anglesideangle.dev / system
personal nixos config and packages
fork atom
system / modules / apps.nix
at main 7.6 kB view raw
1{ 2 lib, 3 pkgs, 4 packages, 5 ... 6}: 7# set up chromium web "apps" 8let 9 webapps = 10 let 11 apps = { 12 discord = "https://discord.com/channels/@me"; 13 slack = "https://app.slack.com/client/"; 14 outlook = "https://outlook.office.com/mail/"; 15 bluesky = "https://bsky.app/"; 16 canvas = "https://canvas.mit.edu/"; 17 gradescope = "https://www.gradescope.com/"; 18 }; 19 in 20 lib.mapAttrsToList ( 21 name: url: 22 pkgs.makeDesktopItem { 23 inherit name; 24 desktopName = name; 25 exec = "${lib.getExe pkgs.customPackages.chromium-wrapped} --app=${url}"; 26 terminal = false; 27 } 28 ) apps; 29in 30{ 31 services.flatpak.enable = true; 32 33 programs.chromium = { 34 enable = true; 35 36 # extensions = [ 37 # "ddkjiahejlhfcafbddmgiahcphecmpfh" # ublock origin lite 38 # "nngceckbapebfimnlniiiahkandclblb" # bitwarden 39 # ]; 40 41 # https://github.com/RKNF404/chromium-hardening-guide/blob/main/configs/POLICIES.md 42 extraOpts = { 43 "AIModeSettings" = 1; 44 "AlternateErrorPagesEnabled" = false; 45 # "AudioSandboxEnabled" = true; 46 "AutofillAddressEnabled" = false; 47 "AutofillCreditCardEnabled" = false; 48 "AutofillPredictionSettings" = 2; 49 "AutomatedPasswordChangeSettings" = 2; 50 "BackgroundModeEnabled" = false; 51 "BlockExternalExtensions" = true; 52 "BlockThirdPartyCookies" = true; 53 "BrowserLabsEnabled" = false; 54 "BrowserSignin" = 0; 55 "BuiltInAIAPIsEnabled" = false; 56 "ChromeVariations" = 2; 57 "ClearBrowsingDataOnExitList" = [ 58 "download_history" 59 "cached_images_and_files" 60 "autofill" 61 "hosted_app_data" 62 ]; 63 "ClickToCallEnabled" = false; 64 "CloudPrintProxyEnabled" = false; 65 "CreateThemesSettings" = 2; 66 "DefaultBrowserSettingEnabled" = false; 67 # "DefaultJavaScriptJitSetting" = 2; 68 # "DefaultJavaScriptOptimizerSetting" = 1; 69 "DefaultSensorsSetting" = 2; 70 "DefaultWebUsbGuardSetting" = 2; 71 "DesktopSharingHubEnabled" = false; 72 "DevToolsGenAiSettings" = 2; 73 "Disable3DAPIs" = true; 74 "DnsOverHttpsMode" = "automatic"; 75 # "DnsOverHttpsTemplates" 76 "EnableMediaRouter" = false; 77 "ExtensionAllowedTypes" = [ 78 "extension" 79 "theme" 80 ]; 81 "ExtensionDeveloperModeSettings" = 1; 82 # "ExtensionInstallAllowlist" = []; # TODO 83 # "ExtensionInstallBlocklist" = [ 84 # "ddkjiahejlhfcafbddmgiahcphecmpfh" # ublock origin lite 85 # "nngceckbapebfimnlniiiahkandclblb" # bitwarden 86 # ]; 87 "ExtensionSettings" = { 88 "*" = { 89 "installation_mode" = "blocked"; 90 }; 91 "ddkjiahejlhfcafbddmgiahcphecmpfh" = { 92 "installation_mode" = "force_installed"; 93 "update_url" = "https://clients2.google.com/service/update2/crx"; 94 }; 95 "nngceckbapebfimnlniiiahkandclblb" = { 96 "installation_mode" = "force_installed"; 97 "update_url" = "https://clients2.google.com/service/update2/crx"; 98 }; 99 }; 100 101 "GeminiSettings" = 1; 102 "GenAILocalFoundationalModelSettings" = 1; 103 "GoogleSearchSidePanelEnabled" = false; 104 "HardwareAccelerationModeEnabled" = true; # recommended to be false 105 "HelpMeWriteSettings" = 2; 106 "HistoryClustersVisible" = false; 107 "HistorySearchSettings" = 2; 108 "HttpsOnlyMode" = "force_enabled"; 109 "LensOverlaySettings" = 1; 110 "LensRegionSearchEnabled" = false; 111 "LiveTranslateEnabled" = false; 112 "MediaRecommendationsEnabled" = false; 113 "MetricsReportingEnabled" = false; 114 "NativeMessagingBlocklist" = [ "*" ]; 115 "NetworkPredictionOptions" = 2; 116 "NetworkServiceSandboxEnabled" = true; 117 "NTPCardsVisible" = false; 118 "PasswordLeakDetectionEnabled" = false; 119 "PasswordManagerEnabled" = false; 120 "PaymentMethodQueryEnabled" = false; 121 "PrivacySandboxAdMeasurementEnabled" = false; 122 "PrivacySandboxAdTopicsEnabled" = false; 123 "PrivacySandboxPromptEnabled" = false; 124 "PrivacySandboxSiteEnabledAdsEnabled" = false; 125 "PromotionsEnabled" = false; 126 "PromptForDownloadLocation" = true; # TODO ?? 127 # "ProtectedContentIdentifiersAllowed" = false; 128 "RelatedWebsiteSetsEnabled" = false; 129 "RemoteAccessHostAllowRemoteAccessConnections" = false; 130 "RemoteAccessHostAllowRemoteSupportConnections" = false; 131 "RemoteAccessHostFirewallTraversal" = false; 132 "RemoteDebuggingAllowed" = false; 133 "SafeBrowsingDeepScanningEnabled" = false; 134 "SafeBrowsingExtendedReportingEnabled" = false; 135 "SafeBrowsingProtectionLevel" = 1; 136 "SafeBrowsingSurveysEnabled" = false; 137 "SearchSuggestEnabled" = false; 138 "SharedClipboardEnabled" = false; 139 "ShoppingListEnabled" = false; 140 "ShowFullUrlsInAddressBar" = true; 141 "SitePerProcess" = true; 142 "SpellCheckServiceEnabled" = false; 143 "SyncDisabled" = true; 144 "TabCompareSettings" = 2; 145 "TLS13EarlyDataEnabled" = false; 146 "TranslateEnabled" = false; 147 "TranslatorAPIAllowed" = false; 148 # "UrlKeyedAnonymizedDataCollectionEnabled" = false; 149 "UrlKeyedMetricsAllowed" = false; 150 "UserAgentReduction" = 2; 151 "UserFeedbackAllowed" = false; 152 "WebRtcIPHandling" = "disable_non_proxied_udp"; 153 "WebRtcTextLogCollectionAllowed" = false; 154 # "WebUsbAskForUrls" = [ ] # whitelist of sites allowed to ask for webusb 155 }; 156 }; 157 158 # needed for electron apps that won't run on wayland 159 environment.sessionVariables.NIXOS_OZONE_WL = "1"; 160 161 # programs.firefox = { 162 # enable = true; 163 # languagePacks = [ 164 # "en-US" 165 # ]; 166 167 # # ---- POLICIES ---- 168 # # Check about:policies#documentation for options. 169 # policies = { 170 # DisableTelemetry = true; 171 # DisableFirefoxStudies = true; 172 # EnableTrackingProtection = { 173 # Value = true; 174 # Locked = true; 175 # Cryptomining = true; 176 # Fingerprinting = true; 177 # }; 178 # DisablePocket = true; 179 # DisableFirefoxAccounts = true; 180 # DisableAccounts = true; 181 # DisableFirefoxScreenshots = true; 182 # OverrideFirstRunPage = ""; 183 # OverridePostUpdatePage = ""; 184 # DontCheckDefaultBrowser = true; 185 # DisplayBookmarksToolbar = "never"; # alternatives: "always" or "newtab" 186 # DisplayMenuBar = "default-off"; # alternatives: "always", "never" or "default-on" 187 # SearchBar = "unified"; # alternative: "separate" 188 189 # OfferToSaveLogins = false; 190 # PasswordManagerEnabled = false; 191 192 # # ---- EXTENSIONS ---- 193 # # Check about:support for extension/add-on ID strings. 194 # # Valid strings for installation_mode are "allowed", "blocked", 195 # # "force_installed" and "normal_installed". 196 # ExtensionSettings = { 197 # "*".installation_mode = "blocked"; # blocks all addons except the ones specified below 198 # "uBlock0@raymondhill.net" = { 199 # install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; 200 # installation_mode = "force_installed"; 201 # }; 202 # "{446900e4-71c2-419f-a6a7-df9c091e268b}" = { 203 # install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi"; 204 # installation_mode = "force_installed"; 205 # }; 206 # }; 207 # }; 208 # }; 209 210 users.users.asa.packages = [ 211 pkgs.customPackages.alacritty-wrapped 212 pkgs.customPackages.helix-wrapped 213 pkgs.customPackages.chromium-wrapped 214 215 # aerc 216 # yazi 217 # wget 218 219 # fzf 220 # ripgrep 221 222 # utilities 223 # zip 224 # unzip 225 # zathura 226 # btop 227 ] 228 ++ webapps; 229 230}