From 77808fba90d751ae3e83d2f265c95507f5a32251 Mon Sep 17 00:00:00 2001
From: "Emma (Rory&)" <root@rory.gay>
Date: Fri, 20 Oct 2023 12:17:44 +0000
Subject: Add firefox policy

---
 data/domain_lists/airelle.nix                 | 16 ++++++
 flake.lock                                    | 30 +++++------
 host/Rory-wsl/configuration.nix               | 12 +++++
 modules/software-templates/dotnet.client.nix  | 10 ++++
 modules/software-templates/dotnet.nix         |  7 +++
 modules/software-templates/firefox-policy.nix | 78 +++++++++++++++++++++++++++
 modules/users/Rory.nix                        |  1 +
 7 files changed, 139 insertions(+), 15 deletions(-)
 create mode 100644 data/domain_lists/airelle.nix
 create mode 100644 modules/software-templates/dotnet.client.nix
 create mode 100644 modules/software-templates/dotnet.nix
 create mode 100644 modules/software-templates/firefox-policy.nix

diff --git a/data/domain_lists/airelle.nix b/data/domain_lists/airelle.nix
new file mode 100644
index 0000000..a1a7e4c
--- /dev/null
+++ b/data/domain_lists/airelle.nix
@@ -0,0 +1,16 @@
+{
+    domains = 
+        builtins.filter (x: x != "" && x != [] && x != null)
+        (builtins.split "\n" (builtins.readFile ./airelle/ads.domains.list)
+        ++ builtins.split "\n" (builtins.readFile ./airelle/ads.hosts.list)
+        ++ builtins.split "\n" (builtins.readFile ./airelle/malware.domains.list)
+        ++ builtins.split "\n" (builtins.readFile ./airelle/malware.hosts.list)
+        ++ builtins.split "\n" (builtins.readFile ./airelle/miscellaneous.domains.list)
+        ++ builtins.split "\n" (builtins.readFile ./airelle/miscellaneous.hosts.list)
+        ++ builtins.split "\n" (builtins.readFile ./airelle/phishing.domains.list)
+        ++ builtins.split "\n" (builtins.readFile ./airelle/phishing.hosts.list)
+        ++ builtins.split "\n" (builtins.readFile ./airelle/porn.domains.list)
+        ++ builtins.split "\n" (builtins.readFile ./airelle/porn.hosts.list)
+        ++ builtins.split "\n" (builtins.readFile ./airelle/trackers.domains.list)
+        ++ builtins.split "\n" (builtins.readFile ./airelle/trackers.hosts.list));
+}
\ No newline at end of file
diff --git a/flake.lock b/flake.lock
index 1935ca4..5853f64 100644
--- a/flake.lock
+++ b/flake.lock
@@ -164,11 +164,11 @@
         "nixpkgs": "nixpkgs_2"
       },
       "locked": {
-        "lastModified": 1697522715,
-        "narHash": "sha256-QXk+nnQtdfsShjXCYmH6aq3wVQqsQD8h5VIDFIust8A=",
+        "lastModified": 1697688028,
+        "narHash": "sha256-d9CAOd9W2iTrgB31a8Dvyp6Vgn/gxASCNrD4Z9yzUOY=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "132f9851858986d78db0b08157256384bbc5738c",
+        "rev": "c5c1ea85181d2bb44e46e8a944a8a3f56ad88f19",
         "type": "github"
       },
       "original": {
@@ -198,11 +198,11 @@
     "nhekoSrc": {
       "flake": false,
       "locked": {
-        "lastModified": 1697257216,
-        "narHash": "sha256-DqnzgzmYwu9EQ0WgwoBuNA7nJBZ3UBBo1TEplGOS5C8=",
+        "lastModified": 1697661825,
+        "narHash": "sha256-P9em1ugrkyU/wdB6ZEg76b478ecn9A6Nb5i9govXRrs=",
         "owner": "Nheko-reborn",
         "repo": "nheko",
-        "rev": "85556c9e10a3af8531ea5c19a46ebe56fc4aebf9",
+        "rev": "78fac7dced05c8c020aa84d3e403dd72ecf76027",
         "type": "github"
       },
       "original": {
@@ -250,11 +250,11 @@
     },
     "nixpkgs-RoryNix": {
       "locked": {
-        "lastModified": 1697226376,
-        "narHash": "sha256-cumLLb1QOUtWieUnLGqo+ylNt3+fU8Lcv5Zl+tYbRUE=",
+        "lastModified": 1697583813,
+        "narHash": "sha256-SRXK2EBMZHlOAs/5bjphhX9XnIKR6peTV6i7yoL6/Lg=",
         "owner": "NixOs",
         "repo": "nixpkgs",
-        "rev": "898cb2064b6e98b8c5499f37e81adbdf2925f7c5",
+        "rev": "b5f8ec6be261dfc44c3b56b220e2793d1b61512b",
         "type": "github"
       },
       "original": {
@@ -282,11 +282,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1696879762,
-        "narHash": "sha256-Ud6bH4DMcYHUDKavNMxAhcIpDGgHMyL/yaDEAVSImQY=",
+        "lastModified": 1697456312,
+        "narHash": "sha256-roiSnrqb5r+ehnKCauPLugoU8S36KgmWraHgRqVYndo=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "f99e5f03cc0aa231ab5950a15ed02afec45ed51a",
+        "rev": "ca012a02bf8327be9e488546faecae5e05d7d749",
         "type": "github"
       },
       "original": {
@@ -314,11 +314,11 @@
     },
     "nixpkgs_4": {
       "locked": {
-        "lastModified": 1697059129,
-        "narHash": "sha256-9NJcFF9CEYPvHJ5ckE8kvINvI84SZZ87PvqMbH6pro0=",
+        "lastModified": 1697456312,
+        "narHash": "sha256-roiSnrqb5r+ehnKCauPLugoU8S36KgmWraHgRqVYndo=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "5e4c2ada4fcd54b99d56d7bd62f384511a7e2593",
+        "rev": "ca012a02bf8327be9e488546faecae5e05d7d749",
         "type": "github"
       },
       "original": {
diff --git a/host/Rory-wsl/configuration.nix b/host/Rory-wsl/configuration.nix
index f18b918..86a9562 100644
--- a/host/Rory-wsl/configuration.nix
+++ b/host/Rory-wsl/configuration.nix
@@ -4,6 +4,7 @@
   imports = [
     ../../modules/base-client.nix
     ../../modules/software-templates/profilers.nix
+    ../../modules/software-templates/dotnet.client.nix
   ];
   wsl = {
     enable = true;
@@ -46,9 +47,20 @@
     vimPlugins.vim-nix
     neovim
     tree
+    
+    vscode
+    temurin-bin
     (callPackage ../../modules/packages/nheko-git.nix { inherit nhekoSrc; inherit mtxclientSrc; })
   ];
 
+  programs.firefox = {
+    enable = true;
+    package = pkgs.firefox-devedition;
+    #preferencesStatus = "default";
+    wrapperConfig.speechSynthesisSupport = false;
+  };
+
+
   system.stateVersion = "23.05";
   home-manager.users.Rory.home.stateVersion = lib.mkForce "23.05";
 }
diff --git a/modules/software-templates/dotnet.client.nix b/modules/software-templates/dotnet.client.nix
new file mode 100644
index 0000000..1092cee
--- /dev/null
+++ b/modules/software-templates/dotnet.client.nix
@@ -0,0 +1,10 @@
+{ config, pkgs, lib, ... }:
+
+{
+    imports = [
+        ./dotnet.nix
+    ];
+    environment.systemPackages = with pkgs; [
+            jetbrains.rider
+    ];
+}
\ No newline at end of file
diff --git a/modules/software-templates/dotnet.nix b/modules/software-templates/dotnet.nix
new file mode 100644
index 0000000..3f52ce7
--- /dev/null
+++ b/modules/software-templates/dotnet.nix
@@ -0,0 +1,7 @@
+{ config, pkgs, lib, ... }:
+
+{
+    environment.systemPackages = with pkgs; [    
+        (callPackage ../packages/dotnet-pack.nix { inherit pkgs; })
+    ];
+}
\ No newline at end of file
diff --git a/modules/software-templates/firefox-policy.nix b/modules/software-templates/firefox-policy.nix
new file mode 100644
index 0000000..9e07193
--- /dev/null
+++ b/modules/software-templates/firefox-policy.nix
@@ -0,0 +1,78 @@
+{
+    AppAutoUpdate = false;
+    BackgroundAppUpdate = false;
+    BlockAboutAddons = false;
+    BlockAboutConfig = false;
+    BlockAboutProfiles = false;
+    BlockAboutSupport = false;
+    CaptivePortal = false;
+    Cookies = {
+        Block = import ../../data/domain_lists/airelle.nix;
+        AcceptThirdParty = false;
+        RejectTracker = true;
+        Behavior = "reject-tracker";
+    };
+    DisableBuiltInPDFViewer = false;
+    DisableFirefoxAccounts = true;
+    DisableFeedbackCommands = true;
+    DisableFirefoxStudies = true;
+    DisableFirefoxScreenshots = true;
+    DisablePocket = true;
+    DisableSystemAddonUpdate = true;
+    DisableTelemetry = true;
+    DisplayBookmarksToolbar = "always";
+    DisplayMenuBar = "always";
+    DNSOverHTTPS = {
+        Enabled = false;
+    };
+    DontCheckDefaultBrowser = true;
+    EnableTrackingProtection = {
+        Value = true;
+        Cryptomining = true;
+        Fingerprinting = true;
+        EmailTracking = true;
+    };
+    EncryptedMediaExtensions = {
+        Enabled = false;
+    };
+    Extensions = {
+        Install = [
+            "https://github.com/gorhill/uBlock/releases/download/1.52.2/uBlock0_1.52.2.firefox.signed.xpi"
+        ];
+    };
+    ExtensionUpdate = false;
+    FirefoxHome = {
+        Snippets = false;
+        TopSites = false;
+        Highlights = false;
+        Pocket = false;
+        SponsoredTopSites = false;
+        SponsoredPocket = false;
+    };
+    FirefoxSuggest = {
+        ImproveSuggest = false;
+        SponsoredSuggestions = false;
+        WebSuggestions = false;
+    };
+    GoToIntranetSiteForSingleWordEntryInAddressBar = true;
+    LocalFileLinks = [
+        "file://"
+        "https://*.rory.gay"
+        "http://*.localhost"
+        "http://localhost"
+    ];
+    PictureInPicture = false;
+    SearchSuggestEnabled = false;
+    UserMessaging = {
+        WhatsNew = false;
+        ExtensionRecommendations = false;
+        UrlbarInterventions = false;
+        SkipOnboarding = true;
+        MoreFromMozilla = false;
+        Locked = true;
+    };
+    WebsiteFilter = {
+        Block = import ../../data/domain_lists/airelle.nix;
+    };
+    WindowsSSO = true;
+}
\ No newline at end of file
diff --git a/modules/users/Rory.nix b/modules/users/Rory.nix
index f07223e..c922b5d 100755
--- a/modules/users/Rory.nix
+++ b/modules/users/Rory.nix
@@ -82,6 +82,7 @@
           alias ls='lsd -lA --color=always --icon=always'
           alias transfetch='neofetch --kitty ~/trans_witch.jpg'
           alias gc='git-commit'
+          [ -f "$HOME/.profile" ] && . $HOME/.profile
           '';
           #alias knconfig='cp .config ../$(date ''+%Y%m%d_%k%M%S\'').config -v; make CC=clang LLVM=1 nconfig'
         oh-my-zsh = {
-- 
cgit 1.4.1