Commit d3a6a124 authored by Luis Hebendanz's avatar Luis Hebendanz
Browse files

firefox: fix wrapper removing existing addons by default

parent ea382dd6

doc/builders/packages/firefox.section.md

+10 −1
Original line number Diff line number Diff line
@@ -7,7 +7,7 @@ The `wrapFirefox` function allows to pass policies, preferences and extension th 
```nix

{

  myFirefox = wrapFirefox firefox-unwrapped {

    extraExtensions = [

    nixExtensions = [

      (fetchFirefoxAddon {

        name = "ublock";

        url = "https://addons.mozilla.org/firefox/downloads/file/3679754/ublock_origin-1.31.0-an+fx.xpi";
@@ -38,3 +38,12 @@ The `wrapFirefox` function allows to pass policies, preferences and extension th 
  };

}

```



If `nixExtensions != null` then all manually installed addons will be uninstalled from your browser profile.

To view available enterprise policies visit [enterprise policies](https://github.com/mozilla/policy-templates#enterprisepoliciesenabled)

or type into the Firefox url bar: `about:policies#documentation`.

Nix installed addons do not have a valid signature, which is why signature verification is disabled. This does not compromise security because downloaded addons are checksumed and manual addons can't be installed.



# Troubleshooting

If addons do not appear installed although they have been defined in your nix configuration file reset the local addon state of your Firefox profile by clicking `help -> restart with addons disabled -> restart -> refresh firefox`. This can happen if you switch from manual addon mode to nix addon mode and then back to manual mode and then again to nix addon mode.

pkgs/applications/networking/browsers/firefox/wrapper.nix

+8 −6
Original line number Diff line number Diff line
@@ -41,7 +41,7 @@ let 
    # https://github.com/mozilla/policy-templates#enterprisepoliciesenabled

    , extraPolicies ? {}

    , firefoxLibName ? "firefox" # Important for tor package or the like

    , extraExtensions ? [ ]

    , nixExtensions ? null

    }:



    assert forceWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used
@@ -100,19 +100,21 @@ let 
      policiesJson = builtins.toFile "policies.json"

        (builtins.toJSON enterprisePolicies);



      usesNixExtensions = nixExtensions != null;



      extensions = builtins.map (a:

        if ! (builtins.hasAttr "extid" a) then

        throw "extraExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon"

        throw "nixExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon"

        else

        a

      ) extraExtensions;

      ) (if usesNixExtensions then nixExtensions else []);



      enterprisePolicies =

      {

        policies = {

        policies = lib.optionalAttrs usesNixExtensions  {

          DisableAppUpdate = true;

        } //

        {

        lib.optionalAttrs usesNixExtensions {

          ExtensionSettings = {

            "*" = {

                blocked_install_message = "You can't have manual extension mixed with nix extensions";
@@ -137,7 +139,7 @@ let 
        // to be able to install addons that do not have an extid

        // Security is maintained because only user whitelisted addons

        // with a checksum can be installed

        lockPref("xpinstall.signatures.required", false);

        ${ lib.optionalString usesNixExtensions ''lockPref("xpinstall.signatures.required", false)'' };

        ${extraPrefs}

      '';