From ead6dc022c9a74d9e88378c44267d80bde5ebac4 Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Mon, 11 Dec 2023 11:04:06 +0100 Subject: [PATCH] fix deployment --- apps/adguard/configmap.yaml | 186 +++++++++++++++++++++++++---------- apps/adguard/deployment.yaml | 4 - 2 files changed, 132 insertions(+), 58 deletions(-) diff --git a/apps/adguard/configmap.yaml b/apps/adguard/configmap.yaml index 7dfb06a..b9bd3f6 100644 --- a/apps/adguard/configmap.yaml +++ b/apps/adguard/configmap.yaml @@ -4,84 +4,161 @@ metadata: name: adguard-home-config data: AdGuardHome.yaml: |- - bind_host: 0.0.0.0 - bind_port: 3000 - beta_bind_port: 0 + http: + pprof: + port: 6060 + enabled: false + address: 0.0.0.0:3000 + session_ttl: 720h + users: [] + auth_attempts: 5 + block_auth_min: 15 http_proxy: "" language: "" - debug_pprof: false - web_session_ttl: 720 + theme: auto dns: bind_hosts: - - 0.0.0.0 + - 0.0.0.0 port: 53 - statistics_interval: 1 - querylog_enabled: true - querylog_file_enabled: true - querylog_interval: 2160h - querylog_size_memory: 1000 anonymize_client_ip: false - protection_enabled: true - blocking_mode: default - blocking_ipv4: "" - blocking_ipv6: "" - blocked_response_ttl: 10 - parental_block_host: family-block.dns.adguard.com - safebrowsing_block_host: standard-block.dns.adguard.com ratelimit: 20 + ratelimit_subnet_len_ipv4: 24 + ratelimit_subnet_len_ipv6: 56 ratelimit_whitelist: [] refuse_any: true upstream_dns: - - https://dns10.quad9.net/dns-query + - https://dns10.quad9.net/dns-query upstream_dns_file: "" bootstrap_dns: - - 9.9.9.10 - - 149.112.112.10 - - 2620:fe::10 - - 2620:fe::fe:10 + - 9.9.9.10 + - 149.112.112.10 + - 2620:fe::10 + - 2620:fe::fe:10 + fallback_dns: [] all_servers: false fastest_addr: false fastest_timeout: 1s allowed_clients: [] disallowed_clients: [] blocked_hosts: - - version.bind - - id.server - - hostname.bind + - version.bind + - id.server + - hostname.bind trusted_proxies: - - 127.0.0.0/8 - - ::1/128 + - 127.0.0.0/8 + - ::1/128 cache_size: 4194304 cache_ttl_min: 0 cache_ttl_max: 0 cache_optimistic: false - filtering_enabled: true - filters_update_interval: 24 - parental_enabled: false - safesearch_enabled: false - safebrowsing_enabled: false + bogus_nxdomain: [] + aaaa_disabled: false + enable_dnssec: false + edns_client_subnet: + custom_ip: "" + enabled: false + use_custom: false + max_goroutines: 300 + handle_ddr: true + ipset: [] + ipset_file: "" + bootstrap_prefer_ipv6: false + upstream_timeout: 10s + private_networks: [] use_private_ptr_resolvers: true local_ptr_upstreams: - - 192.168.1.1 + - 192.168.1.1 + use_dns64: false + dns64_prefixes: [] + serve_http3: false + use_http3_upstreams: false tls: enabled: false + server_name: "" + force_https: false + port_https: 443 + port_dns_over_tls: 853 + port_dns_over_quic: 853 + port_dnscrypt: 0 + dnscrypt_config_file: "" + allow_unencrypted_doh: false + certificate_chain: "" + private_key: "" + certificate_path: "" + private_key_path: "" + strict_sni_check: false + querylog: + ignored: [] + interval: 2160h + size_memory: 1000 + enabled: true + file_enabled: true + statistics: + ignored: [] + interval: 24h + enabled: true filters: - - enabled: true - url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt - name: AdGuard DNS filter - id: 1 - - enabled: true - url: https://adaway.org/hosts.txt - name: AdAway Default Blocklist - id: 2 - - enabled: true - url: https://someonewhocares.org/hosts/zero/hosts - name: Dan Pollock's List - id: 1684963532 + - enabled: true + url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt + name: AdGuard DNS filter + id: 1 + - enabled: true + url: https://adaway.org/hosts.txt + name: AdAway Default Blocklist + id: 2 + - enabled: true + url: https://someonewhocares.org/hosts/zero/hosts + name: Dan Pollock's List + id: 1684963532 whitelist_filters: [] user_rules: [] dhcp: enabled: false + interface_name: "" + local_domain_name: lan + dhcpv4: + gateway_ip: "" + subnet_mask: "" + range_start: "" + range_end: "" + lease_duration: 86400 + icmp_timeout_msec: 1000 + options: [] + dhcpv6: + range_start: "" + lease_duration: 86400 + ra_slaac_only: false + ra_allow_slaac: false + filtering: + blocking_ipv4: "" + blocking_ipv6: "" + blocked_services: + schedule: + time_zone: UTC + ids: [] + protection_disabled_until: null + safe_search: + enabled: false + bing: true + duckduckgo: true + google: true + pixabay: true + yandex: true + youtube: true + blocking_mode: default + parental_block_host: family-block.dns.adguard.com + safebrowsing_block_host: standard-block.dns.adguard.com + rewrites: [] + safebrowsing_cache_size: 1048576 + safesearch_cache_size: 1048576 + parental_cache_size: 1048576 + cache_time: 30 + filters_update_interval: 24 + blocked_response_ttl: 10 + filtering_enabled: true + parental_enabled: false + safebrowsing_enabled: false + protection_enabled: true clients: runtime_sources: whois: true @@ -90,15 +167,16 @@ data: dhcp: true hosts: true persistent: [] - log_compress: false - log_localtime: false - log_max_backups: 0 - log_max_size: 100 - log_max_age: 3 - log_file: "" - verbose: false + log: + file: "" + max_backups: 0 + max_size: 100 + max_age: 3 + compress: false + local_time: false + verbose: false os: group: "" user: "" rlimit_nofile: 0 - schema_version: 14 + schema_version: 27 diff --git a/apps/adguard/deployment.yaml b/apps/adguard/deployment.yaml index dd5a50d..984d0cf 100644 --- a/apps/adguard/deployment.yaml +++ b/apps/adguard/deployment.yaml @@ -65,8 +65,6 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /opt/adguardhome/conf/ - name: adguard-home-config-dir - mountPath: /opt/adguardhome/conf/AdGuardHome.yaml name: adguard-home-config subPath: AdGuardHome.yaml @@ -84,5 +82,3 @@ spec: name: adguard-home-config - emptyDir: {} name: adguard-home-work - - emptyDir: {} - name: adguard-home-config-dir