Add explicit profile override for firefox desktop entry

.gitmodules

@@ -1,6 +1,3 @@
-[submodule "ansible_roles/firefox"]
-	path = ansible_roles/firefox
-	url = https://github.com/staticdev/ansible-role-firefox
 [submodule "pkgbuilds/spotify"]
 	path = pkgbuilds/spotify
 	url = https://aur.archlinux.org/spotify.git

_machines/hera.yml

@@ -18,6 +18,14 @@ additional_packages:
   - sddm
   - sddm-kcm
   - thunderbird
+  # kde archive manager
+  - ark
+  # kde image viewer
+  - gwenview
+  # german language packs
+  - hunspell-de
+  - thunderbird-i18n-de
+  - firefox-i18n-de
 
 users:
 - name: hannes

ansible.cfg

@@ -2,4 +2,4 @@
 retry_files_enabled = False
 nocows = 1
 roles_path = ./ansible_roles
-library = ./ansible_roles/firefox/library
+interpreter_python = "auto_silent"

applications/firefox.desktop

@@ -0,0 +1,3 @@
+[Desktop Entry]
+Exec=/bin/sh -c '/usr/bin/firefox --profile "$HOME/.mozilla/firefox/profile-default" %u'
+

autostart/services/firefox-gtk-override-bigger-font@.service

@@ -3,7 +3,7 @@ BindsTo=autostart.target
 After=windowmanager.target
 
 [Service]
-ExecStart=/usr/bin/env firefox --setDefaultBrowser -P %i
+ExecStart=/usr/bin/env firefox --profile %h/.mozilla/firefox/profile-%i
 PassEnvironment=DISPLAY
 Environment=XDG_CONFIG_HOME=%h/.config/gtk-3.0-overrides/bigger-font/
 Restart=always

autostart/services/firefox@.service

@@ -3,6 +3,6 @@ BindsTo=autostart.target
 After=windowmanager.target
 
 [Service]
-ExecStart=/usr/bin/env firefox --setDefaultBrowser -P %i
+ExecStart=/usr/bin/env firefox --profile %h/.mozilla/firefox/profile-%i
 PassEnvironment=DISPLAY
 Restart=always

bin/firefox-default

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+exec /usr/bin/firefox --profile "$HOME/.mozilla/firefox/profile-default"

dotfiles.yml

@@ -99,6 +99,9 @@ dotfiles:
     to: .config/screencfg.toml
   - from: cargo/config.toml
     to: .local/state/cargo/config.toml
+  - from: applications
+    to: .local/share/applications
+    dir: true
 dotfiles_remove:
   - .gitconfig
   - .vimrc

playbook.yml

@@ -6,13 +6,13 @@
   tasks:
     - name: Read machine-specific variables
       ansible.builtin.include_vars:
-        file: _machines/{{ ansible_hostname }}.yml
+        file: _machines/{{ ansible_facts['hostname'] }}.yml
         name: machine
       tags:
         - always
 
     - ansible.builtin.set_fact:
-        distro: "{{ ansible_distribution | lower }}"
+        distro: "{{ ansible_facts['distribution'] | lower }}"
       tags:
         - always
 
@@ -859,6 +859,175 @@
               ACTION=="add", SUBSYSTEM=="backlight", RUN+="/bin/chgrp video $sys$devpath/brightness", RUN+="/bin/chmod g+w $sys$devpath/brightness"
           become: true
 
+    - name: Firefox
+      tags:
+        - firefox
+      block:
+        - name: create firefox directories
+          file:
+            state: directory
+            path: "{{ item }}"
+            owner: root
+            group: root
+            mode: "0775"
+          become: true
+          become_user: root
+          loop:
+            - /etc/firefox
+            - /etc/firefox/policies
+
+        - set_fact:
+            firefox_policy:
+              policies:
+                AutofillAddressEnabled: false
+                AutofillCreditCardEnabled: false
+                DefaultDownloadDirectory: "${home}/download"
+                DisableFeedbackCommands: true
+                DisableFirefoxAccounts: true
+                DisableFirefoxStudies: true
+                DisableForgetButton: true
+                DisableMasterPasswordCreation: true
+                DisableProfileImport: true
+                DisableProfileRefresh: true
+                DisableSafeMode: true
+                DisableSetDesktopBackground: true
+                DisableTelemetry: true
+                DisplayBookmarksToolbar: "always"
+                DisplayMenuBar: "default-off"
+                DontCheckDefaultBrowser: true
+                EnableTrackingProtection:
+                  Value: true
+                  Locked: false
+                  Category: "strict"
+                  BaselineExceptions: true
+                  ConvenienceExceptions: false
+                ExtensionSettings:
+                  "*":
+                    allowed_types:
+                      - extension
+                  "jid1-KKzOGWgsW3Ao4Q@jetpack": # I don't care about cookies
+                    installation_mode: "normal_installed"
+                    install_url: "https://addons.mozilla.org/firefox/downloads/file/4202634/i_dont_care_about_cookies.xpi"
+                    default_area: "menupanel"
+                    private_browsing: true
+                    updates_disabled: false
+                  "uBlock0@raymondhill.net": # Ublock origin
+                    installation_mode: "normal_installed"
+                    install_url: "https://addons.mozilla.org/firefox/downloads/file/4598854/ublock_origin-1.67.0.xpi"
+                    default_area: "navbar"
+                    private_browsing: true
+                    updates_disabled: false
+                  "treestyletab@piro.sakura.ne.jp": # I don't care about cookies
+                    installation_mode: "normal_installed"
+                    install_url: "https://addons.mozilla.org/firefox/downloads/file/4602712/tree_style_tab-4.2.7.xpi"
+                    default_area: "navbar"
+                    private_browsing: true
+                    updates_disabled: false
+                  "{9063c2e9-e07c-4c2c-9646-cfe7ca8d0498}": # Old Reddit redirect
+                    installation_mode: "normal_installed"
+                    install_url: "https://addons.mozilla.org/firefox/downloads/file/4526031/old_reddit_redirect-2.0.9.xpi"
+                    default_area: "menupanel"
+                    private_browsing: true
+                    updates_disabled: false
+                FirefoxHome:
+                  Search: false
+                  TopSites: false
+                  SponsoredTopSites: false
+                  Highlights: false
+                  Pocket: false
+                  Stories: false
+                  SponsoredPocket: false
+                  SponsoredStories: false
+                  Snippets: false
+                  Locked: true
+                GenerativeAI:
+                  Enabled: false
+                  Chatbot: false
+                  LinkPreviews: false
+                  TabGroups: false
+                Homepage:
+                  URL: "about:newtab"
+                  StartPage: "previous-session"
+                MicrosoftEntraSSO: false
+                NewTabPage: false
+                NoDefaultBookmarks: true
+                OfferToSaveLogins: false
+                OverrideFirstRunPage: ""
+                PasswordManagerEnabled: false
+                Preferences:
+                  "browser.translations.automaticallyPopup":
+                    Value: false
+                    Status: "default"
+                    Type: "boolean"
+                  "browser.aboutConfig.showWarning":
+                    Value: false
+                    Status: "default"
+                    Type: "boolean"
+                  "general.smoothScroll":
+                    Value: true
+                    Status: "default"
+                    Type: "boolean"
+                  # "Play DRM-controlled content"
+                  "media.eme.enabled":
+                    Value: true
+                    Status: "default"
+                    Type: "boolean"
+                  # Restore last session on startup
+                  # https://support.mozilla.org/de/questions/1235263
+                  "browser.startup.page":
+                    Value: 3
+                    Status: "default"
+                    Type: "number"
+                  # reload the tabs properly when restoring
+                  "browser.sessionstore.restore_on_demand":
+                    Value: false
+                    Status: "default"
+                    Type: "boolean"
+                  # "Check spelling as you type"
+                  "layout.spellcheckDefault":
+                    Value: 0
+                    Status: "default"
+                    Type: "number"
+                  # remove ad tracking garbage
+                  "dom.private-attribution.submission.enabled":
+                    Value: false
+                    Status: "default"
+                    Type: "boolean"
+                  # (Try to) disable automatic update, as firefox is pulling a Windows
+                  "app.update.auto":
+                    Value: false
+                    Status: "default"
+                    Type: "boolean"
+                  "app.update.service.enabled": 
+                    Value: false
+                    Status: "default"
+                    Type: "boolean"
+                PromptForDownloadLocation: false
+                RequestedLocales:
+                  - en-US
+                  - de
+                SearchSuggestEnabled: false
+                ShowHomeButton: false
+                SkipTermsOfUse: true
+                UserMessaging:
+                  ExtensionRecommendations: false
+                  FeatureRecommendations: false
+                  UrlbarInterventions: false
+                  SkipOnboarding: true
+                  MoreFromMozilla: false
+                  FirefoxLabs: false
+                VisualSearchEnabled: false
+
+        - name: Firefox global policies
+          ansible.builtin.copy:
+            dest: "/etc/firefox/policies/policies.json"
+            owner: root
+            group: root
+            mode: "0644"
+            content: "{{ firefox_policy | to_nice_json }}"
+          become: true
+          become_user: root
+
     - set_fact:
         users: "{{ machine.users }}"
       tags:
@@ -881,7 +1050,7 @@
     - include_tasks: "{{ item }}"
       with_first_found:
         - files:
-            - "_machines/{{ ansible_hostname }}-tasks.yml"
+            - "_machines/{{ ansible_facts['hostname'] }}-tasks.yml"
           skip: true
       tags:
         - always

user.yml

@@ -274,99 +274,79 @@
   tags:
     - user:firefox
   block:
-    - name: Create firefox directories
-      firefox_profile:
-        name: "{{ item.key }}"
-      loop: "{{ user.firefox_profiles | dict2items }}"
-      check_mode: false
-      register: firefox_profile_names
-
-    - ansible.builtin.set_fact:
-        firefox_preferences:
-          browser.aboutConfig.showWarning: false
-          extensions.pocket.enabled: false
-          toolkit.legacyUserProfileCustomizations.stylesheets: true
-          browser.contentblocking.category: "strict"
-          browser.newtabpage.enabled: false
-          browser.startup.homepage: "about:blank"
-          privacy.trackingprotection.enabled: true
-          privacy.trackingprotection.socialtracking.enabled: true
-          general.smoothScroll: true
-
-          # Restore last session on startup
-          # https://support.mozilla.org/de/questions/1235263
-          browser.startup.page: 3
-          # reload the tabs properly when restoring
-          browser.sessionstore.restore_on_demand: false
-
-          # "Play DRM-controlled content"
-          media.eme.enabled: true
-
-          # "Recommend (extensions|features) as you browse"
-          browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons: false
-          browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features: false
-
-          # "Ask to save logins and passwords for websites"
-          signon.rememberSignons: false
-
-          # "Allow Firefox to make personalized extension recommendations"
-          browser.discovery.enabled: false
-
-          # "Allow Firefox to install and run studies"
-          app.shield.optoutstudies.enabled: false
-
-          # "Check spelling as you type"
-          layout.spellcheckDefault: 0
-
-          # Ask for download directory
-          browser.download.useDownloadDir: false
-
-          # (Try to) disable automatic update, as firefox is pulling a Windows
-          app.update.auto: false
-          app.update.service.enabled: false
-
-          # remove this camera / microphone overlay when in calls or similar
-          privacy.webrtc.legacyGlobalIndicator: false
-
-          # remove ad tracking garbage
-          dom.private-attribution.submission.enabled: false
-
-    - ansible.builtin.include_role:
-        name: firefox
-      vars:
-        firefox_profiles: "{{ {item.key: item.value} | combine({item.key: {'preferences': firefox_preferences}}, recursive=True) }}"
-      loop: "{{ user.firefox_profiles | dict2items }}"
-      when: not ansible_check_mode
-
-    - name: Firefox - create chrome directory
+    - name: Create firefox base directories
       ansible.builtin.file:
-        path: "{{ item.profile_path }}/chrome/"
+        path: "{{ item }}"
         state: directory
         mode: "0755"
-      with_items: "{{ firefox_profile_names.results }}"
-      when: not ansible_check_mode
-      loop_control:
-        label: "{{ item.profile_path }}"
+      loop:
+        - "~/.mozilla/"
+        - "~/.mozilla/firefox/"
 
-    - name: Firefox - configure firefox custom css
+    - name: Create firefox profile directories
+      ansible.builtin.file:
+        path: "~/.mozilla/firefox/profile-{{ item.key }}"
+        state: directory
+        mode: "0755"
+      loop: "{{ user.firefox_profiles | dict2items }}"
+      loop_control:
+        label: "{{ item.key }}"
+
+    - name: Create chrome directory
+      ansible.builtin.file:
+        path: "~/.mozilla/firefox/profile-{{ item.key }}/chrome/"
+        state: directory
+        mode: "0755"
+      loop: "{{ user.firefox_profiles | dict2items }}"
+      loop_control:
+        label: "{{ item.key }}"
+
+    - name: Configure firefox custom css
       ansible.builtin.copy:
-        dest: "{{ item.profile_path }}/chrome/userChrome.css"
+        dest: "~/.mozilla/firefox/profile-{{ item.key }}/chrome/userChrome.css"
+        # from https://www.kvakil.me/posts/2023-09-12-my-tree-style-tab-configuration.html
         content: |
-          #TabsToolbar {
-            visibility: collapse !important;
-          }
+          // Hide the title bar.
           #titlebar {
+            appearance: none !important;
+            height: 0px;
+          }
+
+          #titlebar > #toolbar-menubar {
+            margin-top: 0px;
+          }
+
+          // Hide regular tab toolbar.
+          #main-window[tabsintitlebar="true"]:not([extradragspace="true"]) #TabsToolbar > .toolbar-items {
+            opacity: 0;
+            pointer-events: none;
+          }
+
+          #main-window:not([tabsintitlebar="true"]) #TabsToolbar {
             visibility: collapse !important;
           }
-          #sidebar-header {
-            visibility: collapse !important;
+
+          // Hide the side toolbar noise.
+          #TabsToolbar {
+            min-width: 0 !important;
+            min-height: 0 !important;
+          }
+
+          #TabsToolbar > .titlebar-buttonbox-container {
+            display: block;
+            position: absolute;
+            top: 12px;
+            left: 0px;
+          }
+
+          #sidebar-box[sidebarcommand="treestyletab_piro_sakura_ne_jp-sidebar-action"] #sidebar-header {
+            display: none;
           }
       when:
-        - not ansible_check_mode
-        - user.firefox_profiles[item.profile_name].manage_css is sameas True
-      with_items: "{{ firefox_profile_names.results }}"
+        - item.value.manage_css is sameas True
+      loop: "{{ user.firefox_profiles | dict2items }}"
       loop_control:
-        label: "{{ item.profile_path }}"
+        label: "{{ item.key }}"
 
 - name: Handle user units
   tags:

zsh/zprofile.j2

@@ -8,7 +8,7 @@ export PATH="${HOME}/bin:${PATH}"
 
 export EDITOR="helix"
 export VISUAL="helix"
-export BROWSER="firefox"
+export BROWSER="firefox-default"
 
 export PAGER="less"
 export LESS="FRX"