erwin/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects 1 Releases Wiki Activity Actions

adguardhome: Remove configuration from nix

Browse source
This commit is contained in:
Erwin Boskma 2023-07-19 14:04:21 +02:00
parent 0ac9ec851f
commit ee8f7fb65e
Signed by: erwin
SSH key fingerprint: SHA256:9LmFDe1C6jSrEyqxxvX8NtJBmcbB105XoqyUZF092bg
1 changed files with 327 additions and 326 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

653
modules/adguard/default.nix
View file

@ -24,333 +24,334 @@ in
enable = true;
openFirewall = true;
settings = {
auth_attempts = 5;
block_auth_min = 15;
settings = { };
clients = {
persistent = [
{
name = "xiaomi-fan";
ids = [ "5a:b6:23:35:1c:76" ];
blocked_services = [
"9gag"
"amazon"
"cloudflare"
"dailymotion"
"discord"
"disneyplus"
"ebay"
"epic_games"
"facebook"
"hulu"
"imgur"
"instagram"
"mail_ru"
"netflix"
"ok"
"origin"
"pinterest"
"qq"
"reddit"
"skype"
"snapchat"
"spotify"
"steam"
"telegram"
"tiktok"
"tinder"
"twitch"
"twitter"
"viber"
"vimeo"
"vk"
"wechat"
"weibo"
"whatsapp"
"youtube"
];
filtering_enabled = true;
ignore_querylog = false;
ignore_statistics = false;
parental_enabled = true;
safe_search = {
bing = false;
duckduckgo = false;
enabled = false;
google = false;
pixabay = false;
yandex = false;
youtube = false;
};
safebrowsing_enabled = true;
tags = [ "device_other" ];
upstreams = [ ];
use_global_blocked_services = false;
use_global_settings = true;
}
];
runtime_sources = {
arp = true;
dhcp = true;
hosts = true;
rdns = true;
whois = true;
};
};
debug_pprof = false;
dhcp = {
dhcpv4 = {
gateway_ip = "10.0.0.1";
icmp_timeout_msec = 1000;
lease_duration = 86400;
options = [ ];
range_end = "10.0.0.200";
range_start = "10.0.0.150";
subnet_mask = "255.255.255.0";
};
dhcpv6 = {
lease_duration = 86400;
ra_allow_slaac = false;
ra_slaac_only = false;
range_start = "";
};
interface_name = "eth0";
enabled = true;
local_domain_name = "lan";
};
dns = {
aaaa_disabled = false;
all_servers = true;
allowed_clients = [ ];
anonymize_client_ip = false;
bind_hosts = [ "0.0.0.0" ];
blocked_hosts = [ "version.bind" "id.server" "hostname.bind" ];
blocked_response_ttl = 10;
blocked_services = [ "vk" "mail_ru" "pinterest" "tinder" "wechat" "ok" "qq" "snapchat" "weibo" "9gag" ];
blocking_ipv4 = "";
blocking_ipv6 = "";
blocking_mode = "default";
bogus_nxdomain = [ ];
bootstrap_dns = [ ];
bootstrap_prefer_ipv6 = false;
cache_optimistic = false;
cache_size = 4194304;
cache_time = 30;
cache_ttl_max = 0;
cache_ttl_min = 0;
disallowed_clients = [ ];
dns64_prefixes = [ ];
edns_client_subnet = {
custom_ip = "";
enabled = true;
use_custom = false;
};
enable_dnssec = true;
fastest_addr = false;
fastest_timeout = "1s";
filtering_enabled = true;
filters_update_interval = 24;
handle_ddr = true;
ipset = [ ];
ipset_file = "";
local_ptr_upstreams = [ ];
max_goroutines = 0;
parental_block_host = "family-block.dns.adguard.com";
parental_cache_size = 1048576;
parental_enabled = false;
port = 53;
private_networks = [ ];
protection_disabled_until = null;
protection_enabled = true;
ratelimit = 20;
ratelimit_whitelist = [ ];
refuse_any = true;
rewrites = [
{
answer = "10.0.0.254";
domain = "track.datarift.nl";
}
{
answer = "10.0.0.2";
domain = "ca.datarift.nl";
}
{
answer = "10.0.0.252";
domain = "pve.datarift.nl";
}
{
answer = "10.0.0.251";
domain = "git.datarift.nl";
}
{
answer = "10.0.0.251";
domain = "minio.datarift.nl";
}
{
answer = "10.0.0.251";
domain = "home.datarift.nl";
}
{
answer = "10.0.0.251";
domain = "drone.datarift.nl";
}
{
answer = "10.0.0.100";
domain = "vidz.datarift.nl";
}
{
answer = "10.0.0.4";
domain = "loki.datarift.nl";
}
{
answer = "10.0.0.251";
domain = "minio-admin.datarift.nl";
}
{
answer = "192.168.4.32";
domain = "vaultserver.horus.nu";
}
{
answer = "10.0.0.254";
domain = "mqtt.datarift.nl";
}
{
answer = "10.0.0.251";
domain = "frigate.datarift.nl";
}
{
answer = "192.168.4.130";
domain = "containers.internal.horus.nu";
}
{
answer = "192.168.4.121";
domain = "repohost.bedum.horus.nu";
}
{
answer = "192.168.4.150";
domain = "teamcity.horus.nu";
}
{
answer = "2a02:a441:c959:1:52ef:4c5d:ffac:25bc";
domain = "frigate.datarift.nl";
}
];
safe_search = {
bing = true;
duckduckgo = true;
enabled = false;
google = true;
pixabay = true;
yandex = true;
youtube = true;
};
safebrowsing_block_host = "standard-block.dns.adguard.com";
safebrowsing_cache_size = 1048576;
safebrowsing_enabled = false;
safesearch_cache_size = 1048576;
serve_http3 = false;
trusted_proxies = [ "127.0.0.0/8" "::1/128" ];
upstream_dns = cfg.upstreams;
upstream_dns_file = "";
upstream_timeout = "10s";
use_dns64 = false;
use_http3_upstreams = false;
use_private_ptr_resolvers = true;
};
filters = [
{
enabled = true;
id = 1;
name = "AdGuard DNS filter";
url = "https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt";
}
{
enabled = true;
id = 2;
name = "AdAway";
url = "https://adaway.org/hosts.txt";
}
{
enabled = true;
id = 1586463155;
name = "dbl.oisd.nl";
url = "https://dbl.oisd.nl/";
}
];
http_proxy = "";
language = "";
log_compress = false;
log_file = "";
log_localtime = false;
log_max_age = 3;
log_max_backups = 0;
log_max_size = 100;
os = {
group = "";
rlimit_nofile = 0;
user = "";
};
querylog = {
enabled = true;
file_enabled = true;
ignored = [ ];
interval = "168h";
size_memory = 1000;
};
schema_version = 20;
statistics = {
enabled = true;
ignored = [ ];
interval = "168h";
};
theme = "auto";
tls = {
allow_unencrypted_doh = false;
certificate_chain = "";
certificate_path = "";
dnscrypt_config_file = "";
enabled = false;
force_https = false;
port_dns_over_quic = 784;
port_dns_over_tls = 853;
port_dnscrypt = 0;
port_https = 443;
private_key = "";
private_key_path = "";
server_name = "";
strict_sni_check = false;
};
user_rules = [
"@@||msmetrics.ws.sonos.com^$important"
"@@||trafficdeposit.com^$important"
"@@||omropfryslan.bbvms.com^$important"
"@@||cdn.riverhit.com^$important"
"@@||kpngroup.emsecure.net^$important"
"@@||chtbl.com^$important"
"@@||*^$client='TV'"
"||mozilla.cloudflare-dns.com^$important"
"||use-application-dns.net^$important"
"@@||widget.fitanalytics.com^$important"
"@@||cdn.bluebillywig.com^$important"
"@@||bert.org^$important"
"||prod-pre.fns.tunein.com^$important"
"#||mi.com^$dnsrewrite=NOERROR;A;10.0.0.4"
"#||xiaomi.com^$dnsrewrite=NOERROR;A;10.0.0.4"
"@@||aa.tweakers.nl^$important"
"@@||ab.tweakers.nl^$important"
"||zip^"
];
users = [
{
name = "erwin";
password = "$2b$12$bcE.EzNPhKmtDlgkej83xeAE/ADmAczt.iaElp6v4QT8DBlbVBgb.";
}
];
verbose = false;
web_session_ttl = 720;
whitelist_filters = [ ];
};
# settings = {
# auth_attempts = 5;
# block_auth_min = 15;
# clients = {
# persistent = [
# {
# name = "xiaomi-fan";
# ids = [ "5a:b6:23:35:1c:76" ];
# blocked_services = [
# "9gag"
# "amazon"
# "cloudflare"
# "dailymotion"
# "discord"
# "disneyplus"
# "ebay"
# "epic_games"
# "facebook"
# "hulu"
# "imgur"
# "instagram"
# "mail_ru"
# "netflix"
# "ok"
# "origin"
# "pinterest"
# "qq"
# "reddit"
# "skype"
# "snapchat"
# "spotify"
# "steam"
# "telegram"
# "tiktok"
# "tinder"
# "twitch"
# "twitter"
# "viber"
# "vimeo"
# "vk"
# "wechat"
# "weibo"
# "whatsapp"
# "youtube"
# ];
# filtering_enabled = true;
# ignore_querylog = false;
# ignore_statistics = false;
# parental_enabled = true;
# safe_search = {
# bing = false;
# duckduckgo = false;
# enabled = false;
# google = false;
# pixabay = false;
# yandex = false;
# youtube = false;
# };
# safebrowsing_enabled = true;
# tags = [ "device_other" ];
# upstreams = [ ];
# use_global_blocked_services = false;
# use_global_settings = true;
# }
# ];
# runtime_sources = {
# arp = true;
# dhcp = true;
# hosts = true;
# rdns = true;
# whois = true;
# };
# };
# debug_pprof = false;
# dhcp = {
# dhcpv4 = {
# gateway_ip = "10.0.0.1";
# icmp_timeout_msec = 1000;
# lease_duration = 86400;
# options = [ ];
# range_end = "10.0.0.200";
# range_start = "10.0.0.150";
# subnet_mask = "255.255.255.0";
# };
# dhcpv6 = {
# lease_duration = 86400;
# ra_allow_slaac = false;
# ra_slaac_only = false;
# range_start = "";
# };
# interface_name = "eth0";
# enabled = true;
# local_domain_name = "lan";
# };
# dns = {
# aaaa_disabled = false;
# all_servers = true;
# allowed_clients = [ ];
# anonymize_client_ip = false;
# bind_hosts = [ "0.0.0.0" ];
# blocked_hosts = [ "version.bind" "id.server" "hostname.bind" ];
# blocked_response_ttl = 10;
# blocked_services = [ "vk" "mail_ru" "pinterest" "tinder" "wechat" "ok" "qq" "snapchat" "weibo" "9gag" ];
# blocking_ipv4 = "";
# blocking_ipv6 = "";
# blocking_mode = "default";
# bogus_nxdomain = [ ];
# bootstrap_dns = [ ];
# bootstrap_prefer_ipv6 = false;
# cache_optimistic = false;
# cache_size = null;
# cache_time = 30;
# cache_ttl_max = 0;
# cache_ttl_min = 0;
# disallowed_clients = [ ];
# dns64_prefixes = [ ];
# edns_client_subnet = {
# custom_ip = "";
# enabled = true;
# use_custom = false;
# };
# enable_dnssec = true;
# fastest_addr = false;
# fastest_timeout = "1s";
# filtering_enabled = true;
# filters_update_interval = 24;
# handle_ddr = true;
# ipset = [ ];
# ipset_file = "";
# local_ptr_upstreams = [ ];
# max_goroutines = 0;
# parental_block_host = "family-block.dns.adguard.com";
# parental_cache_size = 1048576;
# parental_enabled = false;
# port = 53;
# private_networks = [ ];
# protection_disabled_until = null;
# protection_enabled = true;
# ratelimit = 20;
# ratelimit_whitelist = [ ];
# refuse_any = true;
# rewrites = [
# {
# answer = "10.0.0.254";
# domain = "track.datarift.nl";
# }
# {
# answer = "10.0.0.2";
# domain = "ca.datarift.nl";
# }
# {
# answer = "10.0.0.252";
# domain = "pve.datarift.nl";
# }
# {
# answer = "10.0.0.251";
# domain = "git.datarift.nl";
# }
# {
# answer = "10.0.0.251";
# domain = "minio.datarift.nl";
# }
# {
# answer = "10.0.0.251";
# domain = "home.datarift.nl";
# }
# {
# answer = "10.0.0.251";
# domain = "drone.datarift.nl";
# }
# {
# answer = "10.0.0.100";
# domain = "vidz.datarift.nl";
# }
# {
# answer = "10.0.0.4";
# domain = "loki.datarift.nl";
# }
# {
# answer = "10.0.0.251";
# domain = "minio-admin.datarift.nl";
# }
# {
# answer = "192.168.4.32";
# domain = "vaultserver.horus.nu";
# }
# {
# answer = "10.0.0.254";
# domain = "mqtt.datarift.nl";
# }
# {
# answer = "10.0.0.251";
# domain = "frigate.datarift.nl";
# }
# {
# answer = "192.168.4.130";
# domain = "containers.internal.horus.nu";
# }
# {
# answer = "192.168.4.121";
# domain = "repohost.bedum.horus.nu";
# }
# {
# answer = "192.168.4.150";
# domain = "teamcity.horus.nu";
# }
# {
# answer = "2a02:a441:c959:1:52ef:4c5d:ffac:25bc";
# domain = "frigate.datarift.nl";
# }
# ];
# safe_search = {
# bing = true;
# duckduckgo = true;
# enabled = false;
# google = true;
# pixabay = true;
# yandex = true;
# youtube = true;
# };
# safebrowsing_block_host = "standard-block.dns.adguard.com";
# safebrowsing_cache_size = 1048576;
# safebrowsing_enabled = false;
# safesearch_cache_size = 1048576;
# serve_http3 = false;
# trusted_proxies = [ "127.0.0.0/8" "::1/128" ];
# upstream_dns = cfg.upstreams;
# upstream_dns_file = "";
# upstream_timeout = "10s";
# use_dns64 = false;
# use_http3_upstreams = false;
# use_private_ptr_resolvers = true;
# };
# filters = [
# {
# enabled = true;
# id = 1;
# name = "AdGuard DNS filter";
# url = "https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt";
# }
# {
# enabled = true;
# id = 2;
# name = "AdAway";
# url = "https://adaway.org/hosts.txt";
# }
# {
# enabled = true;
# id = 1586463155;
# name = "dbl.oisd.nl";
# url = "https://dbl.oisd.nl/";
# }
# ];
# http_proxy = "";
# language = "";
# log_compress = false;
# log_file = "";
# log_localtime = false;
# log_max_age = 3;
# log_max_backups = 0;
# log_max_size = 100;
# os = {
# group = "";
# rlimit_nofile = 0;
# user = "";
# };
# querylog = {
# enabled = true;
# file_enabled = true;
# ignored = [ ];
# interval = "168h";
# size_memory = 1000;
# };
# schema_version = 20;
# statistics = {
# enabled = true;
# ignored = [ ];
# interval = "168h";
# };
# theme = "auto";
# tls = {
# allow_unencrypted_doh = false;
# certificate_chain = "";
# certificate_path = "";
# dnscrypt_config_file = "";
# enabled = false;
# force_https = false;
# port_dns_over_quic = 784;
# port_dns_over_tls = 853;
# port_dnscrypt = 0;
# port_https = 443;
# private_key = "";
# private_key_path = "";
# server_name = "";
# strict_sni_check = false;
# };
# user_rules = [
# "@@||msmetrics.ws.sonos.com^$important"
# "@@||trafficdeposit.com^$important"
# "@@||omropfryslan.bbvms.com^$important"
# "@@||cdn.riverhit.com^$important"
# "@@||kpngroup.emsecure.net^$important"
# "@@||chtbl.com^$important"
# "@@||*^$client='TV'"
# "||mozilla.cloudflare-dns.com^$important"
# "||use-application-dns.net^$important"
# "@@||widget.fitanalytics.com^$important"
# "@@||cdn.bluebillywig.com^$important"
# "@@||bert.org^$important"
# "||prod-pre.fns.tunein.com^$important"
# "#||mi.com^$dnsrewrite=NOERROR;A;10.0.0.4"
# "#||xiaomi.com^$dnsrewrite=NOERROR;A;10.0.0.4"
# "@@||aa.tweakers.nl^$important"
# "@@||ab.tweakers.nl^$important"
# "||zip^"
# ];
# users = [
# {
# name = "erwin";
# password = "$2b$12$bcE.EzNPhKmtDlgkej83xeAE/ADmAczt.iaElp6v4QT8DBlbVBgb.";
# }
# ];
# verbose = false;
# web_session_ttl = 720;
# whitelist_filters = [ ];
# };
};
# This is necessary to bind a raw socket for DHCP