diff --git a/modules/programs/firefox.nix b/modules/programs/firefox.nix index b19b0960..5984187c 100644 --- a/modules/programs/firefox.nix +++ b/modules/programs/firefox.nix @@ -78,7 +78,24 @@ let version = 4; lastUserContextId = elemAt (mapAttrsToList (_: container: container.id) containers) 0; - identities = mapAttrsToList containerToIdentity containers; + identities = mapAttrsToList containerToIdentity containers ++ [ + { + userContextId = 4294967294; # 2^32 - 2 + name = "userContextIdInternal.thumbnail"; + icon = ""; + color = ""; + accessKey = ""; + public = false; + } + { + userContextId = 4294967295; # 2^32 - 1 + name = "userContextIdInternal.webextStorageLocal"; + icon = ""; + color = ""; + accessKey = ""; + public = false; + } + ]; }} ''; @@ -677,6 +694,20 @@ in { (", namely " + concatStringsSep ", " defaults); }) + (let + getContainers = profiles: + flatten + (mapAttrsToList (_: value: (attrValues value.containers)) profiles); + + findInvalidContainerIds = profiles: + filter (container: container.id >= 4294967294) + (getContainers profiles); + in { + assertion = cfg.profiles == { } + || length (findInvalidContainerIds cfg.profiles) == 0; + message = "Container id must be smaller than 4294967294 (2^32 - 2)"; + }) + (mkNoDuplicateAssertion cfg.profiles "profile") ] ++ (mapAttrsToList (_: profile: mkNoDuplicateAssertion profile.containers "container") diff --git a/tests/modules/programs/firefox/container-id-out-of-range.nix b/tests/modules/programs/firefox/container-id-out-of-range.nix new file mode 100644 index 00000000..5dbeaedd --- /dev/null +++ b/tests/modules/programs/firefox/container-id-out-of-range.nix @@ -0,0 +1,27 @@ +{ config, lib, ... }: + +{ + imports = [ ./setup-firefox-mock-overlay.nix ]; + + config = lib.mkIf config.test.enableBig { + test.asserts.assertions.expected = + [ "Container id must be smaller than 4294967294 (2^32 - 2)" ]; + + programs.firefox = { + enable = true; + + profiles.my-profile = { + isDefault = true; + id = 1; + + containers = { + "shopping" = { + id = 4294967294; + color = "blue"; + icon = "circle"; + }; + }; + }; + }; + }; +} diff --git a/tests/modules/programs/firefox/default.nix b/tests/modules/programs/firefox/default.nix index b0c4fadb..1cd462f2 100644 --- a/tests/modules/programs/firefox/default.nix +++ b/tests/modules/programs/firefox/default.nix @@ -4,5 +4,6 @@ firefox-deprecated-native-messenger = ./deprecated-native-messenger.nix; firefox-duplicate-profile-ids = ./duplicate-profile-ids.nix; firefox-duplicate-container-ids = ./duplicate-container-ids.nix; + firefox-container-id-out-of-range = ./container-id-out-of-range.nix; firefox-policies = ./policies.nix; }