add(firefox): vpn proxy profile
This commit is contained in:
@@ -86,6 +86,13 @@
|
||||
name = "web-app";
|
||||
url = "about:blank";
|
||||
};
|
||||
vpn-proxy = import ./profiles/vpn-proxy.nix {
|
||||
inherit pkgs myConfig;
|
||||
id = 2;
|
||||
name = "VPN";
|
||||
url = "https://browserleaks.com/ip";
|
||||
};
|
||||
|
||||
hakase = {
|
||||
search.force = true;
|
||||
isDefault = true;
|
||||
|
||||
@@ -0,0 +1,107 @@
|
||||
{
|
||||
pkgs,
|
||||
myConfig,
|
||||
id,
|
||||
name,
|
||||
url,
|
||||
# Add default proxy parameters (can be overridden when imported)
|
||||
proxyHost ? "192.168.68.70",
|
||||
proxyPort ? 8888,
|
||||
...
|
||||
}: {
|
||||
inherit id name;
|
||||
|
||||
# Note: This profile relies on the global tridactylrc logic in default.nix
|
||||
# to dynamically set 'newtab' via the TRIDACTYL_NEWTAB environment variable.
|
||||
search.force = true;
|
||||
search.default = "ddg";
|
||||
extensions.force = true;
|
||||
extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [
|
||||
ublock-origin
|
||||
bitwarden
|
||||
tridactyl
|
||||
new-tab-override
|
||||
pywalfox
|
||||
];
|
||||
|
||||
settings = {
|
||||
# --- PROXY / VPN CONFIGURATION ---
|
||||
"network.proxy.type" = 1; # 1 = Manual proxy configuration (0 = Direct, 5 = System)
|
||||
|
||||
# SOCKS5 Proxy Settings (Recommended for VPN tunnels)
|
||||
"network.proxy.socks" = proxyHost;
|
||||
"network.proxy.socks_port" = proxyPort;
|
||||
"network.proxy.socks_version" = 5;
|
||||
|
||||
# CRITICAL: Prevent DNS leaks by forcing DNS queries through the SOCKS proxy
|
||||
"network.proxy.socks_remote_dns" = true;
|
||||
"network.proxy.proxy_over_tls" = true;
|
||||
|
||||
# Optional: If using an HTTP/HTTPS proxy instead of SOCKS5, uncomment these and comment out SOCKS above:
|
||||
# "network.proxy.http" = proxyHost;
|
||||
# "network.proxy.http_port" = proxyPort;
|
||||
# "network.proxy.ssl" = proxyHost;
|
||||
# "network.proxy.ssl_port" = proxyPort;
|
||||
|
||||
# Define what should NOT go through the proxy (local addresses)
|
||||
"network.proxy.no_proxies_on" = "localhost, 127.0.0.1, ::1, 192.168.0.0/16, 10.0.0.0/8";
|
||||
|
||||
# Fail closed: Do NOT fall back to direct connection if the proxy fails
|
||||
"network.proxy.failover_timeout" = 1800;
|
||||
|
||||
# --- New Tab Override ---
|
||||
"extensions.newtaboverride@agenedia.com.url" = url;
|
||||
"extensions.newtaboverride@agenedia.com.type" = 1; # URL mode
|
||||
|
||||
# --- Privacy & Hardening ---
|
||||
"browser.contentblocking.category" = "strict";
|
||||
"privacy.trackingprotection.enabled" = true;
|
||||
"privacy.resistFingerprinting" = false; # Note: Spoofs timezone and caps FPS to 60
|
||||
"geo.enabled" = false;
|
||||
"media.peerconnection.enabled" = false; # Prevents WebRTC IP leaks (Essential for VPN use)
|
||||
"network.dns.disablePrefetch" = true;
|
||||
"network.prefetch-next" = false;
|
||||
|
||||
# --- NixOS / Hyprland Integration ---
|
||||
"widget.use-xdg-desktop-portal.file-picker" = 1; # Use native file picker
|
||||
|
||||
# --- UI & Behavior ---
|
||||
"browser.toolbars.bookmarks.visibility" = "never";
|
||||
"browser.compactmode.show" = true;
|
||||
"browser.tabs.closeWindowWithLastTab" = false;
|
||||
"extensions.pocket.enabled" = false;
|
||||
"extensions.screenshots.disabled" = true;
|
||||
"browser.topsites.contile.enabled" = false;
|
||||
"browser.formfill.enable" = false;
|
||||
"browser.search.suggest.enabled" = false;
|
||||
"browser.search.suggest.enabled.private" = false;
|
||||
"browser.urlbar.suggest.searches" = false;
|
||||
"browser.urlbar.showSearchSuggestionsFirst" = false;
|
||||
"browser.newtabpage.activity-stream.feeds.section.topstories" = false;
|
||||
"browser.newtabpage.activity-stream.feeds.snippets" = false;
|
||||
"browser.newtabpage.activity-stream.section.highlights.includePocket" = false;
|
||||
"browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = false;
|
||||
"browser.newtabpage.activity-stream.section.highlights.includeDownloads" = false;
|
||||
"browser.newtabpage.activity-stream.section.highlights.includeVisited" = false;
|
||||
"browser.newtabpage.activity-stream.showSponsored" = false;
|
||||
"browser.newtabpage.activity-stream.system.showSponsored" = false;
|
||||
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
|
||||
"toolkit.legacyUserProfileCustomizations.stylesheets" = true;
|
||||
"extensions.autoDisableScopes" = 0; # Enable extensions by default
|
||||
|
||||
# --- Homepage & Navigation ---
|
||||
"browser.startup.page" = 1; # Always open the homepage
|
||||
"browser.startup.homepage" = url;
|
||||
"browser.newtab.url" = url; # Try to set newtab to homepage
|
||||
"browser.sessionstore.resume_from_crash" = false; # Always start fresh
|
||||
"browser.sessionstore.max_tabs_undo" = 0; # Disable undo close tab
|
||||
|
||||
# --- DNS over HTTPS ---
|
||||
# Note: When using SOCKS5 remote DNS, Trr (DoH) can conflict or bypass your VPN's internal DNS.
|
||||
# Mode 5 disables DoH explicitly so the SOCKS proxy handles all DNS resolution cleanly.
|
||||
"network.trr.mode" = 5;
|
||||
};
|
||||
|
||||
# Optional: Keep your userChrome block here if you want the autohide UI applied to this profile too
|
||||
# userChrome = '' ... '';
|
||||
}
|
||||
+11
-8
@@ -67,8 +67,10 @@
|
||||
stayFocusedGames);
|
||||
in {
|
||||
xdg.desktopEntries.steam-bigpicture = {
|
||||
name = "Steam (Big Picture GLX)";
|
||||
exec = "env STEAM_RUNTIME=1 steam -no-cef-sandbox -cef-force-glx -bigpicture";
|
||||
# name = "Steam (Big Picture GLX)";
|
||||
name = "Steam (Big Picture)";
|
||||
# exec = "env STEAM_RUNTIME=1 steam -no-cef-sandbox -cef-force-glx -bigpicture";
|
||||
exec = "steam -bigpicture";
|
||||
icon = "steam";
|
||||
terminal = false;
|
||||
categories = ["Game"];
|
||||
@@ -99,13 +101,14 @@ in {
|
||||
];
|
||||
|
||||
exec-once = [
|
||||
"[workspace name:steam silent] steam"
|
||||
# "[workspace name:gaming silent] env STEAM_RUNTIME=1 steam -no-cef-sandbox -cef-force-glx -bigpicture"
|
||||
"[workspace name:gaming silent] steam -bigpicture"
|
||||
];
|
||||
bindd = [
|
||||
"SUPER, A, Focus Steam Workspace, workspace, name:steam"
|
||||
"SUPER SHIFT, A, Move to Steam Workspace, movetoworkspace, name:steam"
|
||||
"SUPER, G, Switch to Gaming Workspace, exec, gaming-focus"
|
||||
"SUPER SHIFT, G, Move to Gaming Workspace, movetoworkspace, name:gaming"
|
||||
# "SUPER, A, Focus Steam Workspace, workspace, name:steam"
|
||||
# "SUPER SHIFT, A, Move to Steam Workspace, movetoworkspace, name:steam"
|
||||
"SUPER, A, Switch to Gaming Workspace, exec, gaming-focus"
|
||||
"SUPER SHIFT, A, Move to Gaming Workspace, movetoworkspace, name:gaming"
|
||||
];
|
||||
windowrule =
|
||||
[
|
||||
@@ -122,7 +125,7 @@ in {
|
||||
# --- STEAM CLIENT OVERRIDE ---
|
||||
# Override the float for the main Steam client, tile it, and move it to the steam workspace.
|
||||
"match:class ^(steam)$, tile on"
|
||||
"match:class ^(steam)$, workspace name:steam"
|
||||
"match:class ^(steam)$, workspace name:gaming"
|
||||
|
||||
# --- STEAM GAME OVERRIDES ---
|
||||
# Override the float for actual games and move them to the gaming workspace.
|
||||
|
||||
Reference in New Issue
Block a user