From fb51af67b0e35bdc04efee7d7b9bb371ea1adba4 Mon Sep 17 00:00:00 2001 From: Valentin Haudiquet Date: Sat, 2 May 2026 15:46:05 +0200 Subject: [PATCH] blocky: update config format, tryfix DNS resolution --- kubernetes/system/blocky/values.yaml | 39 ++++++++++++++-------------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/kubernetes/system/blocky/values.yaml b/kubernetes/system/blocky/values.yaml index d20a7ef..3ae7a37 100644 --- a/kubernetes/system/blocky/values.yaml +++ b/kubernetes/system/blocky/values.yaml @@ -28,30 +28,31 @@ resources: requests: cpu: 50m memory: 64Mi -# Full list of options https://github.com/0xERR0R/blocky/blob/v0.18/docs/config.yml -config: "upstream:\n default:\n - 1.1.1.1\n - 1.0.0.1\n lan:\n - coredns.coredns.svc.cluster.local\n cluster:\n - 10.96.0.10\n\nconditional:\n mapping:\n lan: coredns.coredns.svc.cluster.local\n cluster.local: 10.96.0.10\n in-addr.arpa: 10.96.0.10\n\nblocking:\n whiteLists:\n ads:\n - dealabs.digidip.net\n - s.click.aliexpress.com\n - fonts.googleapis.com\n - fonts.gstatic.com\n - wl.spotify.com\n - www.googleadservices.com\n \n blackLists:\n ads:\n - https://big.oisd.nl/\n - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts\n - https://adaway.org/hosts.txt\n \n clientGroupsBlock:\n default:\n - ads\n \n blockType: zeroIp\n blockTTL: 1m\n refreshPeriod: 4h\n downloadTimeout: 60s\n\ncaching:\n minTime: 5m\n maxTime: 30m\n prefetching: true\n prefetchExpires: 2h\n prefetchThreshold: 5\n\nprometheus:\n enable: true\n path: /metrics\n\nport: 53\nhttpPort: 4000\nbootstrapDns: tcp+udp:1.1.1.1\nlogLevel: info\nlogFormat: text\nlogTimestamp: true\n" +# Full list of options https://github.com/0xERR0R/blocky/blob/main/docs/config.yml +# Using Kubernetes DNS ClusterIP (10.96.0.10) - this is stable and won't change +config: "upstreams:\n groups:\n default:\n - 1.1.1.1\n - 1.0.0.1\n lan:\n - 10.101.207.1\n\nconditional:\n mapping:\n lan: 10.101.207.1\n cluster.local: 10.96.0.10\n in-addr.arpa: 10.96.0.10\n\nblocking:\n allowlists:\n ads:\n # Inline domain entries (one per line)\n - |\n dealabs.digidip.net\n s.click.aliexpress.com\n fonts.googleapis.com\n fonts.gstatic.com\n wl.spotify.com\n www.googleadservices.com\n \n denylists:\n ads:\n # Using hosts-format lists\n - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts\n - https://adaway.org/hosts.txt\n \n clientGroupsBlock:\n default:\n - ads\n \n blockType: zeroIp\n blockTTL: 1m\n loading:\n refreshPeriod: 4h\n downloads:\n timeout: 60s\n\ncaching:\n minTime: 5m\n maxTime: 30m\n prefetching: true\n prefetchExpires: 2h\n prefetchThreshold: 5\n\nprometheus:\n enable: true\n path: /metrics\n\nports:\n dns: 53\n http: 4000\n\nbootstrapDns: tcp+udp:1.1.1.1\n\nlog:\n level: info\n format: text\n timestamp: true\n" sops: - lastmodified: "2026-05-02T13:36:25Z" - mac: ENC[AES256_GCM,data:PMAIp2OPrupteY5xz9YDd+VAb6lzRiwInDJa7duN0DeRB8FUBGOYp8baLKxLw/Xf6C54DI5SsQQh0CW8ecM1Zss04QZsQIJhtJQSotW6/E0xmJFKz/LlTuuwUmmjLzKvHwrc2eI0nChHg1kel3Sd/SpV3/w0m4A73Dddc+8+iNI=,iv:ce80zCKzt8KDyBLg89YHHQ6smdY3dFqK/OyH/WkU8Y8=,tag:kWDSWcHCc74AUhrIW0YK8A==,type:str] + lastmodified: "2026-05-02T13:46:03Z" + mac: ENC[AES256_GCM,data:B8NGD8pFktVBA8IgClXiV6PoTnCePXQ6fzj0bVmEmDhP7875oOnVTAgDqgffWA8dh5/UVoGM9kh9SjntM1Bu5f11ihC6roFxeHyLUdwNdXlZsKGtoyct+GXqmdUNPk8eqotZedsOWHLRJZz0XoGAmEyIxsYzNgH0Z4zb8W0sNvU=,iv:LPnGqY3ja7JLA8zeVrQ+apIp6w3cmN9CzkeWRKMXMDI=,tag:RRHTbzZYNZ1b1sF1Uymisw==,type:str] pgp: - - created_at: "2026-05-02T13:36:24Z" + - created_at: "2026-05-02T13:46:01Z" enc: |- -----BEGIN PGP MESSAGE----- - hQIMA7uy4qQr71wiAQ/+NZdAOeY1HXVxqAA5Vfsp9KeABMaQ0R2Bz2+gSP1pYyaS - +XkVvSXrUtnx31DWNdBJmWMfKwZB+JSomKW9QKett7G/J2cZg9yoGutEVoywwUim - TKNl0hi7bIJbHWyKjqUQ6/mu3qt5vsV/qF/gGi3C+urZ2IAZQachyBasm0pF5oeI - F4/xxdjDCU2E/t7lQtGiOxyMAXF9uWsW2ShLK9P/fn2LjdzFbYF4GEXKkgfoN4bx - NpoQSlTj+5OyyWNtCjmaeYjseYOLSzdHqKkgcyzFyGLpZnMg8cENRn3F8b9/fxjB - qYtIGX4BxO5w3Vz9f0Q5ERhDLidxYoHLaKzdRhZjIZq3NuD1WTldc9Kk9WwTTog2 - mhSuVWXgpTetZIESZBSbosfRRsMz69BWePCLPfyCYiPyxmd2g+aV//+0wiLLlKFM - pxhUw2s/ylnf3cl/Cf6vGvue3Q+gca5o3AH+7pMloaJvPVQBYUcz+jAGMIN+scKT - 26KtAMScOHzjO+GKiD7pu51LRPAJJHB8Iu09Pd+0j5Ocm2uYJR2neeUrfnXAA6cU - Q0LETvn1s10BEV/maeYdD0h2iNOOXX03whtnatf//bKN9nVbbGETT35SJRiNe05w - 0k+wDtnkf8oljltnj/mW72av/mceGZaFhGDFvAVA8v7a4WajsW0unfhrvRAGmGLS - XgHt+TILM1bS3qtgLPl0F7t/Kt+++oF8cbMyKjEXHDZg6z+A5SUeK//CEB8UE7+5 - MQfbpH+HOWW+z1I5nfOzS3ACOldJG61WNMuwq4K/pJlMF0Ts9nsssaBBfZRUMJY= - =2lyN + hQIMA7uy4qQr71wiARAAv7BwD5jFu6rz116wCdbiYhJLEMcw4ktq9Aj3rdUlVKMk + 352bUDe9XK/ANmpeBzIbvaSgGRupU6ba/zCRsVBn3S+2DkG1+iXU+M3wgf9RrQx2 + ksp653uMPUp8bQ/8SMnQ24nACTCI9njUTZBxmHN+G299TfLSLIBX0H8V5EyNZPV2 + HIhj+vTBXUlplm5DV9/C0A3Yg/uE0nImtAe44FhtzseUfSr1n+vx9uy0oqJQUXrv + wm6XW4PYHFSdi73xiawVY/hNh4LTHGjE0U3QTo2orgleFzXX2YAs+Bmp6pEphJbk + X7j5WoEcenW2N4ifkZpz4XkXjvyQCmF4UjHcum93+4FLrE23L1ekpuNf2EpT8Dd5 + HoeyensBQjsdqG1NGAlt5dzA9rlxk+MsTo7kb1f1/VSKI06hR/PTd02DiiY8qj2f + Q0v7UYPWKHdtJRhzIgI73FUieLbZV+6VgeeAA5AzLp0EiBE5848TVXOEQZAsw1K3 + gDb+vEEgi3b6BzALn46F6VhmJfUEEfl2fEcNFdutc/5BflKzgYkElUH6VWJkkaiS + GYQhUVMmDnjj8FgoT5FCaQXVqZCzMCBYvPitNPskIJlHkos0ETq1G/A5RkubQc/X + Yjx+UuXmFzDLEaKHBUAV7EdQO0Y7hqLr3kijaBc8LyBjjeYYnI8jXWQVZ6e2a3TS + XAHSiI5bdISuWcg2ULFaFm/buVO0PzQ6gkyRhgAaJbXeMTTsZq9b+o3hMU3NhDoo + +5iuMQn4UW0VkXxHI0lW2Qwntn+ooRjFduSSbVuUAFT9a5+dgp+5o7zyze9y + =ufxs -----END PGP MESSAGE----- fp: DC6910268E657FF70BA7EC289974494E76938DDC encrypted_regex: ^(password|value|ssh-key|api-key|user|username|privateKey|clientSecret|clientId|apiKey|extraArgs.*|.*Secret.*|extraEnvVars|.*SECRET.*|.*secret.*|key|.*Password|.*\.ya?ml)$