diff options
| author | tdback <tyler@tdback.net> | 2024-12-21 15:32:13 -0500 |
|---|---|---|
| committer | tdback <tyler@tdback.net> | 2024-12-21 15:32:13 -0500 |
| commit | 0a5754541bb01e96021ca7ee74f1256a8ee68bc4 (patch) | |
| tree | 2d0b8089e98239963a1e240cff676b1515fc8431 /modules/services/blocky | |
initial commit to self-hosted git
Diffstat (limited to 'modules/services/blocky')
| -rw-r--r-- | modules/services/blocky/default.nix | 93 |
1 files changed, 93 insertions, 0 deletions
diff --git a/modules/services/blocky/default.nix b/modules/services/blocky/default.nix new file mode 100644 index 0000000..ca58f4f --- /dev/null +++ b/modules/services/blocky/default.nix @@ -0,0 +1,93 @@ +{ pkgs, ... }: +{ + services.blocky = { + enable = true; + package = pkgs.blocky; + settings = { + upstreams = { + init.strategy = "fast"; + groups.default = [ + "9.9.9.9" + "149.112.112.112" + ]; + }; + bootstrapDns = [{ + upstream = "https://dns.quad9.net/dns-query"; + ips = [ "9.9.9.9" ]; + }]; + ports = { + dns = 53; + tls = 853; + https = 443; + }; + blocking = { + denylists = { + ads = [ + "https://adaway.org/hosts.txt" + "https://v.firebog.net/hosts/AdguardDNS.txt" + "https://v.firebog.net/hosts/Admiral.txt" + "https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt" + "https://v.firebog.net/hosts/Easylist.txt" + "https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&showintro=0&mimetype=plaintext" + "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/UncheckyAds/hosts" + "https://raw.githubusercontent.com/bigdargon/hostsVN/master/hosts" + ]; + malicious = [ + "https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt" + "https://v.firebog.net/hosts/Prigent-Crypto.txt" + "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Risk/hosts" + "https://phishing.army/download/phishing_army_blocklist_extended.txt" + "https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt" + "https://raw.githubusercontent.com/Spam404/lists/master/main-blacklist.txt" + "https://raw.githubusercontent.com/AssoEchap/stalkerware-indicators/master/generated/hosts" + "https://urlhaus.abuse.ch/downloads/hostfile/" + "https://v.firebog.net/hosts/Prigent-Malware.txt" + ]; + other = [ + "https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser" + ]; + suspicious = [ + "https://raw.githubusercontent.com/PolishFiltersTeam/KADhosts/master/KADhosts.txt" + "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Spam/hosts" + "https://v.firebog.net/hosts/static/w3kbl.txt" + "https://raw.githubusercontent.com/matomo-org/referrer-spam-blacklist/master/spammers.txt" + "https://someonewhocares.org/hosts/zero/hosts" + "https://raw.githubusercontent.com/VeleSila/yhosts/master/hosts" + "https://winhelp2002.mvps.org/hosts.txt" + "https://v.firebog.net/hosts/neohostsbasic.txt" + "https://raw.githubusercontent.com/RooneyMcNibNug/pihole-stuff/master/SNAFU.txt" + "https://paulgb.github.io/BarbBlock/blacklists/hosts-file.txt" + ]; + tracking-telemetry = [ + "https://v.firebog.net/hosts/Easyprivacy.txt" + "https://v.firebog.net/hosts/Prigent-Ads.txt" + "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.2o7Net/hosts" + "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt" + "https://hostfiles.frogeye.fr/firstparty-trackers-hosts.txt" + "https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt" + "https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/android-tracking.txt" + "https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV.txt" + "https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/AmazonFireTV.txt" + "https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt" + ]; + }; + clientGroupsBlock.default = [ + "ads" + "malicious" + "other" + "suspicious" + "tracking-telemetry" + ]; + loading = { + concurrency = 16; + strategy = "failOnError"; + }; + }; + }; + }; + + networking.firewall = { + allowedTCPPorts = [ 53 443 853 ]; + allowedUDPPorts = [ 53 ]; + }; +} |