il/ilnmors-homelab
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8bff16d17255d54818e77471be09c2662c1bac6e
ilnmors-homelab/config/services/systemd/fw/blocky/etc/config.yaml.j2
il a7365da431 1.0.0 Release IaaS
2026-03-15 04:41:02 +09:00

68 lines
2.5 KiB
Django/Jinja
Raw Blame History

certFile: "/etc/blocky/ssl/blocky.crt"
keyFile: "/etc/blocky/ssl/blocky.key"
minTlsServeVersion: 1.2
connectIPVersion: dual
ports:
dns:
- "{{ hostvars['fw']['network4']['blocky']['server'] }}:53"
- "[{{ hostvars['fw']['network6']['blocky']['server'] }}]:53"
tls:
- "{{ hostvars['fw']['network4']['blocky']['server'] }}:853"
- "[{{ hostvars['fw']['network6']['blocky']['server'] }}]:853"
https:
- "{{ hostvars['fw']['network4']['blocky']['server'] }}:443"
- "[{{ hostvars['fw']['network6']['blocky']['server'] }}]:443"
log:
level: info
format: text
timestamp: true
privacy: false
upstreams:
groups:
default:
- "tcp-tls:1.1.1.1:853"
- "tcp-tls:1.0.0.1:853"
- "tcp-tls:[2606:4700:4700::1111]:853"
- "tcp-tls:[2606:4700:4700::1001]:853"
conditional:
fallbackUpstream: false
mapping:
ilnmors.internal: "{{ hostvars['fw']['network4']['bind']['server'] }}, {{ hostvars['fw']['network6']['bind']['server'] }}"
ilnmors.com: "{{ hostvars['fw']['network4']['bind']['server'] }}, {{ hostvars['fw']['network6']['bind']['server'] }}"
1.168.192.in-addr.arpa: "{{ hostvars['fw']['network4']['bind']['server'] }}, {{ hostvars['fw']['network6']['bind']['server'] }}"
10.168.192.in-addr.arpa: "{{ hostvars['fw']['network4']['bind']['server'] }}, {{ hostvars['fw']['network6']['bind']['server'] }}"
0.0.0.0.0.0.0.0.1.0.0.0.0.0.d.f.ip6.arpa: "{{ hostvars['fw']['network4']['bind']['server'] }}, {{ hostvars['fw']['network6']['bind']['server'] }}"
0.0.0.0.0.0.0.0.0.1.0.0.0.0.d.f.ip6.arpa: "{{ hostvars['fw']['network4']['bind']['server'] }}, {{ hostvars['fw']['network6']['bind']['server'] }}"
vpn.ilnmors.com: "tcp-tls:1.1.1.1:853, tcp-tls:1.0.0.1:853, tcp-tls:[2606:4700:4700::1111]:853, tcp-tls:[2606:4700:4700::1001]:853"
blocking:
blockType: nxDomain
denylists:
ads:
# [ General ]
- https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
- https://big.oisd.nl
- https://o0.pages.dev/Lite/domains.txt
# [ Korean regional ]
- https://raw.githubusercontent.com/yous/YousList/master/hosts.txt
# [ Telemetry ]
- https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt
- https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV.txt
clientGroupsBlock:
default:
- ads
caching:
minTime: 5m
maxTime: 30m
cacheTimeNegative: 0m
prefetching: true
prometheus:
enable: false
path: /metrics
Reference in New Issue View Git Blame Copy Permalink