From d465e92647470759177cb63914fd3571cea7a8a4 Mon Sep 17 00:00:00 2001
From: Ryan Schanzenbacher <ryan@rschanz.org>
Date: Tue, 1 Apr 2025 11:26:04 -0400
Subject: Using Zen, added nix update to be upstreamed

---
 .../nix-home-manager/firefox-nightly/default.nix   |   9 +-
 home-config/nix-home-manager/flake.lock            | 108 ++++++++++++++----
 home-config/nix-home-manager/flake.nix             |  13 ++-
 home-config/nix-home-manager/home.nix              |  26 ++++-
 home-config/nix-home-manager/zenPolicies.nix       | 126 +++++++++++++++++++++
 5 files changed, 248 insertions(+), 34 deletions(-)
 create mode 100644 home-config/nix-home-manager/zenPolicies.nix

(limited to 'home-config')

diff --git a/home-config/nix-home-manager/firefox-nightly/default.nix b/home-config/nix-home-manager/firefox-nightly/default.nix
index cffaa1d..b86da78 100644
--- a/home-config/nix-home-manager/firefox-nightly/default.nix
+++ b/home-config/nix-home-manager/firefox-nightly/default.nix
@@ -1,17 +1,16 @@
-{ config, pkgs, mozff, ...}:
+{ config, pkgs, zen-browser, ...}:
 
 let
 
-wrapped-ff-nightly = mozff.packages.${pkgs.system}.firefox-nightly-bin.override {
-    extraPolicies = import ./policies.nix;
-};
+#wrapped-ff-nightly = zen-browser.packages.${pkgs.system}.default
 
 in
 
 {
   programs.firefox = {
     enable = true;
-    #package = wrapped-ff-nightly;
+    policies = import ./policies.nix;
+    #package = zen-browser.packages.${pkgs.system}.default.unwrapped;
 
     profiles.${config.home.username} = {
         name = "${config.home.username}";
diff --git a/home-config/nix-home-manager/flake.lock b/home-config/nix-home-manager/flake.lock
index a0c7e15..0eebe5d 100644
--- a/home-config/nix-home-manager/flake.lock
+++ b/home-config/nix-home-manager/flake.lock
@@ -297,26 +297,24 @@
         "hyprland-protocols": "hyprland-protocols",
         "hyprland-qtutils": "hyprland-qtutils",
         "hyprlang": "hyprlang",
-        "hyprutils": "hyprutils",
+        "hyprutils": "hyprutils_2",
         "hyprwayland-scanner": "hyprwayland-scanner",
-        "nixpkgs": [
-          "nixpkgs"
-        ],
+        "nixpkgs": "nixpkgs",
         "pre-commit-hooks": "pre-commit-hooks",
         "systems": "systems",
         "xdph": "xdph"
       },
       "locked": {
-        "lastModified": 1738457237,
-        "narHash": "sha256-9mtM+lwnmXnv5TPmdij1rR5fLzzqSjkltcyEuRf8uIk=",
+        "lastModified": 1742741773,
+        "narHash": "sha256-SLEd12Y9KzlQd4CfH2+gz3oQvkPKmwvwi74O+veNdbs=",
         "owner": "hyprwm",
         "repo": "hyprland",
-        "rev": "882f7ad7d2bbfc7440d0ccaef93b1cdd78e8e3ff",
+        "rev": "5ee35f914f921e5696030698e74fb5566a804768",
         "type": "github"
       },
       "original": {
         "owner": "hyprwm",
-        "ref": "v0.47.2",
+        "ref": "v0.48.0",
         "repo": "hyprland",
         "type": "github"
       }
@@ -348,10 +346,7 @@
     },
     "hyprland-qtutils": {
       "inputs": {
-        "hyprutils": [
-          "hyprland",
-          "hyprutils"
-        ],
+        "hyprutils": "hyprutils",
         "nixpkgs": [
           "hyprland",
           "nixpkgs"
@@ -437,7 +432,7 @@
       "inputs": {
         "hyprgraphics": "hyprgraphics_2",
         "hyprlang": "hyprlang_2",
-        "hyprutils": "hyprutils_2",
+        "hyprutils": "hyprutils_3",
         "hyprwayland-scanner": "hyprwayland-scanner_2",
         "nixpkgs": [
           "nixpkgs"
@@ -461,7 +456,7 @@
     },
     "hyprpicker-git": {
       "inputs": {
-        "hyprutils": "hyprutils_3",
+        "hyprutils": "hyprutils_4",
         "hyprwayland-scanner": "hyprwayland-scanner_3",
         "nixpkgs": [
           "nixpkgs"
@@ -484,6 +479,33 @@
       }
     },
     "hyprutils": {
+      "inputs": {
+        "nixpkgs": [
+          "hyprland",
+          "hyprland-qtutils",
+          "nixpkgs"
+        ],
+        "systems": [
+          "hyprland",
+          "hyprland-qtutils",
+          "systems"
+        ]
+      },
+      "locked": {
+        "lastModified": 1742984269,
+        "narHash": "sha256-uz9FaCIbga/gQ5ZG1Hb4HVVjTWT1qjjCAFlCXiaefxg=",
+        "owner": "hyprwm",
+        "repo": "hyprutils",
+        "rev": "7248194a2ce0106ae647b70d0526a96dc9d6ad60",
+        "type": "github"
+      },
+      "original": {
+        "owner": "hyprwm",
+        "repo": "hyprutils",
+        "type": "github"
+      }
+    },
+    "hyprutils_2": {
       "inputs": {
         "nixpkgs": [
           "hyprland",
@@ -508,7 +530,7 @@
         "type": "github"
       }
     },
-    "hyprutils_2": {
+    "hyprutils_3": {
       "inputs": {
         "nixpkgs": [
           "hyprlock",
@@ -533,7 +555,7 @@
         "type": "github"
       }
     },
-    "hyprutils_3": {
+    "hyprutils_4": {
       "inputs": {
         "nixpkgs": [
           "hyprpicker-git",
@@ -717,17 +739,17 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1739736696,
-        "narHash": "sha256-zON2GNBkzsIyALlOCFiEBcIjI4w38GYOb+P+R4S8Jsw=",
-        "owner": "nixos",
+        "lastModified": 1742889210,
+        "narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=",
+        "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "d74a2335ac9c133d6bbec9fc98d91a77f1604c1f",
+        "rev": "698214a32beb4f4c8e3942372c694f40848b360d",
         "type": "github"
       },
       "original": {
-        "owner": "nixos",
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
         "repo": "nixpkgs",
-        "rev": "d74a2335ac9c133d6bbec9fc98d91a77f1604c1f",
         "type": "github"
       }
     },
@@ -746,6 +768,22 @@
         "type": "github"
       }
     },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1739736696,
+        "narHash": "sha256-zON2GNBkzsIyALlOCFiEBcIjI4w38GYOb+P+R4S8Jsw=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "d74a2335ac9c133d6bbec9fc98d91a77f1604c1f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "d74a2335ac9c133d6bbec9fc98d91a77f1604c1f",
+        "type": "github"
+      }
+    },
     "pre-commit-hooks": {
       "inputs": {
         "flake-compat": "flake-compat",
@@ -779,8 +817,9 @@
         "hyprpicker-git": "hyprpicker-git",
         "mozff": "mozff",
         "nixgl": "nixgl",
-        "nixpkgs": "nixpkgs",
-        "wpaperd": "wpaperd"
+        "nixpkgs": "nixpkgs_2",
+        "wpaperd": "wpaperd",
+        "zen-browser": "zen-browser"
       }
     },
     "rust-overlay": {
@@ -942,6 +981,27 @@
         "repo": "xdg-desktop-portal-hyprland",
         "type": "github"
       }
+    },
+    "zen-browser": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1742871532,
+        "narHash": "sha256-ciC3zul202dnIwpAplSaCJTeXOUce7Pl1d+SMFwPQls=",
+        "owner": "0xc000022070",
+        "repo": "zen-browser-flake",
+        "rev": "bef72020b20475847f24cd27134dca06724d4ba7",
+        "type": "github"
+      },
+      "original": {
+        "owner": "0xc000022070",
+        "repo": "zen-browser-flake",
+        "rev": "bef72020b20475847f24cd27134dca06724d4ba7",
+        "type": "github"
+      }
     }
   },
   "root": "root",
diff --git a/home-config/nix-home-manager/flake.nix b/home-config/nix-home-manager/flake.nix
index ba3d01a..38b0708 100644
--- a/home-config/nix-home-manager/flake.nix
+++ b/home-config/nix-home-manager/flake.nix
@@ -3,9 +3,9 @@
 
   inputs = {
     # Specify the source of Home Manager and Nixpkgs.
-    nixpkgs.url = "github:nixos/nixpkgs/d74a2335ac9c133d6bbec9fc98d91a77f1604c1f";
+    nixpkgs.url = "github:nixos/nixpkgs/a84ebe20c6bc2ecbcfb000a50776219f48d134cc";
     home-manager = {
-      url = "github:nix-community/home-manager/53c587d263f94aaf6a281745923c76bbec62bcf3";
+      url = "github:nix-community/home-manager/693840c01b9bef9e54100239cef937e53d4661bf";
       inputs.nixpkgs.follows = "nixpkgs";
     };
     hyprlock = {
@@ -17,7 +17,7 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
     hyprland = {
-      url = "github:hyprwm/hyprland/v0.47.2";
+      url = "github:hyprwm/hyprland/v0.48.0";
       inputs.nixpkgs.follows = "nixpkgs";
       #inputs.hyprutils.url = "github:/hyprwm/hyprutils/6a8bc9d2a4451df12f5179dc0b1d2d46518a90ab";
     };
@@ -42,9 +42,13 @@
         inputs.hyprland.follows = "hyprland";
         inputs.nixpkgs.follows = "hyprland/nixpkgs";
     };
+    zen-browser = {
+        url = "github:0xc000022070/zen-browser-flake/bef72020b20475847f24cd27134dca06724d4ba7";
+        inputs.nixpkgs.follows = "nixpkgs";
+    };
   };
 
-  outputs = { nixpkgs, home-manager, hyprland, nixgl, wpaperd, hyprpicker-git, hyprlock, mozff, clipboard-sync, hypr-dynamic-cursors, ... }@inputs:
+  outputs = { nixpkgs, home-manager, hyprland, nixgl, wpaperd, hyprpicker-git, hyprlock, mozff, clipboard-sync, hypr-dynamic-cursors, zen-browser, ... }@inputs:
     let
       system = "x86_64-linux";
       pkgs = nixpkgs.legacyPackages.${system};
@@ -70,6 +74,7 @@
               inherit mozff;
               inherit clipboard-sync;
               inherit hypr-dynamic-cursors;
+              inherit zen-browser;
             };
           }
         ];
diff --git a/home-config/nix-home-manager/home.nix b/home-config/nix-home-manager/home.nix
index d2e0034..f5d386c 100644
--- a/home-config/nix-home-manager/home.nix
+++ b/home-config/nix-home-manager/home.nix
@@ -1,4 +1,24 @@
-{ config, pkgs, hyprland, nixgl, wpaperd, hyprpicker-git, hyprlock, mozff, clipboard-sync, hypr-dynamic-cursors, ... }:
+{ config, pkgs, hyprland, nixgl, wpaperd, hyprpicker-git, hyprlock, mozff, clipboard-sync, hypr-dynamic-cursors, zen-browser, ... }:
+let
+    # THIS IS NOT PERFECT AT ALL YET!!! Gets the basics done (my important
+    # policies regarding accounts and extensions. Does not set up profile
+    # stuff, like search. Most importantly, it DOES NOT add system CAs.
+    # To do that, run:
+    # `certutil -A -n "name" -t "CT,c" -i ./path/to/cert -d ~/.zen/profile-folder`
+    # I do this for my root and intermediate. BEWARE WHEN INSTALLING NEW
+    # SYSTEMS!!!!
+    ffPolicies = import ./zenPolicies.nix;
+    customZen = zen-browser.packages.${pkgs.system}.default.overrideAttrs (old: {
+        installPhase = old.installPhase + ''
+            rm -f $out/lib/zen-${old.version}/distribution/policies.json
+            rm -rf $out/lib
+            mkdir $out/opt/zen/distribution
+            ln -s ${pkgs.writeText "firefox-policies.json" (builtins.toJSON ffPolicies)} \
+                "$out/opt/zen/distribution/policies.json"
+        '';
+    });
+
+in
 
 {
   imports = [
@@ -94,10 +114,14 @@
     starship
     taskwarrior3
     delta
+    (flameshot.override { enableWlrSupport = true; })
 
     # Here until i can fix firefox's stupid devtools issue
     chromium
 
+    # Maybe will work?
+    customZen
+
     # Wrapped programs for some env variables
     (pkgs.writeScriptBin "hyprlock" ''
       #! ${pkgs.bash}/bin/bash
diff --git a/home-config/nix-home-manager/zenPolicies.nix b/home-config/nix-home-manager/zenPolicies.nix
new file mode 100644
index 0000000..55b1190
--- /dev/null
+++ b/home-config/nix-home-manager/zenPolicies.nix
@@ -0,0 +1,126 @@
+let
+    lock-false = {
+        Value = false;
+        Status = "locked";
+    };
+    lock-true = {
+        Value = true;
+        Status = "locked";
+    };
+in
+{
+
+policies = {
+    EnableTrackingProtection = {
+        Value = true;
+        Locked = true;
+        Cryptomining = true;
+        Fingerprinting = true;
+        EmailTracking = true;
+    };
+    UserMessaging = {
+        WhatsNew = false;
+        ExtensionRecommendations = false;
+        FeatureRecommendations = false;
+        UrlbarInterventions = false;
+        SkipOnboarding = true;
+        MoreFromMozilla = false;
+        Labs = false;
+        Locked = true;
+    };
+    DisableAppUpdate = true;
+    DisableAccounts = true;
+    DisableFirefoxAccounts = true;
+    DisableFirefoxStudies = true;
+    DisablePocket = true;
+    DisableTelemetry = true;
+    AutofillAddressEnabled = false;
+    AutofillCreditCardEnabled = false;
+    DisableMasterPasswordCreation = true;
+    PasswordManagerEnabled = false;
+    PrimaryPassword = false;
+    OfferToSaveLogins = false;
+    NoDefaultBookmarks = true;
+    OverrideFirstRunPage = "";
+    OverridePostUpdatePage = "";
+    FirefoxHome = {
+        Search = true;
+        TopSites = true;
+        SponsoredTopSites = false;
+        Highlights = false;
+        Pocket = false;
+        SponsoredPocket = false;
+        Snippets = false;
+        Locked = true;
+    };
+    SearchSuggestEnabled = true;
+    FirefoxSuggest = {
+        WebSuggestions = true;
+        SponsoredSuggestions = false;
+        ImproveSuggest = false;
+        Locked = true;
+    };
+    PictureInPicture = lock-true;
+    HardwareAcceleration = true;
+    Certificates = {
+        ImportEnterpriseRoots = true;
+    };
+    ExtensionSettings = {
+    #"*".installation_mode = "blocked";
+    # uBlock Origin
+        "uBlock0@raymondhill.net" = {
+            install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
+            installation_mode = "force_installed";
+        };
+    # Bitwarden
+        "{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
+            install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
+            installation_mode = "normal_installed";
+        };
+    # SponsorBlock
+        "sponsorBlocker@ajay.app" = {
+            install_url = "https://addons.mozilla.org/firefox/downloads/latest/sponsorblock/latest.xpi";
+            installation_mode = "force_installed";
+        };
+    # DeArrow
+        "deArrow@ajay.app" = {
+            install_url = "https://addons.mozilla.org/firefox/downloads/latest/dearrow/latest.xpi";
+            installation_mode = "force_installed";
+        };
+    # Return Youtube Dislike
+        "{762f9885-5a13-4abd-9c77-433dcd38b8fd}" = {
+            install_url = "https://addons.mozilla.org/firefox/downloads/latest/return-youtube-dislikes/latest.xpi";
+            installation_mode = "force_installed";
+        };
+    # Youtube Nonstop
+        "{0d7cafdd-501c-49ca-8ebb-e3341caaa55e}" = {
+            install_url = "https://addons.mozilla.org/firefox/downloads/latest/youtube-nonstop/latest.xpi";
+            installation_mode = "force_installed";
+        };
+    # TamperMonkey
+        "firefox@tampermonkey.net" = {
+            install_url = "https://addons.mozilla.org/firefox/downloads/latest/tampermonkey/latest.xpi";
+            installation_mode = "force_installed";
+        };
+    # Floccus
+        "floccus@handmadeideas.org" = {
+            install_url = "https://addons.mozilla.org/firefox/downloads/latest/floccus/latest.xpi";
+            installation_mode = "force_installed";
+        };
+    # Mailvelope
+        "jid1-AQqSMBYb0a8ADg@jetpack" = {
+            install_url = "https://addons.mozilla.org/firefox/downloads/latest/mailvelope/latest.xpi";
+            installation_mode = "force_installed";
+        };
+    };
+    Preferences = {
+        "xpinstall.whitelist.required" = lock-true;
+        "dom.webgpu.enabled" = lock-true;
+        "media.eme.enabled" = lock-true;
+        "general.autoScroll" = lock-true;
+        "general.smoothScroll" = lock-true;
+        "browser.crashReports.unsubmittedCheck.autoSubmit2" = lock-false;
+        "browser.aboutConfig.showWarning" = lock-false;
+    };
+};
+}
-- 
cgit v1.2.3