faukah/nichts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

brave: schizomax

Browse source
This commit is contained in:
Bloxx12 2025-07-08 22:59:07 +02:00
commit fec612ff72
Signed by: faukah
SSH key fingerprint: SHA256:Uj2AXqvtdCA4hn5Hq0ZonhIAyUqI1q4w2sMG3Z1TH7E
1 changed files with 179 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

184
modules/programs/gui/brave/module.nix
View file

@ -1,13 +1,79 @@
{pkgs, ...}: {
{
lib,
pkgs,
...
}: let
inherit (lib.lists) map;
inherit (lib.strings) concatStringsSep;
flags = concatStringsSep " " [
"--no-first-run"
"--use-vulkan"
"--enable-features=Vulkan,UseOzonePlatform"
"--enable-gpu-rasterization"
"--force-dark-mode"
"--enable-smooth-scrolling"
"--enable-features=UseOzonePlatform"
"--ozone-platform=wayland"
"--user-agent='Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.3'"
"--use-angle=vulkan"
];
brave-wrapped = pkgs.symlinkJoin {
name = "fish";
paths = [
(
pkgs.brave.override {vulkanSupport = true;}
)
];
nativeBuildInputs = [pkgs.makeWrapper];
postBuild = ''
wrapProgram $out/bin/brave --append-flags "${flags}"
'';
};
in {
environment.systemPackages = [
brave-wrapped
];
programs.chromium = {
enable = true;
# This sets a bunch of flags to make Brave usable.
# This was made possible through several similar projects,
# which facilitated this process a lot:
# https://gist.github.com/yashgorana/869542b66d7188729716379abe7464e0
# https://github.com/yashgorana/chrome-debloat
extraOpts = {
BraveRewardsDisabled = true;
BraveWalletDisabled = true;
# Setting the policy to False prevents Google Chrome from showing
# product promotional content.
PromotionsEnabled = false;
TorDisabled = true;
BraveVPNDisabled = true;
BraveAIChatEnabled = false;
SyncDisabled = true;
# Setting the policy to False stops Google Chrome from ever checking if
# it's the default and turns user controls off for this option.
DefaultBrowserSettingEnabled = false;
# In background mode, a Google Chrome process is started on OS sign-in and keeps
# running when the last browser window is closed, allowing background apps and
# the browsing session to remain active.
BackgroundModeEnabled = false;
# By default the browser will show media recommendations that are personalized to the user.
# Setting this policy to Disabled will result in these recommendations being hidden from the user.
MediaRecommendationsEnabled = false;
# This policy controls the availability of the shopping list feature.
# If enabled, users will be presented with UI to track the price of
# the product displayed on the current page. The tracked product will
# be shown in the bookmarks side panel. If this policy is set to Enabled
# or not set, the shopping list feature will be available to users.
# If this policy is set to Disabled, the shopping list feature will be unavailable.
ShoppingListEnabled = false;
BraveSyncUrl = "";
PrivacySandboxFingerprintingProtectionEnabled = true;
PrivacySandboxIpProtectionEnabled = true;
@ -17,8 +83,88 @@
DefaultSearchProviderNewTabURL = "https://kagi.com";
SearchSuggestEnabled = true;
DefaultSearchProviderSuggestURL = "https://kagi.com/api/autosuggest?q={searchTerms}";
PasswordManagerEnabled = false;
# Prevents webpage elements that aren't from the domain
# that's in the browser's address bar from setting cookies.
BlockThirdPartyCookies = true;
DnsOverHttpsMode = "automatic";
MetricsReportingEnabled = false;
SafeBrowsingExtendedReportingEnabled = false;
# Setting the policy to Enabled means URL-keyed anonymized data collection,
# which sends URLs of pages the user visits to Google to make searches and
# browsing better, is always active.
# Setting the policy to Disabled results in no URL-keyed anonymized data collection.
UrlKeyedAnonymizedDataCollectionEnabled = false;
# Google Chrome in-product surveys collect user feedback for the browser.
# Survey responses are not associated with user accounts. When this policy
# is Enabled or not set, in-product surveys may be shown to users.
# When this policy is Disabled, in-product surveys are not shown to users.
FeedbackSurveysEnabled = false;
PasswordManagerEnabled = false;
# Disable sharing user credentials with other users
PasswordSharingEnabled = false;
# Disable leak detection for entered credentials
PasswordLeakDetectionEnabled = false;
AutofillAddressEnabled = false;
AutofillCreditCardEnabled = false;
ParcelTrackingEnabled = false;
# Setting the policy to 2 denies sites tracking the users' physical locationing.
DefaultGeolocationSetting = 2;
DefaultNotificationsSetting = 2;
# Setting the policy to BlockLocalFonts (value 2) automatically denies the local fonts
# permission to sites by default. This will limit the ability of sites to see
# information about local fonts.
DefaultLocalFontsSetting = 2;
# Setting the policy to 1 lets websites access and use sensors such as motion and light.
# Setting the policy to 2 denies access to sensors.
DefaultSensorsSetting = 2;
# Setting the policy to 3 lets websites ask for access to serial ports.
# Setting the policy to 2 denies access to serial ports.
DefaultSerialGuardSetting = 2;
# This policy allows to control the Related Website Sets feature enablement.
# This policy overrides the FirstPartySetsEnabled policy.
# When this policy is set to False, the Related Website Sets feature is disabled.
RelatedWebsiteSetsEnabled = false;
# This policy controls the sign-in behavior of the browser.
# It allows you to specify if the user can sign in to Google Chrome with
# their account and use account related services like Google Chrome Sync.
BrowserSignin = 0;
QuicAllowed = true;
# Setting the policy to Enabled turns the internal PDF viewer off in Google Chrome,
# treats PDF files as a download, and lets users open PDFs with the default application.
AlwaysOpenPdfExternally = true;
SpellcheckEnabled = false;
EnableDoNotTrack = true;
# If this policy is set to Disabled, Google Chrome will not allow guest profiles to be started.
# Guest logins are Google Chrome profiles where all windows are in incognito mode.
BrowserGuestModeEnabled = false;
# This policy controls which software stack is used to communicate with the DNS server:
# the Operating System DNS client, or Google Chrome's built-in DNS client. This policy
# does not affect which DNS servers are used: if, for example, the operating system is
# configured to use an enterprise DNS server, that same server would be used by the
# built-in DNS client. It also does not control if DNS-over-HTTPS is used; Google Chrome
# will always use the built-in resolver for DNS-over-HTTPS requests.
# If this policy is set to Disabled, the built-in DNS client will only be used when DNS-over-HTTPS is in use.
BuiltinDnsClientEnabled = false;
# Control if Manifest v2 extensions can be used by browser.
ExtensionManifestV2Availability = 2;
# Setting the policy to True means Google Chrome uses alternate error
# pages built into (such as "page not found"). Setting the policy to
# False means Google Chrome never uses alternate error pages.
AlternateErrorPagesEnabled = false;
};
extensions = [
# NoScript
@ -29,9 +175,37 @@
"bkkmolkhemgaeaeggcmfbghljjjoofoh"
# Dark Reader
"eimadpbcbfnmbkopoojfekhnkhdbieeh"
# UBlock Origin
"cjpalhdlnbpafiamejdnhcphjbkeiagm"
# I still don't care about cookies
"edibdbjcniadpccecjdfdjjppcpchdlm"
# Sponsorblock
"mnjggcdmjocbbbhaepdhchncahnbgone"
# Decentraleyes
"ldpochfccmkkmhdbclfhpagapcfdljkj"
];
};
environment.systemPackages = [
(pkgs.brave.override {vulkanSupport = true;})
];
networking.extraHosts =
concatStringsSep "\n"
<| map (addr: "${addr} localhost") [
"rewards.brave.com"
"api.rewards.brave.com"
"grant.rewards.brave.com"
"variations.brave.com"
"laptop-updates.brave.com"
"static.brave.com"
"static1.brave.com"
"crlsets.brave.com"
"ads.brave.com"
"ads-admin.brave.com"
"ads-help.brave.com"
"referrals.brave.com"
"analytics.brave.com"
"search.anonymous.ads.brave.com"
"p3a.brave.com"
"variations.brave.com"
"star-randsrv.bsg.brave.com"
"usage-ping.brave.com"
];
}