alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions 1 Activity

stage for rebuilt

Browse Source
This commit is contained in:
Alex Lebens
2025-02-14 22:05:52 -06:00
parent 91c1b3931d
commit 8b4eee804f
329 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
clusters/cl01tl/services/blocky/Chart.yaml
View File

@@ -1,24 +0,0 @@
apiVersion: v2
name: blocky
version: 1.0.0
description: Blocky
keywords:
- blocky
- dns
home: https://wiki.alexlebens.dev/doc/blocky-ZDHt1ucetP
sources:
- https://github.com/0xERR0R/blocky
- https://hub.docker.com/r/spx01/blocky
- https://github.com/bjw-s/helm-charts/blob/main/charts/other/app-template/values.yaml
maintainers:
- name: alexlebens
dependencies:
- name: app-template
alias: blocky
repository: https://bjw-s.github.io/helm-charts/
version: 3.6.1
- name: valkey
version: 2.2.3
repository: https://charts.bitnami.com/bitnami
icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/blocky.png
appVersion: v0.24

21
clusters/cl01tl/services/blocky/templates/service-monitor.yaml
View File

@@ -1,21 +0,0 @@
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: blocky
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: blocky
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: metrics
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
selector:
matchLabels:
app.kubernetes.io/name: blocky
app.kubernetes.io/instance: {{ .Release.Name }}
endpoints:
- port: metrics
interval: 30s
scrapeTimeout: 10s
path: /metrics

220
clusters/cl01tl/services/blocky/values.yaml
View File

@@ -1,220 +0,0 @@
blocky:
controllers:
main:
type: deployment
replicas: 3
strategy: RollingUpdate
revisionHistoryLimit: 3
containers:
main:
image:
repository: spx01/blocky
tag: v0.25@sha256:347f8c6addc1775ef74b83dfc609c28436a67f812ef0ee7e2602569dc0e56cd1
pullPolicy: IfNotPresent
env:
- name: TZ
value: US/Central
resources:
requests:
cpu: 10m
memory: 128Mi
serviceAccount:
create: true
configMaps:
config:
enabled: true
data:
config.yml: |
upstreams:
init:
strategy: fast
groups:
default:
- tcp-tls:1.1.1.1:853
- tcp-tls:1.0.0.1:853
strategy: parallel_best
timeout: 2s
connectIPVersion: v4
customDNS:
filterUnmappedTypes: false
zone: |
$ORIGIN alexlebens.net.
$TTL 86400
;; Name Server
IN NS patryk.ns.cloudflare.com.
IN NS veda.ns.cloudflare.com.
IN NS dns1.
IN NS dns2.
IN NS dns3.
dns1 IN A 192.168.1.15
dns2 IN A 192.168.1.134
dns3 IN A 192.168.1.147
;; Computer Names
nw01un IN A 192.168.1.1
ps08rp IN A 192.168.1.134
ps09rp IN A 192.168.1.147
ps02sn IN A 192.168.1.55 ; Synology Web
ps02sn-bond IN A 192.168.1.194 ; Synology Bond for Storage
pd05wd IN A 192.168.1.115 ; Desktop
pl02mc IN A 192.168.1.116 ; Laptop
dv01hr IN A 192.168.1.213 ; HD Homerun
dv02kv IN A 192.168.1.57 ; Pi KVM
it01ag IN A 192.168.1.100 ; Airgradient
it02ph IN A 192.168.1.145 ; Phillips Hue
it03tb IN A 192.168.1.193 ; TubesZB ZigBee
it04tb IN A 192.168.1.135 ; TubesZB Z-Wave
;; Common Names
synology IN CNAME ps02sn
synologybond IN CNAME ps02sn-bond
unifi IN CNAME nw01un
airgradient IN CNAME it01ag
hdhr IN CNAME dv01hr
pikvm IN CNAME dv02kv
;; Service Names
cl01tl IN A 192.168.1.35
cl01tl IN A 192.168.1.36
cl01tl IN A 192.168.1.37
cl01tl-endpoint IN A 192.168.1.15
cl01tl-endpoint IN A 192.168.1.16
cl01tl-endpoint IN A 192.168.1.17
traefik-cl01tl IN A 192.168.1.16
blocky IN A 192.168.1.15
;; Application Names
argocd IN CNAME cl01tl-endpoint
authentik IN CNAME cl01tl-endpoint
gitea IN CNAME cl01tl-endpoint
vault IN CNAME cl01tl-endpoint
blocking:
denylists:
sus:
- https://v.firebog.net/hosts/static/w3kbl.txt
ads:
- https://v.firebog.net/hosts/AdguardDNS.txt
- https://v.firebog.net/hosts/Admiral.txt
- https://v.firebog.net/hosts/Easylist.txt
- https://adaway.org/hosts.txt
priv:
- https://v.firebog.net/hosts/Easyprivacy.txt
- https://v.firebog.net/hosts/Prigent-Ads.txt
mal:
- https://v.firebog.net/hosts/Prigent-Crypto.txt
- https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt
pro:
- https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/pro.plus.txt
clientGroupsBlock:
default:
- sus
- ads
- priv
- mal
- pro
blockType: zeroIp
blockTTL: 1m
loading:
refreshPeriod: 24h
downloads:
timeout: 60s
attempts: 5
cooldown: 10s
concurrency: 16
strategy: fast
maxErrorsPerSource: 5
caching:
minTime: 5m
maxTime: 30m
maxItemsCount: 0
prefetching: true
prefetchExpires: 2h
prefetchThreshold: 5
prefetchMaxItemsCount: 0
cacheTimeNegative: 30m
redis:
address: blocky-valkey-headless.blocky:6379
required: true
prometheus:
enable: true
path: /metrics
queryLog:
type: console
logRetentionDays: 7
creationAttempts: 1
creationCooldown: 2s
flushInterval: 30s
minTlsServeVersion: 1.3
ports:
dns: 53
http: 4000
log:
level: info
format: text
timestamp: true
privacy: false
service:
dns-external:
controller: main
type: LoadBalancer
annotations:
tailscale.com/expose: "true"
ports:
tcp:
port: 53
targetPort: 53
protocol: TCP
udp:
port: 53
targetPort: 53
protocol: UDP
metrics:
controller: main
ports:
metrics:
port: 4000
targetPort: 4000
protocol: TCP
persistence:
config:
enabled: true
type: configMap
name: blocky-config
advancedMounts:
main:
main:
- path: /app/config.yml
readOnly: true
mountPropagation: None
subPath: config.yml
valkey:
architecture: standalone
auth:
enabled: false
primary:
persistence:
enabled: false
replica:
persistence:
enabled: false