The firefox
role configures the global Firefox policy file,
and enables Wayland for the browser.
The global Firefox policy can be used to install extensions automatically and enforce various browser settings.
The global policy is stored in /usr/lib64/firefox/distribution/policies.json.
This role accepts the following variables:
Variable | Default | Description |
---|---|---|
firefox_preferences |
[] |
List of about:config items to apply (see format below) |
firefox_extensions |
[] |
List of extensions to install (see format below) |
firefox_managed_bookmarks |
[] |
List of bookmarks to add (see format below) |
firefox_managed_bookmarks_top_level_name |
Intranet |
Folder name containing managed bookmarks |
firefox_homepage |
about:home |
URL of homepage |
firefox_spnego_domains |
['{{ domain }}'] |
Domains for which Kerberos/GSSAPI authentication is allowed |
firefox_spnego_allow_non_fqdn |
yes | Allow GSSAPI authentication for short hostnames |
firefox_spnego_allow_proxies |
yes | Allow GSSAPI authentication over proxies |
firefox_disable_pocket |
yes | Disable Firefox Pocket (social bookmarking) |
firefox_disable_snippets |
yes | Disable Firefox Snippets (Mozilla advocacy spam) |
firefox_disable_app_update |
yes | Disable checking for updates |
firefox_disable_captive_portal |
yes | Disable captive portal detection |
firefox_disable_default_bookmarks |
yes | Disable default bookmarks added by Mozilla |
firefox_disable_feedback |
yes | Disable Mozilla user feedback |
firefox_disable_accounts |
yes | Disable Firefox Accounts |
firefox_disable_studies |
yes | Disable Firefox Studies (beta features) |
firefox_disable_telemetry |
yes | Disable telemetry |
firefox_disable_default_browser_check |
yes | Disable checking for default browser |
firefox_disable_user_messaging |
yes | Disable "What's New" messaging on updates |
firefox_disable_dns_over_https |
yes | Disable DNS over HTTPS |
firefox_disable_search_suggestions |
yes | Disable search suggestions |
firefox_disable_highlights |
yes | Disable Firefox Highlights (usage-based recommendations) |
firefox_disable_safe_browsing |
yes | Disable Mozilla safe browsing |
firefox_disable_top_sites |
yes | Disable "Top Sites" recommendation |
firefox_disable_push_notifications |
yes | Disable Mozilla push notification service |
firefox_offer_to_save_logins_default |
yes | Offer to save usernames and passwords |
firefox_use_tracking_protection |
no | Use Firefox tracking protection |
firefox_update_extensions |
yes | Update extensions automatically |
firefox_cookie_behavior |
reject-tracker-and-partition-foreign |
Set cookie behavior |
The firefox_preferences
variable is used to set about:config
items. It
should contain a list of dictionaries of the following format:
Key | Default | Description |
---|---|---|
name | Name of about:config item |
|
value | Value of about:config item |
|
status | default |
Either default , locked , user , or clear |
The firefox_extensions
variable is used to install Firefox extensions. It
should contain a list of dictionaries of the following format:
Key | Default | Description |
---|---|---|
id | Extension id (found in manifest.json file) |
|
name | Name of the extension | |
url | addons.mozilla.org by name |
URL of extension .xpi file |
mode | normal_installed |
Either normal_installed , force_installed , allowed , or blocked |
The firefox_managed_bookmarks
variable is used to add bookmarks for all users.
It should contain a list of dictionaries of the following format:
Key | Default | Description |
---|---|---|
name | Name of the bookmark | |
URL | URL of the bookmark |
Example playbook:
- name: configure firefox
hosts: linux_desktops
roles:
- role: firefox
vars:
firefox_offer_to_save_logins_default: no
firefox_extensions:
- name: ublock-origin
id: uBlock0@raymondhill.net
mode: force_installed
policy:
toOverwrite:
filterLists:
- user-filters
- ublock-filters
- ublock-badware
- ublock-privacy
- ublock-abuse
- ublock-unbreak
- ublock-annoyances
- easylist
- easyprivacy
- urlhaus-1
- plowe-0
- fanboy-annoyance
- fanboy-thirdparty_social
- adguard-spyware-url
- ublock-quick-fixes
toAdd:
trustedSiteDirectives:
- '{{ domain }}'
- name: bitwarden-password-manager
id: '{446900e4-71c2-419f-a6a7-df9c091e268b}'
- name: libredirect
id: 7esoorv3@alefvanoon.anonaddy.me
firefox_preferences:
- name: dom.security.https_only_mode
value: true
status: locked
firefox_managed_bookmarks:
- name: Bitwarden
url: 'https://bitwarden.{{ domain }}'
- name: Git
url: 'https://git.{{ domain }}'
- name: Wiki
url: 'https://wiki.{{ domain }}'