homelab-nomad/core/blocky/config.yml

98 lines
2.5 KiB
YAML
Raw Permalink Normal View History

bootstrapDns:
ips:
- 1.1.1.1
- 1.0.0.1
2022-02-28 20:07:34 +00:00
upstream:
default:
- 1.1.1.1
- 1.0.0.1
quad9:
- 9.9.9.9
- 149.112.112.112
- 2620:fe::fe
- 2620:fe::9
- https://dns.quad9.net/dns-query
2022-06-24 03:11:09 +00:00
- tcp-tls:dns.quad9.net
quad9-unsecured:
- 9.9.9.10
- 149.112.112.10
- 2620:fe::10
- 2620:fe::fe:10
- https://dns10.quad9.net/dns-query
- tcp-tls:dns10.quad9.net
conditional:
fallbackUpstream: false
mapping:
consul: {{ env "attr.unique.network.ip-address" }}:8600
home.arpa: 192.168.2.1
in-addr.arpa: 192.168.2.1
iot: 192.168.2.1
local: 192.168.2.1
thefij: 192.168.2.1
.: 192.168.2.1
clientLookup:
upstream: 192.168.2.1
2022-02-28 20:07:34 +00:00
blocking:
blackLists:
ads:
- https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
2022-03-22 03:12:47 +00:00
- http://sysctl.org/cameleon/hosts
- https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
- https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
- https://hosts-file.net/ad_servers.txt
smarttv:
- https://perflyst.github.io/PiHoleBlocklist/SmartTV.txt
- https://perflyst.github.io/PiHoleBlocklist/regex.list
malware:
- https://mirror1.malwaredomains.com/files/justdomains
whiteLists:
# Move to Gitea when deployed internally
ads:
{{ keyOrDefault "blocky/whitelists/ads" "# None" | indent 6 }}
2022-02-28 20:07:34 +00:00
clientGroupsBlock:
default:
- ads
2022-03-22 03:12:47 +00:00
- malware
- smarttv
2022-02-28 20:07:34 +00:00
customDNS:
customTTL: 1h
mapping:
{{ with service "traefik" -}}
{{- $last := len . | subtract 1 -}}
{{- $services := . -}}
{{ keyOrDefault "global/base_hostname" "${base_hostname}" }}: {{ range $i := loop $last -}}
{{- with index $services $i }}{{ .Address }},{{ end -}}
{{- end -}}
{{- with index . $last }}{{ .Address }}{{ end -}}
{{- end }}
# Other mappings
{{ keyOrDefault "blocky/mappings" "# None" | indent 4 }}
2022-02-28 20:07:34 +00:00
prometheus:
enable: true
2022-11-12 00:21:17 +00:00
{{ with service "redis" -}}
redis:
address: {{ env "NOMAD_UPSTREAM_ADDR_redis" }}
# password: ""
# database: 0
connectionAttempts: 10
connectionCooldown: 3s
2022-11-12 00:21:17 +00:00
{{ end -}}
2022-11-12 00:21:17 +00:00
{{ with service "vault" -}}{{ with service "mysql-server" -}}
{{ with secret "kv/data/blocky" -}}
queryLog:
type: mysql
target: {{ .Data.data.db_user }}:{{ .Data.data.db_pass }}@tcp({{ env "NOMAD_UPSTREAM_ADDR_mysql_server" }})/{{ .Data.data.db_name }}?charset=utf8mb4&parseTime=True&loc=Local
logRetentionDays: 14
{{ end -}}{{ end -}}{{ end -}}
2022-02-28 20:07:34 +00:00
port: 53
httpPort: 4000