Erwin Boskma
47b905bf47
Due to subnet overlap with the new company network, made the following changes: - Set home network to 10.9.0.0/24 - Update work VPN configuration with new subnets and keys
59 lines
1.4 KiB
Nix
59 lines
1.4 KiB
Nix
{
|
|
services = {
|
|
blocky = {
|
|
enable = true;
|
|
settings = {
|
|
ports = {
|
|
dns = 53;
|
|
http = 4000;
|
|
};
|
|
upstreams = {
|
|
groups = {
|
|
default = [ "127.0.0.1:5455" ];
|
|
"100.64.0.0/10" = [ "127.0.0.1:5454" ];
|
|
"fd7a:115c:a1e0::/96" = [ "127.0.0.1:5454" ];
|
|
"fd7a:115c:a1e0:ab12::/64" = [ "127.0.0.1:5454" ];
|
|
};
|
|
};
|
|
|
|
blocking = {
|
|
blackLists = {
|
|
ads = [
|
|
"https://big.oisd.nl/domainswild"
|
|
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_2.txt" # AdAway
|
|
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_8.txt" # browser-based crypto miners
|
|
"https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews/hosts"
|
|
./extra-deny.txt
|
|
];
|
|
};
|
|
|
|
clientGroupsBlock = {
|
|
default = [ "ads" ];
|
|
};
|
|
};
|
|
|
|
caching = {
|
|
maxTime = -1;
|
|
};
|
|
|
|
customDNS = {
|
|
mapping = {
|
|
# Horus
|
|
"vaultserver.horus.nu" = "10.0.0.77";
|
|
# "downloads.horus.nu" = "10.0.0.129";
|
|
};
|
|
};
|
|
|
|
prometheus = {
|
|
enable = true;
|
|
};
|
|
|
|
queryLog = {
|
|
type = "csv";
|
|
target = "/var/lib/blocky/querylog";
|
|
logRetentionDays = 7;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|