98 lines
2.5 KiB
YAML
98 lines
2.5 KiB
YAML
bootstrapDns:
|
|
ips:
|
|
- 1.1.1.1
|
|
- 1.0.0.1
|
|
|
|
upstream:
|
|
default:
|
|
- 1.1.1.1
|
|
- 1.0.0.1
|
|
quad9:
|
|
- 9.9.9.9
|
|
- 149.112.112.112
|
|
- 2620:fe::fe
|
|
- 2620:fe::9
|
|
- https://dns.quad9.net/dns-query
|
|
- tcp-tls:dns.quad9.net
|
|
quad9-unsecured:
|
|
- 9.9.9.10
|
|
- 149.112.112.10
|
|
- 2620:fe::10
|
|
- 2620:fe::fe:10
|
|
- https://dns10.quad9.net/dns-query
|
|
- tcp-tls:dns10.quad9.net
|
|
|
|
conditional:
|
|
fallbackUpstream: false
|
|
mapping:
|
|
consul: {{ env "attr.unique.network.ip-address" }}:8600
|
|
home.arpa: 192.168.2.1
|
|
in-addr.arpa: 192.168.2.1
|
|
iot: 192.168.2.1
|
|
local: 192.168.2.1
|
|
thefij: 192.168.2.1
|
|
.: 192.168.2.1
|
|
|
|
clientLookup:
|
|
upstream: 192.168.2.1
|
|
|
|
blocking:
|
|
blackLists:
|
|
ads:
|
|
- https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
|
|
- http://sysctl.org/cameleon/hosts
|
|
- https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
|
|
- https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
|
|
- https://hosts-file.net/ad_servers.txt
|
|
smarttv:
|
|
- https://perflyst.github.io/PiHoleBlocklist/SmartTV.txt
|
|
- https://perflyst.github.io/PiHoleBlocklist/regex.list
|
|
malware:
|
|
- https://mirror1.malwaredomains.com/files/justdomains
|
|
whiteLists:
|
|
# Move to Gitea when deployed internally
|
|
ads:
|
|
{{ keyOrDefault "blocky/whitelists/ads" "# None" | indent 6 }}
|
|
clientGroupsBlock:
|
|
default:
|
|
- ads
|
|
- malware
|
|
- smarttv
|
|
|
|
customDNS:
|
|
customTTL: 1h
|
|
mapping:
|
|
{{ with service "traefik" -}}
|
|
{{- $last := len . | subtract 1 -}}
|
|
{{- $services := . -}}
|
|
{{ keyOrDefault "global/base_hostname" "${base_hostname}" }}: {{ range $i := loop $last -}}
|
|
{{- with index $services $i }}{{ .Address }},{{ end -}}
|
|
{{- end -}}
|
|
{{- with index . $last }}{{ .Address }}{{ end -}}
|
|
{{- end }}
|
|
# Other mappings
|
|
{{ keyOrDefault "blocky/mappings" "# None" | indent 4 }}
|
|
|
|
prometheus:
|
|
enable: true
|
|
|
|
{{ with service "redis" -}}
|
|
redis:
|
|
address: {{ env "NOMAD_UPSTREAM_ADDR_redis" }}
|
|
# password: ""
|
|
# database: 0
|
|
connectionAttempts: 10
|
|
connectionCooldown: 3s
|
|
{{ end -}}
|
|
|
|
{{ with service "vault" -}}{{ with service "mysql-server" -}}
|
|
{{ with secret "kv/data/blocky" -}}
|
|
queryLog:
|
|
type: mysql
|
|
target: {{ .Data.data.db_user }}:{{ .Data.data.db_pass }}@tcp({{ env "NOMAD_UPSTREAM_ADDR_mysql_server" }})/{{ .Data.data.db_name }}?charset=utf8mb4&parseTime=True&loc=Local
|
|
logRetentionDays: 14
|
|
{{ end -}}{{ end -}}{{ end -}}
|
|
|
|
port: 53
|
|
httpPort: 4000
|