alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 5 Actions Packages Projects Releases Wiki Activity
Files
7841251b901b7cd4600d9f6875c3d03c339cb424
infrastructure/clusters/cl01tl/services/blocky/values.yaml
Alex Lebens 48672c3bf1 remove SOA records
2025-01-11 17:31:33 -06:00

219 lines
7.1 KiB
YAML
Raw Blame History

blocky:
controllers:
main:
type: deployment
replicas: 3
strategy: RollingUpdate
revisionHistoryLimit: 3
containers:
main:
image:
repository: spx01/blocky
tag: v0.24@sha256:9a82e0235c52ef3048586f8006add06e52132adaae70d02f980569dae16421a2
pullPolicy: IfNotPresent
env:
- name: TZ
value: US/Central
resources:
requests:
cpu: 10m
memory: 128Mi
serviceAccount:
create: true
configMaps:
config:
enabled: true
data:
config.yml: |
upstreams:
init:
strategy: fast
groups:
default:
- tcp-tls:1.1.1.1:853
- tcp-tls:1.0.0.1:853
strategy: parallel_best
timeout: 2s
connectIPVersion: v4
customDNS:
filterUnmappedTypes: false
zone: |
$ORIGIN alexlebens.net.
$TTL 86400
;; Name Server
IN NS patryk.ns.cloudflare.com.
IN NS veda.ns.cloudflare.com.
IN NS dns1.
IN NS dns2.
IN NS dns3.
dns1 IN A 192.168.1.15
dns2 IN A 192.168.1.134
dns3 IN A 192.168.1.147
;; Computer Names
nw01un IN A 192.168.1.1
ps08rp IN A 192.168.1.134
ps09rp IN A 192.168.1.147
ps02sn IN A 192.168.1.55 ; Synology Web
ps02sn-bond IN A 192.168.1.194 ; Synology Bond for Storage
pd05wd IN A 192.168.1.115 ; Desktop
pl02mc IN A 192.168.1.116 ; Laptop
dv01hr IN A 192.168.1.213 ; HD Homerun
dv02kv IN A 192.168.1.57 ; Pi KVM
it01ag IN A 192.168.1.100 ; Airgradient
it02ph IN A 192.168.1.145 ; Phillips Hue
it03tb IN A 192.168.1.193 ; TubesZB ZigBee
it04tb IN A 192.168.1.135 ; TubesZB Z-Wave
;; Common Names
synology IN CNAME ps02sn
synologybond IN CNAME ps02sn-bond
unifi IN CNAME nw01un
airgradient IN CNAME it01ag
hdhr IN CNAME dv01hr
pikvm IN CNAME dv02kv
;; Service Names
cl01tl IN A 192.168.1.35
cl01tl IN A 192.168.1.36
cl01tl IN A 192.168.1.37
cl01tl-endpoint IN A 192.168.1.15
cl01tl-endpoint IN A 192.168.1.16
cl01tl-endpoint IN A 192.168.1.17
traefik-cl01tl IN A 192.168.1.16
blocky IN A 192.168.1.15
;; Application Names
argocd IN CNAME cl01tl-endpoint
authentik IN CNAME cl01tl-endpoint
gitea IN CNAME cl01tl-endpoint
vault IN CNAME cl01tl-endpoint
blocking:
denylists:
sus:
- https://v.firebog.net/hosts/static/w3kbl.txt
ads:
- https://v.firebog.net/hosts/AdguardDNS.txt
- https://v.firebog.net/hosts/Admiral.txt
- https://v.firebog.net/hosts/Easylist.txt
- https://adaway.org/hosts.txt
priv:
- https://v.firebog.net/hosts/Easyprivacy.txt
- https://v.firebog.net/hosts/Prigent-Ads.txt
mal:
- https://v.firebog.net/hosts/Prigent-Crypto.txt
- https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt
pro:
- https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/pro.plus.txt
allowlists:
radarr:
- |
*.video
clientGroupsBlock:
default:
- sus
- ads
- priv
- mal
- pro
blockType: zeroIp
blockTTL: 1m
loading:
refreshPeriod: 24h
downloads:
timeout: 60s
attempts: 5
cooldown: 10s
concurrency: 16
strategy: fast
maxErrorsPerSource: 5
caching:
minTime: 5m
maxTime: 30m
maxItemsCount: 0
prefetching: true
prefetchExpires: 2h
prefetchThreshold: 5
prefetchMaxItemsCount: 0
cacheTimeNegative: 30m
redis:
address: blocky-valkey-headless.blocky:6379
required: true
prometheus:
enable: true
path: /metrics
queryLog:
type: console
logRetentionDays: 7
creationAttempts: 1
creationCooldown: 2s
flushInterval: 30s
minTlsServeVersion: 1.3
ports:
dns: 53
http: 4000
log:
level: info
format: text
timestamp: true
privacy: false
service:
dns-external:
controller: main
type: LoadBalancer
annotations:
tailscale.com/expose: "true"
ports:
tcp:
port: 53
targetPort: 53
protocol: TCP
udp:
port: 53
targetPort: 53
protocol: UDP
metrics:
controller: main
ports:
metrics:
port: 4000
targetPort: 4000
protocol: TCP
persistence:
config:
enabled: true
type: configMap
name: blocky-config
advancedMounts:
main:
main:
- path: /app/config.yml
readOnly: true
mountPropagation: None
subPath: config.yml
valkey:
architecture: standalone
auth:
enabled: false
Reference in New Issue View Git Blame Copy Permalink