From 27d96070dfdbd226856c5342a5b65394812c342f Mon Sep 17 00:00:00 2001 From: Simon Bruder Date: Thu, 25 Oct 2018 21:43:02 +0000 Subject: [PATCH] add firefox config and extensions --- packer/ansible/playbook.yml | 10 ++++-- packer/ansible/roles/firefox/files/firefox.js | 33 +++++++++++++++++++ .../ansible/roles/firefox/files/policies.json | 26 +++++++++++++++ .../roles/firefox/tasks/extensions.yml | 6 ++++ packer/ansible/roles/firefox/tasks/main.yml | 18 ++++++++-- 5 files changed, 89 insertions(+), 4 deletions(-) create mode 100644 packer/ansible/roles/firefox/files/firefox.js create mode 100644 packer/ansible/roles/firefox/files/policies.json create mode 100644 packer/ansible/roles/firefox/tasks/extensions.yml diff --git a/packer/ansible/playbook.yml b/packer/ansible/playbook.yml index e7909ea..04010c0 100644 --- a/packer/ansible/playbook.yml +++ b/packer/ansible/playbook.yml @@ -43,8 +43,14 @@ metalcut: socket: laser.lab.fablab-nea.de:9000 dockerimage: r.jalr.de/fablab/metalcut - firefox_language_packs: - - de + firefox: + language_packs: + - de + extensions: + - id: uBlock0@raymondhill.net + url: https://addons.mozilla.org/firefox/downloads/file/1114441/ublock_origin-1.17.2-an+fx.xpi + - id: https-everywhere@eff.org + url: https://addons.mozilla.org/firefox/downloads/file/1082984/https_everywhere-2018.9.19-an+fx.xpi debian_sections: - main - contrib diff --git a/packer/ansible/roles/firefox/files/firefox.js b/packer/ansible/roles/firefox/files/firefox.js new file mode 100644 index 0000000..8a6134e --- /dev/null +++ b/packer/ansible/roles/firefox/files/firefox.js @@ -0,0 +1,33 @@ +// debian settings +pref("extensions.update.enabled", true); +pref("intl.locale.requested", ""); +pref("browser.shell.checkDefaultBrowser", false); + +// disable trackers +lockPref("app.normandy.enabled", false); +lockPref("browser.chrome.errorReporter.enabled", false); +lockPref("browser.safebrowsing.downloads.enabled", false); +lockPref("browser.safebrowsing.downloads.remote.enabled", false); +lockPref("browser.safebrowsing.malware.enabled", false); +lockPref("browser.safebrowsing.passwords.enabled", false); +lockPref("browser.safebrowsing.phishing.enabled", false); +lockPref("browser.tabs.crashReporting.sendReport", false); +lockPref("datareporting.healthreport.uploadEnabled", false); +lockPref("datareporting.policy.dataSubmissionEnabled", false); +lockPref("security.ssl.errorReporting.enabled", false); + +// design +pref("browser.newtabpage.enabled", false); +pref("browser.uiCustomization.state", '{"placements":{"widget-overflow-fixed-list":[],"PersonalToolbar":["personal-bookmarks"],"nav-bar":["back-button","forward-button","home-button","urlbar-container","stop-reload-button","downloads-button","library-button"],"TabsToolbar":["tabbrowser-tabs","new-tab-button","alltabs-button"],"toolbar-menubar":["menubar-items"]},"seen":["developer-button"],"dirtyAreaCache":["PersonalToolbar","nav-bar","TabsToolbar","toolbar-menubar"],"currentVersion":14,"newElementCount":3}'); + +// privacy +pref("privacy.donottrackheader.enabled", true); + +pref("privacy.history.custom", true); +pref("places.history.enabled", false); +pref("browser.formfill.enable", false); + +// search +pref("browser.search.hiddenOneOffs", "Google,Amazon.de,Bing,Debian packages,DuckDuckGo,eBay,Ecosia,LEO Eng-Deu,Wikipedia (de)"); // hide „one click“ search eingines +pref("browser.search.suggest.enabled", false); +pref("browser.urlbar.placeholderName", "DuckDuckGo"); // defaults to google, even if DuckDuckGo is the default diff --git a/packer/ansible/roles/firefox/files/policies.json b/packer/ansible/roles/firefox/files/policies.json new file mode 100644 index 0000000..8daf3f1 --- /dev/null +++ b/packer/ansible/roles/firefox/files/policies.json @@ -0,0 +1,26 @@ +{ + "policies": { + "DNSOverHTTPS": { + "Enabled": false, + "Locked": false + }, + "DisableFeedbackCommands": true, + "DisableFirefoxAccounts": true, + "DisableFirefoxStudies": true, + "DisablePocket": true, + "DisableTelemetry": true, + "EnableTrackingProtection": { + "Value": true, + "Locked": true + }, + "NoDefaultBookmarks": true, + "OfferToSaveLogins": true, + "Homepage": { + "URL": "about:blank" + }, + "OverrideFirstRunPage": "", + "SearchEngines": { + "Default": "DuckDuckGo" + } + } +} diff --git a/packer/ansible/roles/firefox/tasks/extensions.yml b/packer/ansible/roles/firefox/tasks/extensions.yml new file mode 100644 index 0000000..76273ca --- /dev/null +++ b/packer/ansible/roles/firefox/tasks/extensions.yml @@ -0,0 +1,6 @@ +--- +- name: install firefox extensions + get_url: + url: "{{ item.url }}" + dest: "/usr/lib/firefox-esr/browser/extensions/{{ item.id }}.xpi" + loop: "{{ firefox.extensions }}" diff --git a/packer/ansible/roles/firefox/tasks/main.yml b/packer/ansible/roles/firefox/tasks/main.yml index 69d91ea..1668cd4 100644 --- a/packer/ansible/roles/firefox/tasks/main.yml +++ b/packer/ansible/roles/firefox/tasks/main.yml @@ -7,8 +7,22 @@ apt: name: "firefox-esr-l10n-{{ item }}" with_items: - - "{{ firefox_language_packs }}" - when: firefox_language_packs is defined + - "{{ firefox.language_packs }}" + when: firefox.language_packs is defined + + - name: install firefox config + copy: + src: firefox.js + dest: /etc/firefox-esr/firefox-esr.js + + - name: install firefox policies + copy: + src: policies.json + dest: /usr/share/firefox-esr/distribution/policies.json + + - import_tasks: extensions.yml + tags: + - firefox:extensions tags: - firefox