From 690cc24b43310ba85bd840cc5c1c9bff71a911cd Mon Sep 17 00:00:00 2001
From: alexlebens <alexanderlebens@gmail.com>
Date: Thu, 22 Aug 2024 22:22:39 -0500
Subject: [PATCH] add blocky

---
 .../kube-prometheus-stack/values.yaml         |   1 +
 clusters/cl01tl/services/blocky/Chart.yaml    |  21 +++
 clusters/cl01tl/services/blocky/values.yaml   | 137 ++++++++++++++++++
 3 files changed, 159 insertions(+)
 create mode 100644 clusters/cl01tl/services/blocky/Chart.yaml
 create mode 100644 clusters/cl01tl/services/blocky/values.yaml

diff --git a/clusters/cl01tl/monitoring/kube-prometheus-stack/values.yaml b/clusters/cl01tl/monitoring/kube-prometheus-stack/values.yaml
index 2a69840aa..9b7ff24d2 100644
--- a/clusters/cl01tl/monitoring/kube-prometheus-stack/values.yaml
+++ b/clusters/cl01tl/monitoring/kube-prometheus-stack/values.yaml
@@ -83,6 +83,7 @@ kube-prometheus-stack:
         - argo-workflows
         - argocd
         - authentik
+        - blocky
         - cert-manager
         - cloudnative-pg
         - descheduler
diff --git a/clusters/cl01tl/services/blocky/Chart.yaml b/clusters/cl01tl/services/blocky/Chart.yaml
new file mode 100644
index 000000000..6a2fb51e2
--- /dev/null
+++ b/clusters/cl01tl/services/blocky/Chart.yaml
@@ -0,0 +1,21 @@
+apiVersion: v2
+name: blocky
+version: 1.0.0
+description: Blocky
+keywords:
+  - blocky
+  - dns
+home: https://wiki.alexlebens.dev/doc/blocky-ZDHt1ucetP
+sources:
+  - https://github.com/0xERR0R/blocky
+  - https://hub.docker.com/r/spx01/blocky
+  - https://github.com/bjw-s/helm-charts/blob/main/charts/other/app-template/values.yaml
+maintainers:
+  - name: alexlebens
+dependencies:
+  - name: app-template
+    alias: blocky
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 3.3.2
+icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/blocky.png
+appVersion: v0.24
diff --git a/clusters/cl01tl/services/blocky/values.yaml b/clusters/cl01tl/services/blocky/values.yaml
new file mode 100644
index 000000000..0b9408183
--- /dev/null
+++ b/clusters/cl01tl/services/blocky/values.yaml
@@ -0,0 +1,137 @@
+blocky:
+  controllers:
+    main:
+      type: deployment
+      replicas: 1
+      strategy: Recreate
+      revisionHistoryLimit: 3
+      containers:
+        main:
+          image:
+            repository: spx01/blocky
+            tag: v0.24@sha256:9a82e0235c52ef3048586f8006add06e52132adaae70d02f980569dae16421a2
+            pullPolicy: IfNotPresent
+          env:
+            - name: TZ
+              value: US/Central
+          resources:
+            requests:
+              cpu: 100m
+              memory: 128Mi
+  serviceAccount:
+    create: true
+  configMaps:
+    config:
+      enabled: true
+      data:
+        config.yml: |
+          upstreams:
+            init:
+              strategy: fast
+            groups:
+              default:
+                - tcp-tls:1.1.1.1:853
+                - tcp-tls:1.0.0.1:853
+            strategy: parallel_best
+            timeout: 2s
+
+          connectIPVersion: v4
+
+          blocking:
+            denylists:
+              sus:
+                - https://v.firebog.net/hosts/static/w3kbl.txt
+              ads:
+                - https://v.firebog.net/hosts/AdguardDNS.txt
+                - https://v.firebog.net/hosts/Admiral.txt
+                - https://v.firebog.net/hosts/Easylist.txt
+              priv:
+                - https://v.firebog.net/hosts/Easyprivacy.txt
+                - https://v.firebog.net/hosts/Prigent-Ads.txt
+              mal:
+                - https://v.firebog.net/hosts/Prigent-Crypto.txt
+                - https://v.firebog.net/hosts/RPiList-Malware.txt
+                - https://v.firebog.net/hosts/RPiList-Phishing.txt
+            clientGroupsBlock:
+              default:
+                - sus
+                - ads
+                - priv
+                - mal
+            blockType: zeroIp
+            blockTTL: 1m
+            loading:
+              refreshPeriod: 24h
+              downloads:
+                timeout: 60s
+                attempts: 5
+                cooldown: 10s
+              concurrency: 16
+              strategy: fast
+              maxErrorsPerSource: 5
+
+          caching:
+            minTime: 5m
+            maxTime: 30m
+            maxItemsCount: 0
+            prefetching: true
+            prefetchExpires: 2h
+            prefetchThreshold: 5
+            prefetchMaxItemsCount: 0
+            cacheTimeNegative: 30m
+
+          prometheus:
+            enable: true
+            path: /metrics
+
+          queryLog:
+            type: console
+            logRetentionDays: 7
+            creationAttempts: 1
+            creationCooldown: 2s
+            flushInterval: 30s
+
+          minTlsServeVersion: 1.3
+
+          ports:
+            dns: 53
+            http: 4000
+
+          log:
+            level: info
+            format: text
+            timestamp: true
+            privacy: false
+  service:
+    main:
+      controller: main
+      annotations:
+        tailscale.com/expose: "true"
+      ports:
+        tcp:
+          port: 53
+          targetPort: 53
+          protocol: TCP
+        tcp:
+          port: 53
+          targetPort: 53
+          protocol: UDP
+    metrics:
+      controller: main
+      ports:
+        metrics:
+          port: 4000
+          targetPort: 4000
+          protocol: TCP
+  persistence:
+    config:
+      enabled: true
+      type: configMap
+      name: blocky-config
+      advancedMounts:
+        main:
+          main:
+            - path: /app/config.yml
+              readOnly: true
+              mountPropagation: None
+              subPath: config.yml