{
  config,
  pkgs,
  lib,
  ...
}:
let
  jsonFormat = pkgs.formats.json { };
  cfg = config.programs.firefox;
in
{
  options = {
    programs.firefox = {
      cfg = lib.mkOption {
        type = lib.types.attrsOf jsonFormat.type;
        default = { };
      };
      firejail.args = lib.mkOption {
        description = "Arguments to pass to the firejail sandboxing firefox";
        type = with lib.types; listOf str;
        default = [
          "--profile=${pkgs.firejail}/etc/firejail/firefox.profile"
        ];
      };
    };
  };
  config = {
    home.packages = lib.mkIf cfg.enable [
      #pkgs.tor-browser-bundle-bin
    ];
    programs.browserpass.browsers = [ "firefox" ];
    programs.firefox = {
      enable = lib.mkDefault true;
      package = pkgs.firejailWrap {
        package = pkgs.wrapFirefox pkgs.firefox-unwrapped { inherit (cfg) cfg; };
        inherit (cfg.firejail) args;
      };
      cfg = {
        speechSynthesisSupport = lib.mkDefault false;
      };
      policies = {
        CaptivePortal = false;
        DNSOverHTTPS = {
          Enabled = false;
          Locked = true;
        };
        DisableAppUpdate = true;
        DisableFirefoxAccounts = true;
        DisableFirefoxStudies = true;
        DisablePocket = true;
        DisableTelemetry = true;
        DontCheckDefaultBrowser = true;
        FirefoxHome = {
          Pocket = false;
          Snippets = false;
        };
        NetworkPrediction = false;
        PromptForDownloadLocation = true;
        SearchEngines = {
          PreventInstalls = true;
        };
        SearchSuggestEnabled = false;
        UserMessaging = {
          ExtensionRecommendations = false;
          SkipOnboarding = true;
        };
      };
    };
  };
}