157 lines
		
	
	
		
			4.8 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			157 lines
		
	
	
		
			4.8 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
| upstreams:
 | |
|   init:
 | |
|     strategy: fast
 | |
|   groups:
 | |
|     default:
 | |
|       - tcp-tls:1.1.1.1:853
 | |
|       - tcp-tls:1.0.0.1:853
 | |
|   strategy: parallel_best
 | |
|   timeout: 2s
 | |
| 
 | |
| connectIPVersion: v4
 | |
| 
 | |
| customDNS:
 | |
|   filterUnmappedTypes: false
 | |
|   zone: |
 | |
|     $ORIGIN alexlebens.net.
 | |
|     $TTL 86400
 | |
| 
 | |
|     ;; Name Server
 | |
|                                     IN      NS      patryk.ns.cloudflare.com.
 | |
|                                     IN      NS      veda.ns.cloudflare.com.
 | |
|                                     IN      NS      dns1.
 | |
|                                     IN      NS      dns2.
 | |
|                                     IN      NS      dns3.
 | |
| 
 | |
|     dns1                            IN      A       10.232.1.22
 | |
|     dns2                            IN      A       10.232.1.51
 | |
|     dns3                            IN      A       10.232.1.52
 | |
| 
 | |
| 
 | |
|     ;; Computer Names
 | |
|     nw01un                          IN      A       192.168.1.1   ; Unifi Gateway
 | |
| 
 | |
|     ps08rp                          IN      A       10.232.1.51   ; DNS
 | |
|     ps09rp                          IN      A       10.232.1.52   ; DNS
 | |
|     ps02sn                          IN      A       10.232.1.61   ; Synology Web
 | |
|     ps02sn-bond                     IN      A       10.232.1.64   ; Synology Bond for Storage
 | |
| 
 | |
|     pd05wd                          IN      A       10.230.0.115  ; Desktop
 | |
|     pl02mc                          IN      A       10.230.0.105  ; Laptop
 | |
| 
 | |
|     dv01hr                          IN      A       10.232.1.72   ; HD Homerun
 | |
|     dv02kv                          IN      A       10.232.1.71   ; Pi KVM
 | |
| 
 | |
|     it01ag                          IN      A       10.232.1.83   ; Airgradient
 | |
|     it02ph                          IN      A       10.232.1.85   ; Phillips Hue
 | |
|     it03tb                          IN      A       10.232.1.81   ; TubesZB ZigBee
 | |
|     it04tb                          IN      A       10.232.1.82   ; TubesZB Z-Wave
 | |
| 
 | |
|     ;; Common Names
 | |
|     synology                        IN      CNAME   ps02sn
 | |
|     synologybond                    IN      CNAME   ps02sn-bond
 | |
|     unifi                           IN      CNAME   nw01un
 | |
|     airgradient                     IN      CNAME   it01ag
 | |
|     hdhr                            IN      CNAME   dv01hr
 | |
|     pikvm                           IN      CNAME   dv02kv
 | |
| 
 | |
| 
 | |
|     ;; Service Names
 | |
|     cl01tl                          IN      A       10.232.1.11
 | |
|     cl01tl                          IN      A       10.232.1.12
 | |
|     cl01tl                          IN      A       10.232.1.13
 | |
| 
 | |
|     cl01tl-api                      IN      A       10.232.1.11
 | |
|     cl01tl-api                      IN      A       10.232.1.12
 | |
|     cl01tl-api                      IN      A       10.232.1.13
 | |
| 
 | |
|     cl01tl-endpoint                 IN      A       10.232.1.21
 | |
|     cl01tl-endpoint                 IN      A       10.232.1.22
 | |
|     cl01tl-endpoint                 IN      A       10.232.1.23
 | |
| 
 | |
|     traefik-cl01tl                  IN      A       10.232.1.21
 | |
|     blocky                          IN      A       10.232.1.22
 | |
|     plex                            IN      A       10.232.1.23
 | |
| 
 | |
| 
 | |
|     ;; Application Names
 | |
|     argocd                          IN      CNAME   cl01tl-endpoint
 | |
|     authentik                       IN      CNAME   cl01tl-endpoint
 | |
|     gitea                           IN      CNAME   cl01tl-endpoint
 | |
|     harbor                          IN      CNAME   cl01tl-endpoint
 | |
|     vault                           IN      CNAME   cl01tl-endpoint
 | |
| 
 | |
| blocking:
 | |
|   denylists:
 | |
|     sus:
 | |
|       - https://v.firebog.net/hosts/static/w3kbl.txt
 | |
|     ads:
 | |
|       - https://v.firebog.net/hosts/AdguardDNS.txt
 | |
|       - https://v.firebog.net/hosts/Admiral.txt
 | |
|       - https://v.firebog.net/hosts/Easylist.txt
 | |
|       - https://adaway.org/hosts.txt
 | |
|     priv:
 | |
|       - https://v.firebog.net/hosts/Easyprivacy.txt
 | |
|       - https://v.firebog.net/hosts/Prigent-Ads.txt
 | |
|     mal:
 | |
|       - https://v.firebog.net/hosts/Prigent-Crypto.txt
 | |
|       - https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt
 | |
|     pro:
 | |
|       - https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/pro.plus.txt
 | |
|   allowlists:
 | |
|     radarr:
 | |
|       - |
 | |
|         *.video
 | |
|   clientGroupsBlock:
 | |
|     default:
 | |
|       - sus
 | |
|       - ads
 | |
|       - priv
 | |
|       - mal
 | |
|       - pro
 | |
|       - radarr
 | |
|   blockType: zeroIp
 | |
|   blockTTL: 1m
 | |
|   loading:
 | |
|     refreshPeriod: 24h
 | |
|     downloads:
 | |
|       timeout: 60s
 | |
|       attempts: 5
 | |
|       cooldown: 10s
 | |
|     concurrency: 16
 | |
|     strategy: fast
 | |
|     maxErrorsPerSource: 5
 | |
| 
 | |
| caching:
 | |
|   minTime: 5m
 | |
|   maxTime: 30m
 | |
|   maxItemsCount: 0
 | |
|   prefetching: true
 | |
|   prefetchExpires: 2h
 | |
|   prefetchThreshold: 5
 | |
|   prefetchMaxItemsCount: 0
 | |
|   cacheTimeNegative: 30m
 | |
| 
 | |
| prometheus:
 | |
|   enable: true
 | |
|   path: /metrics
 | |
| 
 | |
| queryLog:
 | |
|   type: console
 | |
|   logRetentionDays: 7
 | |
|   creationAttempts: 1
 | |
|   creationCooldown: 2s
 | |
|   flushInterval: 30s
 | |
| 
 | |
| minTlsServeVersion: 1.3
 | |
| 
 | |
| ports:
 | |
|   dns: 53
 | |
|   http: 4000
 | |
| 
 | |
| log:
 | |
|   level: info
 | |
|   format: text
 | |
|   timestamp: true
 | |
|   privacy: false
 |