blocky: use internal kube dns to resolve cluster.local domains

2026-05-06 16:51:27 +00:00 · 2026-05-02 15:36:43 +02:00
parent 5fa0bc8e60
commit 1f5a3ddd5b
1 changed files with 18 additions and 18 deletions
--- a/kubernetes/system/blocky/values.yaml
+++ b/kubernetes/system/blocky/values.yaml
@@ -29,29 +29,29 @@ resources:
        cpu: 50m
        memory: 64Mi
 # Full list of options https://github.com/0xERR0R/blocky/blob/v0.18/docs/config.yml
-config: "upstream:\n  default:\n    - 1.1.1.1\n    - 1.0.0.1\n  lan:\n    - coredns.coredns.svc.cluster.local\n\nconditional:\n  mapping:\n    lan: coredns.coredns.svc.cluster.local\n\nblocking:\n  whiteLists:\n    ads:\n      - dealabs.digidip.net\n      - s.click.aliexpress.com\n      - fonts.googleapis.com\n      - fonts.gstatic.com\n      - wl.spotify.com\n      - www.googleadservices.com\n  \n  blackLists:\n    ads:\n      - https://big.oisd.nl/\n      - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts\n      - https://adaway.org/hosts.txt\n  \n  clientGroupsBlock:\n    default:\n      - ads\n  \n  blockType: zeroIp\n  blockTTL: 1m\n  refreshPeriod: 4h\n  downloadTimeout: 60s\n\ncaching:\n  minTime: 5m\n  maxTime: 30m\n  prefetching: true\n  prefetchExpires: 2h\n  prefetchThreshold: 5\n\nprometheus:\n  enable: true\n  path: /metrics\n\nport: 53\nhttpPort: 4000\nbootstrapDns: tcp+udp:1.1.1.1\nlogLevel: info\nlogFormat: text\nlogTimestamp: true\n"
+config: "upstream:\n    default:\n        - 1.1.1.1\n        - 1.0.0.1\n    lan:\n        - coredns.coredns.svc.cluster.local\n    cluster:\n        - 10.96.0.10\n\nconditional:\n    mapping:\n        lan: coredns.coredns.svc.cluster.local\n        cluster.local: 10.96.0.10\n        in-addr.arpa: 10.96.0.10\n\nblocking:\n    whiteLists:\n        ads:\n            - dealabs.digidip.net\n            - s.click.aliexpress.com\n            - fonts.googleapis.com\n            - fonts.gstatic.com\n            - wl.spotify.com\n            - www.googleadservices.com\n    \n    blackLists:\n        ads:\n            - https://big.oisd.nl/\n            - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts\n            - https://adaway.org/hosts.txt\n    \n    clientGroupsBlock:\n        default:\n            - ads\n    \n    blockType: zeroIp\n    blockTTL: 1m\n    refreshPeriod: 4h\n    downloadTimeout: 60s\n\ncaching:\n    minTime: 5m\n    maxTime: 30m\n    prefetching: true\n    prefetchExpires: 2h\n    prefetchThreshold: 5\n\nprometheus:\n    enable: true\n    path: /metrics\n\nport: 53\nhttpPort: 4000\nbootstrapDns: tcp+udp:1.1.1.1\nlogLevel: info\nlogFormat: text\nlogTimestamp: true\n"
 sops:
-    lastmodified: "2026-05-02T13:29:01Z"
-    mac: ENC[AES256_GCM,data:cfgRW7HlYE1MqgT1hiy6ZfGeiGiVbclDKJIELNrEl7DEJcaSKEwZLujBUiNQGZ0eVkY8oGkiPfEF/J0xcBtQBp/JGtKbvdxoJGTYUAZhwpyJ7LIucAXVwyMUM7ahD76jDAwiKLYxwV40Egr5X06FlyAjVZ07S3l3hmrKQzQXgao=,iv:SnkDaDUR+aCVqp61lkjO1IxPxrRc3sdYnHYCaP0Vv8c=,tag:TZdvBSzbKbbRO7FANRmXuw==,type:str]
+    lastmodified: "2026-05-02T13:36:25Z"
+    mac: ENC[AES256_GCM,data:PMAIp2OPrupteY5xz9YDd+VAb6lzRiwInDJa7duN0DeRB8FUBGOYp8baLKxLw/Xf6C54DI5SsQQh0CW8ecM1Zss04QZsQIJhtJQSotW6/E0xmJFKz/LlTuuwUmmjLzKvHwrc2eI0nChHg1kel3Sd/SpV3/w0m4A73Dddc+8+iNI=,iv:ce80zCKzt8KDyBLg89YHHQ6smdY3dFqK/OyH/WkU8Y8=,tag:kWDSWcHCc74AUhrIW0YK8A==,type:str]
    pgp:
-        - created_at: "2026-05-02T13:29:00Z"
+        - created_at: "2026-05-02T13:36:24Z"
          enc: |-
            -----BEGIN PGP MESSAGE-----

-            hQIMA7uy4qQr71wiAQ//TdM8u50xb2DbQ96kgXxgh3iJnKSMnAJxZwch6RRgTDKI
-            R88+IoHRx1jLWN6yVoWumzFyyR04YB/AieZJbECCmW+qoO/fDdfolXohMxYtzus3
-            oTLNXdVHbL4O/SnLu1po8RhUWnIBJ4MCTSsA7JnqX/omdCL2VGhQjCTZye1+zc3q
-            jaFds7tz6ElZYlDtRYx07E+NkeC7UFtJDF5xzg1yoc8y6B1eBl/x5yvY3TJhXjXF
-            wEUV6x6P35ieOforlE8s8oTt89lEe12FRnA8DtvecSaA6rrd1pC7mSq2acVRxooT
-            1CdrUjQMGAFVvAYYFHEcKPaHsnPPOjuIld+eR9HqqluaIVZNPOrdN1NQkZi2q76E
-            rnvxeeBTKhiVdxkOXA9yEkFUGrAr92FJp4CuWYym/ptqxto+/qNoziT8+wCmj+xL
-            GN2tJHwHyPgGoUUYRP70pDsok7bxx4iyZCChrBzfSezkQKKN2bDHAHOjO6/+x9dU
-            V7AJOy/Cg8TDO3kBY1MWghazdbfMPCwMtZa0SCMOZU7w1FpQrG5fi3pEKrpbirSM
-            4v8QApvarzuj+OAHKAJrckMq8ocGPbaUNCC767CniQfGQR0x4/4Ff7UAZ1K0H4eO
-            hm1dzy4RUKXcQMYO7zp/ZXrTL6+uNx8CiXd4sC76yA1GeVCkWKBhUdsQoDXwzAHS
-            XgGR+qzw99Sbsx8IGx+zCgB1Kf/udAyIolzsNDw4sCmGKkzq0FpzjceLtsa2JAqE
-            n1DWl62HGL8JoozMa/4Rd9wWPfjBFcoB19QbqRuMGqg2pEw2sJL3BPSVDWADNFk=
-            =8/Jy
+            hQIMA7uy4qQr71wiAQ/+NZdAOeY1HXVxqAA5Vfsp9KeABMaQ0R2Bz2+gSP1pYyaS
+            +XkVvSXrUtnx31DWNdBJmWMfKwZB+JSomKW9QKett7G/J2cZg9yoGutEVoywwUim
+            TKNl0hi7bIJbHWyKjqUQ6/mu3qt5vsV/qF/gGi3C+urZ2IAZQachyBasm0pF5oeI
+            F4/xxdjDCU2E/t7lQtGiOxyMAXF9uWsW2ShLK9P/fn2LjdzFbYF4GEXKkgfoN4bx
+            NpoQSlTj+5OyyWNtCjmaeYjseYOLSzdHqKkgcyzFyGLpZnMg8cENRn3F8b9/fxjB
+            qYtIGX4BxO5w3Vz9f0Q5ERhDLidxYoHLaKzdRhZjIZq3NuD1WTldc9Kk9WwTTog2
+            mhSuVWXgpTetZIESZBSbosfRRsMz69BWePCLPfyCYiPyxmd2g+aV//+0wiLLlKFM
+            pxhUw2s/ylnf3cl/Cf6vGvue3Q+gca5o3AH+7pMloaJvPVQBYUcz+jAGMIN+scKT
+            26KtAMScOHzjO+GKiD7pu51LRPAJJHB8Iu09Pd+0j5Ocm2uYJR2neeUrfnXAA6cU
+            Q0LETvn1s10BEV/maeYdD0h2iNOOXX03whtnatf//bKN9nVbbGETT35SJRiNe05w
+            0k+wDtnkf8oljltnj/mW72av/mceGZaFhGDFvAVA8v7a4WajsW0unfhrvRAGmGLS
+            XgHt+TILM1bS3qtgLPl0F7t/Kt+++oF8cbMyKjEXHDZg6z+A5SUeK//CEB8UE7+5
+            MQfbpH+HOWW+z1I5nfOzS3ACOldJG61WNMuwq4K/pJlMF0Ts9nsssaBBfZRUMJY=
+            =2lyN
            -----END PGP MESSAGE-----
          fp: DC6910268E657FF70BA7EC289974494E76938DDC
    encrypted_regex: ^(password|value|ssh-key|api-key|user|username|privateKey|clientSecret|clientId|apiKey|extraArgs.*|.*Secret.*|extraEnvVars|.*SECRET.*|.*secret.*|key|.*Password|.*\.ya?ml)$