Firefox configuration via `policies.json` for NixOS Setup?

[Kreyren]

Referencing: https://discourse.nixos.org/t/declare-firefox-extensions-and-settings/36265/26?u=kryren

NixOS is a linux/bsd distribution that is on my end stateless meaning that the OS reinstalls itself on each reboot to provide bit-by-bit reproducible OS on each reboot with any changes made to the filesystem that are not explicitly set in the configuration or allowlisted (e.g. personal files) are removed.

For Firefox i am trying to declare a libredirect configuration so that when i open firefox it would have the extension configured to my liking without me having to reconfigure libredirect after each reboot.

On Firefox this is often done through policies.json (https://support.mozilla.org/en-US/kb/customizing-firefox-using-policiesjson) such as ublock-origin: https://github.com/Kreyren/nixos-config/blob/bd4765eb802a0371de7291980ce999ccff59d619/nixos/users/kreyren/home/modules/web-browsers/firefox/firefox.nix#L116-L148

For that i found the config.json file: https://github.com/libredirect/browser_extension/blob/b3457faf1bdcca0b17872e30b379a7ae55bc8fd0/src/config.json

But trying to replicate it's configuration in policies.json doesn't work: https://github.com/Kreyren/nixos-config/blob/bd4765eb802a0371de7291980ce999ccff59d619/nixos/users/kreyren/home/modules/web-browsers/firefox/firefox.nix#L114

The generated policy.json:

{
  "policies": {
    ...
    "3rdparty": {
      "Extensions": {
        "7esoorv3@alefvanoon.anonaddy.me": {
          "services": {
            "youtube": {
              "options": {
                "enabled": true
              }
            }
          }
        },
        "uBlock0@raymondhill.net": {
          "adminSettings": {
            "selectedFilterLists": [
              "CZE-0",
              "adguard-generic",
              "adguard-annoyance",
              "adguard-social",
              "adguard-spyware-url",
              "easylist",
              "easyprivacy",
              "https://github.com/DandelionSprout/adfilt/raw/master/LegitimateURLShortener.txt",
              "plowe-0",
              "ublock-abuse",
              "ublock-badware",
              "ublock-filters",
              "ublock-privacy",
              "ublock-quick-fixes",
              "ublock-unbreak",
              "urlhaus-1"
            ],
            "userSettings": {
              "cloudStorageEnabled": false,
              "externalLists": "https://filters.adtidy.org/extension/ublock/filters/3.txt\nhttps://github.com/DandelionSprout/adfilt/raw/master/LegitimateURLShortener.txt",
              "importedLists": [
                "https://filters.adtidy.org/extension/ublock/filters/3.txt",
                "https://github.com/DandelionSprout/adfilt/raw/master/LegitimateURLShortener.txt"
              ],
              "uiAccentCustom": true,
              "uiAccentCustom0": "#8300ff",
              "uiTheme": "dark"
            }
          }
        }
      }
    },
    ...
    "ExtensionSettings": {
      "*": {
        "blocked_install_message": "FUCKING FORGET IT!",
        "installation_mode": "blocked"
      },
      "7esoorv3@alefvanoon.anonaddy.me": {
        "install_url": "file:////nix/store/vl28jnn71crhknpizd64q74spryp3ga2-libredirect-2.8.2/share/mozilla/extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/7esoorv3@alefvanoon.anonaddy.me.xpi",
        "installation_mode": "force_installed"
      }
    },
    "ExtensionUpdate": false,
    ...
}

---

Do you know why that doesn't work or if it's extension-related issue could you adjust libredirect so that it can be configured through policies.json?

[ManeraKai]

What is the thing that's not working? Is it installing LR but it's not functional? Or not able to install it in the first place?

[Kreyren]

What is the thing that's not working? Is it installing LR but it's not functional? Or not able to install it in the first place? -- @ManeraKai (https://github.com/libredirect/browser_extension/issues/905#issuecomment-2014781193)

It's able to install through firefox policy and works without issues, the problem is that i am unable to configure the extension to e.g. enable youtube redirects for all systems upon deployment and it has to be set up manually (on all systems after each reboot basically which is very exhausting..) as it seems to be using a Firefox storage API that is at present options impossible to adjust in a declarative way due to firefox converting that to an sqlite database which is apparently keep changing.

uBlock Origin seems to manage that through https://github.com/gorhill/uBlock/blob/9146134874050ee50a11e25f31034a2416cf5988/platform/common/vapi-background.js#L1436-L1451 which makes it possible to read/override settings from firefox policies upon deployment

Relevant quote:

They have something special that they do related to browser policies and managed storage for reading default/overriden settings from it. https://github.com/gorhill/uBlock/blob/9146134874050ee50a11e25f31034a2416cf5988/platform/common/vapi-background.js#L1436-L1451 Afaik other extensions just save settings with default storage API firefox provides. They get converted in mozilla's special format and saved to sqlite db for each extension, similar to session storage for websites. -- https://matrix.to/#/!RRerllqmbATpmbJgCn:nixos.org/$7ckkHvEMC_Ba1Jx_AZxqE_vhXDjsipdrQQ0I08ww720?via=nixos.org&via=matrix.org&via=mozilla.org

i see O.o Do you know if there is a way to declare the extension settings via the firefox storage API? -- https://matrix.to/#/!RRerllqmbATpmbJgCn:nixos.org/$EeIklLz8uulIQitmK0tjZ0RFyaP548fdkK95M71ETIE?via=nixos.org&via=matrix.org&via=mozilla.org

"declare" afaik there is no way, unless there is some way to do it related to how firefox settings are syncted (unless it just copy-pastes that storage as is). There is currently a hacky way to read it: https://gitlab.com/ntninja/moz-idb-edit but no way to write. -- https://matrix.to/#/!RRerllqmbATpmbJgCn:nixos.org/$0URNiFmMxpuUp1wt8sfRoY0VWolarT3ZU-xp_f5eUs8?via=nixos.org&via=matrix.org&via=mozilla.org

[oneingan]

Duplicated: https://github.com/libredirect/browser_extension/issues/872

[mibmo]

I would also very much like this, for the exact same reasons. :)