diff --git a/post_install.sh b/post_install.sh index b2fdc19..5b8c7fc 100644 --- a/post_install.sh +++ b/post_install.sh @@ -2,16 +2,29 @@ printf "[daemon]\nAutomaticLoginEnable=true\nAutomaticLogin=kiosk\n\n[security]\ # Firefox policy -mkdir -p /usr/lib/firefox-esr/distribution -tee /usr/lib/firefox-esr/distribution/policies.json > /dev/null <<'EOF' +# (I used to put this in /etc/firefox/policies/policies.json instead) +mkdir -p /usr/lib/firefox-esr/distribution +tee /usr/lib/firefox-esr/distribution/policies.json > /dev/null <<'EOF' { "policies": { + "AppAutoUpdate": true, + "BackgroundAppUpdate": true, + "BlockAboutAddons": true, + "BlockAboutConfig": true, + "BlockAboutProfiles": true, + "BlockAboutSupport": true, "DisableDeveloperTools": true, "BlockAboutAddons": true, "BlockAboutConfig": true, "BlockAboutProfiles": true, "BlockAboutSupport": true, + "DisableFeedbackCommands": true, "DisableFirefoxAccounts": true, + "DisableFirefoxScreenshots": true, + "DisableFirefoxStudies": true, + "DisableForgetButton": true, + "DisableFormHistory": true, + "DisablePocket": true, "DisablePrivateBrowsing": true, "DisableProfileImport": true, "DisableProfileRefresh": true, @@ -19,10 +32,33 @@ tee /usr/lib/firefox-esr/distribution/policies.json > /dev/null <<'EOF' "DisablePocket": true, "DisableFirefoxScreenshots": true, "DisableSetDesktopBackground": true, + "DisableTelemetry": true, + "DisplayBookmarksToolbar": "never", + "DisplayMenuBar": "never", + "EnableTrackingProtection": { + "Cryptomining": true, + "Fingerprinting": true, + "Value": true + }, + "ExtensionSettings": { + "*": { + "installation_mode": "allowed" + } + }, + "FirefoxHome": { + "Highlights": false, + "Pocket": false, + "Search": false, + "SponsoredPocket": false, + "SponsoredTopSites": false, + "TopSites": false + }, "Homepage": { + "StartPage": "homepage", "URL": "https://mahn.ke", "Locked": true }, + "ManualAppUpdateOnly": true, "NewTabPage": { "Enabled": false }, @@ -30,6 +66,21 @@ tee /usr/lib/firefox-esr/distribution/policies.json > /dev/null <<'EOF' "Path": "C:\\KioskDownloads", "Locked": true }, + "PictureInPicture": { + "Enabled": false + }, + "Preferences": { + "extensions.getAddons.showPane": { + "Status": "locked", + "Type": "boolean", + "Value": false + }, + "ui.key.menuAccessKeyFocuses": { + "Status": "locked", + "Type": "boolean", + "Value": false + } + }, "PromptForDownloadLocation": false, "StartDownloadsInTempDirectory": false, "DisableAppUpdate": true, @@ -39,19 +90,40 @@ tee /usr/lib/firefox-esr/distribution/policies.json > /dev/null <<'EOF' "Location": "deny", "Notifications": "deny" }, + "SanitizeOnShutdown": { + "Cache": true, + "Cookies": true, + "Downloads": true, + "FormData": true, + "History": true, + "OfflineApps": true, + "Sessions": true, + "SiteSettings": true + }, "ShowHomeButton": false, + "UserMessaging": { + "ExtensionRecommendations": false, + "FeatureRecommendations": false, + "MoreFromMozilla": false, + "SkipOnboarding": false, + "UrlbarInterventions": false, + "WhatsNew": false, + "FirefoxLabs": false, + "Locked": false + }, "DisplayMenuBar": false, "DisplayBookmarksToolbar": false, - "policies": { - "UserMessaging": { - "ExtensionRecommendations": false, - "FeatureRecommendations": false, - "UrlbarInterventions": false, - "SkipOnboarding": false, - "MoreFromMozilla": false, - "FirefoxLabs": false, - "Locked": false - } + "WebsiteFilter": { + "Block": [ + "" + ], + "Exceptions": [ + "*://*.c3nav.de/*", + "*://*.hvv.de/*", + "*://engel.events.ccc.de/*", + "*://*.chaos.social/*", + "*://*.events.ccc.de/*" + ] } } }