-addons-allowUnfree; [
                     ublock-origin
-                    # onepassword-password-manager.  # <----- PROBLEM ENABLING THIS
+                    onepassword-password-manager
                 ];
                 bookmarks = [
                     {

@waffle8946 Thank you so much. That worked perfectly. I really appreciate you taking the time to respond. I did not see the callPackage solution in any of the articles/forum posts I found.

Do you have any suggested pages that explain how that works so I can understand it better.

Thanks again.

https://nix.dev/tutorials/callpackage

Basically your only options to allow unfree with non-nixpkgs flakes are:

  • callPackage manually to ensure your nixpkgs instance is used, or
  • if upstream provides an overlay, they need to use final.callPackage, and then you consume their overlay, thereby ensuring your nixpkgs instance is used

Either way there’s not too many options here

That’s great. Thanks.