about summary refs log tree commit diff
diff options
context:
space:
mode:
authorLuis Hebendanz <luis.nixos@gmail.com>2020-12-04 17:53:14 +0100
committerLuis Hebendanz <luis.nixos@gmail.com>2020-12-04 17:53:14 +0100
commitd3a6a124cf1fefb015e3a4a0642bcee8c623451f (patch)
tree1758b0b70ec04ec0716cfb69a7c732be46934e40
parentea382dd6297d94012236fbbc8b26b321ebe77c75 (diff)
downloadnixlib-d3a6a124cf1fefb015e3a4a0642bcee8c623451f.tar
nixlib-d3a6a124cf1fefb015e3a4a0642bcee8c623451f.tar.gz
nixlib-d3a6a124cf1fefb015e3a4a0642bcee8c623451f.tar.bz2
nixlib-d3a6a124cf1fefb015e3a4a0642bcee8c623451f.tar.lz
nixlib-d3a6a124cf1fefb015e3a4a0642bcee8c623451f.tar.xz
nixlib-d3a6a124cf1fefb015e3a4a0642bcee8c623451f.tar.zst
nixlib-d3a6a124cf1fefb015e3a4a0642bcee8c623451f.zip
firefox: fix wrapper removing existing addons by default
-rw-r--r--doc/builders/packages/firefox.section.md11
-rw-r--r--pkgs/applications/networking/browsers/firefox/wrapper.nix14
2 files changed, 18 insertions, 7 deletions
diff --git a/doc/builders/packages/firefox.section.md b/doc/builders/packages/firefox.section.md
index 2f89da2d4595..734b1839a3e6 100644
--- a/doc/builders/packages/firefox.section.md
+++ b/doc/builders/packages/firefox.section.md
@@ -7,7 +7,7 @@ The `wrapFirefox` function allows to pass policies, preferences and extension th
 ```nix
 {
   myFirefox = wrapFirefox firefox-unwrapped {
-    extraExtensions = [
+    nixExtensions = [
       (fetchFirefoxAddon {
         name = "ublock";
         url = "https://addons.mozilla.org/firefox/downloads/file/3679754/ublock_origin-1.31.0-an+fx.xpi";
@@ -38,3 +38,12 @@ The `wrapFirefox` function allows to pass policies, preferences and extension th
   };
 }
 ```
+
+If `nixExtensions != null` then all manually installed addons will be uninstalled from your browser profile.
+To view available enterprise policies visit [enterprise policies](https://github.com/mozilla/policy-templates#enterprisepoliciesenabled)
+or type into the Firefox url bar: `about:policies#documentation`.
+Nix installed addons do not have a valid signature, which is why signature verification is disabled. This does not compromise security because downloaded addons are checksumed and manual addons can't be installed.
+
+# Troubleshooting
+If addons do not appear installed although they have been defined in your nix configuration file reset the local addon state of your Firefox profile by clicking `help -> restart with addons disabled -> restart -> refresh firefox`. This can happen if you switch from manual addon mode to nix addon mode and then back to manual mode and then again to nix addon mode.
+
diff --git a/pkgs/applications/networking/browsers/firefox/wrapper.nix b/pkgs/applications/networking/browsers/firefox/wrapper.nix
index f9b7f2bb8a2e..7f0b826f905e 100644
--- a/pkgs/applications/networking/browsers/firefox/wrapper.nix
+++ b/pkgs/applications/networking/browsers/firefox/wrapper.nix
@@ -41,7 +41,7 @@ let
     # https://github.com/mozilla/policy-templates#enterprisepoliciesenabled
     , extraPolicies ? {}
     , firefoxLibName ? "firefox" # Important for tor package or the like
-    , extraExtensions ? [ ]
+    , nixExtensions ? null
     }:
 
     assert forceWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used
@@ -100,19 +100,21 @@ let
       policiesJson = builtins.toFile "policies.json"
         (builtins.toJSON enterprisePolicies);
 
+      usesNixExtensions = nixExtensions != null;
+
       extensions = builtins.map (a:
         if ! (builtins.hasAttr "extid" a) then
-        throw "extraExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon"
+        throw "nixExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon"
         else
         a
-      ) extraExtensions;
+      ) (if usesNixExtensions then nixExtensions else []);
 
       enterprisePolicies =
       {
-        policies = {
+        policies = lib.optionalAttrs usesNixExtensions  {
           DisableAppUpdate = true;
         } //
-        {
+        lib.optionalAttrs usesNixExtensions {
           ExtensionSettings = {
             "*" = {
                 blocked_install_message = "You can't have manual extension mixed with nix extensions";
@@ -137,7 +139,7 @@ let
         // to be able to install addons that do not have an extid
         // Security is maintained because only user whitelisted addons
         // with a checksum can be installed
-        lockPref("xpinstall.signatures.required", false);
+        ${ lib.optionalString usesNixExtensions ''lockPref("xpinstall.signatures.required", false)'' };
         ${extraPrefs}
       '';