remoll/k3s-infra
0
0
Fork 0
Code Issues 1 Pull Requests 6 Packages Projects Releases Wiki Activity
k3s-infra/apps/adguard/values.yaml
Remy Moll 41f0153fd0 initial migration
2023-10-05 14:34:37 +02:00

366 lines
12 KiB
YAML
Raw Blame History

#
# IMPORTANT NOTE
#
# This chart inherits from our common library chart. You can check the default values/options here:
# https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml
#
controller:
# -- Number of pods to load balance between
replicas: 1
initContainers:
# -- Configures an initContainer that copies the configmap to the AdGuardHome conf directory
# It does NOT overwrite when the file already exists.
# @default -- See values.yaml
copy-configmap:
image: busybox
imagePullPolicy: IfNotPresent
command:
- "sh"
- "-c"
- |
if [ ! -f /opt/adguardhome/conf/AdGuardHome.yaml ]; then
mkdir -p /opt/adguardhome/conf
cp /tmp/AdGuardHome.yaml /opt/adguardhome/conf/AdGuardHome.yaml
fi
volumeMounts:
- name: adguard-home-config
mountPath: /tmp/AdGuardHome.yaml
subPath: AdGuardHome.yaml
- name: config
mountPath: /opt/adguardhome/conf
securityContext:
runAsUser: 0
image:
# -- image repository
repository: adguard/adguardhome
# @default -- chart.appVersion
tag:
# -- image pull policy
pullPolicy: IfNotPresent
# -- environment variables.
# @default -- See below
env:
# -- Set the container timezone
TZ: Europe/Berlin
# -- arguments passed to the adguard-home command line.
args:
- "--config"
- "/opt/adguardhome/conf/AdGuardHome.yaml"
- "--work-dir"
- "/opt/adguardhome/work"
- "--no-check-update"
# -- Configures service settings for the chart.
# @default -- See values.yaml
service:
main:
primary: true
ports:
http:
port: 3000
dns-tcp:
enabled: true
type: LoadBalancer
loadBalancerIP: 192.168.3.2
annotations:
metallb.universe.tf/allow-shared-ip: adguard-svc
ports:
dns-tcp:
enabled: true
port: 53
protocol: TCP
targetPort: 53
dns-udp:
enabled: true
type: LoadBalancer
loadBalancerIP: 192.168.3.2
annotations:
metallb.universe.tf/allow-shared-ip: adguard-svc
ports:
dns-udp:
enabled: true
port: 53
protocol: UDP
targetPort: 53
dns-tls-udp:
enabled: true
type: LoadBalancer
loadBalancerIP: 192.168.3.5
annotations:
metallb.universe.tf/allow-shared-ip: adguard-svc
ports:
dns-tls-udp:
enabled: true
port: 853
protocol: UDP
targetPort: 853
dns-tls-tcp:
enabled: true
type: LoadBalancer
loadBalancerIP: 192.168.3.5
annotations:
metallb.universe.tf/allow-shared-ip: adguard-svc
ports:
dns-tls-tcp:
enabled: true
port: 853
protocol: TCP
targetPort: 853
# -- Configure persistence settings for the chart under this key.
# @default -- See values.yaml
persistence:
config:
enabled: true
mountPath: /opt/adguardhome/conf
data:
enabled: false
mountPath: /opt/adguardhome/work
# config -- AdGuard Home cojnfiguration. For a full list of options see https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration.
# @default -- See values.yaml
config: |
bind_host: 0.0.0.0
bind_port: 3000
beta_bind_port: 0
users: []
auth_attempts: 5
block_auth_min: 15
http_proxy: ""
language: ""
debug_pprof: false
web_session_ttl: 720
dns:
bind_hosts:
- 0.0.0.0
port: 53
statistics_interval: 1
querylog_enabled: true
querylog_file_enabled: true
querylog_interval: 2160h
querylog_size_memory: 1000
anonymize_client_ip: false
protection_enabled: true
blocking_mode: default
blocking_ipv4: ""
blocking_ipv6: ""
blocked_response_ttl: 10
parental_block_host: family-block.dns.adguard.com
safebrowsing_block_host: standard-block.dns.adguard.com
ratelimit: 20
ratelimit_whitelist: []
refuse_any: true
upstream_dns:
- https://dns10.quad9.net/dns-query
upstream_dns_file: ""
bootstrap_dns:
- 9.9.9.10
- 149.112.112.10
- 2620:fe::10
- 2620:fe::fe:10
all_servers: false
fastest_addr: false
fastest_timeout: 1s
allowed_clients: []
disallowed_clients: []
blocked_hosts:
- version.bind
- id.server
- hostname.bind
trusted_proxies:
- 127.0.0.0/8
- ::1/128
cache_size: 4194304
cache_ttl_min: 0
cache_ttl_max: 0
cache_optimistic: false
bogus_nxdomain: []
aaaa_disabled: false
enable_dnssec: false
edns_client_subnet: false
max_goroutines: 300
ipset: []
filtering_enabled: true
filters_update_interval: 24
parental_enabled: false
safesearch_enabled: false
safebrowsing_enabled: false
safebrowsing_cache_size: 1048576
safesearch_cache_size: 1048576
parental_cache_size: 1048576
cache_time: 30
rewrites: []
blocked_services: []
upstream_timeout: 10s
private_networks: []
use_private_ptr_resolvers: true
local_ptr_upstreams:
- 192.168.1.1
tls:
enabled: true
server_name: "dns.moll.re"
force_https: false
port_https: 443
port_dns_over_tls: 853
port_dns_over_quic: 853
port_dnscrypt: 0
dnscrypt_config_file: ""
allow_unencrypted_doh: false
strict_sni_check: false
certificate_chain: |-
-----BEGIN CERTIFICATE-----
MIIFyzCCA7OgAwIBAgIUEvyI5bCa56vvyQgTbLyR7+c7vQMwDQYJKoZIhvcNAQEL
BQAwdTELMAkGA1UEBhMCREUxCzAJBgNVBAgMAkJXMREwDwYDVQQHDAhGcmVpYnVy
ZzENMAsGA1UECgwEUmVteTEKMAgGA1UECwwBTTEQMA4GA1UEAwwHbW9sbC5yZTEZ
MBcGCSqGSIb3DQEJARYKbWVAbW9sbC5yZTAeFw0yMzA3MTUxNzQ0MTVaFw0yNDA3
MTQxNzQ0MTVaMHUxCzAJBgNVBAYTAkRFMQswCQYDVQQIDAJCVzERMA8GA1UEBwwI
RnJlaWJ1cmcxDTALBgNVBAoMBFJlbXkxCjAIBgNVBAsMAU0xEDAOBgNVBAMMB21v
bGwucmUxGTAXBgkqhkiG9w0BCQEWCm1lQG1vbGwucmUwggIiMA0GCSqGSIb3DQEB
AQUAA4ICDwAwggIKAoICAQDpS0Xtii0VITKFr9XFLcWchI6//I7iMeKkYi7uEq60
1YZQ8/Zppg1M15BhD8ZEQ0JZ42ufi0p4B0LYMGHYF+2kKsbFxcEPQTUeXCLcjYVA
ueZ+GTh+FrUrSQvHSevUbVXytAwiqAN/eAvXBMdOKisPUM9Cmk/KHA+W+anw4Uxq
ZvHq5GG9Z0IksTHI2oEMp/8cZ8lRXzHmOUYQGveBX6PBPvcttP8GwCU6vsPVSphZ
7XF2LPqeMnBGgmOz51QTRpS7NBHMsSDR20VgSTjI+F8nJnQsGO5Iq9IpQzlDlAsL
jgPOT3W/pdeZD1mX/c9EpYEKf/0ubEBiWc+kJqkrdmsUX6cZ06qEUa08yCMSzkao
mHrMzw22kjICG9h+0sZvTetPvpYZsBqQRejDS/cu+buAaDNchGNhl1YPp8iAlKUT
YB4gbcNqceCGUmbQX06B/OwJiYIoN5ghh2wmqNrFXYltfALBVhWFtU2DTAS9k399
W2hd4u77uJngK0WLoKQuV/wi81dbk0kAI7eRUI1H/Y4hC1MCI5M6zewrJ7QgOYBi
qkYydYQGFu1ToDt6maDVBX05PcoBPwbUfrmZBjR5kzBawvH6reDuANkEXfJ0+2hA
JBAxXPKyQVc9Y87nDATvkl7qWOKjfJairKAd03lvJlesr6+7GwMMnE/6h91QF4Vq
OQIDAQABo1MwUTAdBgNVHQ4EFgQUunr29QozKy+AlTrq+PAoSjPFOQIwHwYDVR0j
BBgwFoAUunr29QozKy+AlTrq+PAoSjPFOQIwDwYDVR0TAQH/BAUwAwEB/zANBgkq
hkiG9w0BAQsFAAOCAgEAPeczDC1OScGZ6UVjFUF+BqI1Am9TwUNVD2cRnbXvQ2g7
nU8vYSfWx00bhRTpuDEG997HkCCvaUYIArbGtgplB+bCk6GMnQQfnRWIyFz/cy+Y
yuftUY0PufXzCe33J2Q0SQCNKdEvOsfiPCkyrgMSlomoIDPhs4wQ8SOE0Lnl4fNw
i1uVDd6pTxwwfpfsvN5lBwXN+RDr1Awe07f9SJmYklqQAIP5Kthq7QJsN1QHvmtW
JL7AYlltDTUYvE2kBnQKjkNYv9Qj4PGUvipVlCKA4cEVAZXHam01RqPXEFj5I9B4
Q9S+oT7htoXWuz9kAwsSCZVEW1QBzRL7UNIckMWsc1jRSiCT5Nc/sOtPyIc9in+i
J/XGPjSBvQZrnitLhR4qByG/dY+istQkcEERjElwhzucEyNkgtENJfJEevdJsrBf
oGaaK5ljemYsk1e+QHB3FWmNbIysKBMn44bHgu7DeQediLCjvwdasjVorDW1mv5Z
8Aoe075vxTmHGSjfMPiAzJnYMy0zCT1VcR+AtPKUtr11z2xgOrAqZqlTaR/ud6ce
B11n3oIs5Kwarvhwx2Qw7XvcGOa2PBGZW4kcoDRn9GNFcP5K2AAuRJD9FLTbr8ZO
6a0bv0KUksQYX+U/r3+qSn87TXyIJ1IbKY2jQYu/+KEpeyFnviXw+IoM/YHDqdw=
-----END CERTIFICATE-----
private_key: |-
-----BEGIN PRIVATE KEY-----
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDpS0Xtii0VITKF
r9XFLcWchI6//I7iMeKkYi7uEq601YZQ8/Zppg1M15BhD8ZEQ0JZ42ufi0p4B0LY
MGHYF+2kKsbFxcEPQTUeXCLcjYVAueZ+GTh+FrUrSQvHSevUbVXytAwiqAN/eAvX
BMdOKisPUM9Cmk/KHA+W+anw4UxqZvHq5GG9Z0IksTHI2oEMp/8cZ8lRXzHmOUYQ
GveBX6PBPvcttP8GwCU6vsPVSphZ7XF2LPqeMnBGgmOz51QTRpS7NBHMsSDR20Vg
STjI+F8nJnQsGO5Iq9IpQzlDlAsLjgPOT3W/pdeZD1mX/c9EpYEKf/0ubEBiWc+k
JqkrdmsUX6cZ06qEUa08yCMSzkaomHrMzw22kjICG9h+0sZvTetPvpYZsBqQRejD
S/cu+buAaDNchGNhl1YPp8iAlKUTYB4gbcNqceCGUmbQX06B/OwJiYIoN5ghh2wm
qNrFXYltfALBVhWFtU2DTAS9k399W2hd4u77uJngK0WLoKQuV/wi81dbk0kAI7eR
UI1H/Y4hC1MCI5M6zewrJ7QgOYBiqkYydYQGFu1ToDt6maDVBX05PcoBPwbUfrmZ
BjR5kzBawvH6reDuANkEXfJ0+2hAJBAxXPKyQVc9Y87nDATvkl7qWOKjfJairKAd
03lvJlesr6+7GwMMnE/6h91QF4VqOQIDAQABAoICAFXdtDe5X12DEf7dmJ9R+QVi
Ts5ADXEYrlQVpTNQIgiB/MVn/d6l1Qhe4Q+wiCeQ3+eIypB26qph9crvh9vK9tcx
PWcGocfVFtF9VQF7fzuzELCB5OaXwgfUA2dPAGN3+KXzefH5iAwPKcByzE6rO50P
/7ECbfK0QFKvwspbik4xZMIxW/4j9tbddzb3oX8AiGeylYkDMjEMDIsZ+dYe1v1m
CQFEOIeKCknkc9zZ71hOCjBWXsoCQ4vYKw1IzAuqM0zx3clKuoszGwZU/PcPX6pf
v2uJo46Q2zH/waBraWNP2nvBiFPJHSEDYtUMAJFCH0w3jn7bLhlk+AVxi1tpYwBx
SOFQKmKbJgTWpmX7o8bhyNmSg6gLTquKKYuOeUsJTe4SERnhKNVen/mf1BdV5S1A
iLj9mg5tFL1O+f8wl8q0QA5aM3o1G/YMlG28Na6X8l89BiDvfdG4YALzeJs5k1yn
VnpZElikhx63HQjaLE+u4nSBwr0s79Hnq4Xge+rEPCRVpHhfZ1T/Ka3NwqcflcM7
GvvRnXfLLyfS3DOQg9BCwE94hzJgh7V4BqEQInzkAR3/wF83xTT0LaWLBsJXTsWr
rHcdPxpMVXNUfelBmA3Blu1d07lDw8kMzYXzCJ4AE9gjdgN9ltwjg7ZDQ3w6Tnc1
09aLmIUeRx6r7vs8pBMPAoIBAQD3epVeC4Urpmop21Jzop7nqvQqmHwDvUPIHKWZ
a1e9YmHfNR6Vibzw8jqjd7IJMd5mzlcot+bTjfFGxfZ/KidE5MB8rvwS0MVQnamZ
dnl1OX9c/+G4jW8xCzNQlkAXT2xcaMPO/ged6smdtZkvvnjfyX0L78fbKG+4fsc8
PoIB5gXjApVVN4ujeaKUud2jr2uHueQqI8taZlhlIojxc1w/a9r0iiLK+sY/HvWH
gERxDFWQjg8kkFGXC3KFOz0UJiolDus9sK9cLcDI4IavOotVaxEoz778u9644+GM
wfRJCN8OBT3RQjPy77L1VOCjrbd1TtknDDG+kAN4ZLLEPCO/AoIBAQDxU6gqjGDy
SC1mSgl8x6ODkmCs2a9UvZeg9/KA/UzTGCLeSgftPwgCeGV6d6dpqFxsvqhVDVtp
pkqFa2+X0rsIG4JFl6qZTbXpJIqbdkTeWjjimg809fTqZnSJSchUiuIWzqvGlOSL
cM5c7+WNteLVHjldiNT0+jReXPtxAJD9jIV3LubmWZ5qs3tYXKGgQvCItLo6REYE
SKUZAsX/T6O6HAypv89AcS+UZxc2pq4htFRJY5XarLbs8BuDJAYWm3chMwwGIDEx
J7cCXWWWQkU7W1GOckU4oo6FPGzjREPwyeiYcvias2/nm4tOc5t0gRJHIR8W6tQF
5An7lLSHe5AHAoIBAADiNSpSzDTtsS9ZEyBKklqtZ5XHWZoB0P4j7AtyMKwCb+sG
G4fZKA2ML91pjf8uaGbhkboZff9/YD8qccjec6lxT6aiUVAX4rx486QSojhi7it8
1md8SctZCOPexXfP1sk1ro1MpuZPckzX2yYqfe/+ni2uu33y1QNJoJh8eKZdFeRL
nBDj0+HPi18QktQEylN/vGrSGeXGu8YQq4CBMvEfB3ccDye+YXrUN3g2YwgsTRnp
B/DPexsY9V24am1p/XiIZxqfSOEBYNDWzGRPxzOU4EjPBRWN7ium1KVWA/NGztUT
+7aFj/3sES2DEhJDioYms+vJxVuy0/BYG7NLq60CggEAZCxZre+/flK/paot7gHg
ugjU4GssAH0Cp+rEWw7KCQYH00XfrHdxl7TqSr/IWm9sjidGMKfuvhgs7tz94YOz
51Wj6cdfJWvAixqD/qxFQhcpbcaNcWp3U6Vb0nEyGwXbe6QmYbQEem1E/AcIvp41
nkmBfnYCD/6cJl9qcCnQBa+C50osxomE3L3MAY3R+XhP6C887lrQxY5yGcOw9J3W
VLa3+u6H1TQmj++LD0B5H7x/EEeqOK9g71Fr2i/l5xR5iuppn1FVmhXmPbEPLiQs
IMtzOzHr0eqIRn4ipOP9X8IwLrfqwiyh0v4aAWKzsNSzBZuWEClCAX/7NNcxaNu9
mQKCAQEA3dk8ScY8bVPgFg2x7oqujVZbrNizhw2+BXYuH6HRVINPDYzIapur9uiw
I+STHoUod8aRNvwDLfhkI+MabmEbt/eDsBpRrJYYLi2uTed5gIiLqPS8MPuKr++7
UwJz4OPZu1xOjbFapvKvPSbPhS254tozQyi5Xbl8W268SCQhF+hEb+AT5JTcoPlI
ZNN5hp0Ooq6EouX8heyeG7le9V2G+HFHR9aWniD9kRRirO+oqWTXcG+9zHRhkdbF
4vRGwZ8+mj/0fKAHlFpeDRiKNbma7rTNDyEDR9jQ+GOC1QmOYeiei6FDKYEPcHxh
UBWqdlD+gUjtzQvD3yMo7JN9DIO5Eg==
-----END PRIVATE KEY-----
certificate_path: ""
private_key_path: ""
filters:
- enabled: true
url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
name: AdGuard DNS filter
id: 1
- enabled: true
url: https://adaway.org/hosts.txt
name: AdAway Default Blocklist
id: 2
- enabled: true
url: https://someonewhocares.org/hosts/zero/hosts
name: Dan Pollock's List
id: 1684963532
whitelist_filters: []
user_rules: []
dhcp:
enabled: false
interface_name: ""
local_domain_name: lan
dhcpv4:
gateway_ip: ""
subnet_mask: ""
range_start: ""
range_end: ""
lease_duration: 86400
icmp_timeout_msec: 1000
options: []
dhcpv6:
range_start: ""
lease_duration: 86400
ra_slaac_only: false
ra_allow_slaac: false
clients:
runtime_sources:
whois: true
arp: true
rdns: true
dhcp: true
hosts: true
persistent: []
log_compress: false
log_localtime: false
log_max_backups: 0
log_max_size: 100
log_max_age: 3
log_file: ""
verbose: false
os:
group: ""
user: ""
rlimit_nofile: 0
schema_version: 14
Reference in New Issue View Git Blame Copy Permalink