configuration.nix/hosts/shared/blocky.nix

{ pkgs, ... }: {
  systemd.services.blocky.unitConfig.After = [ "network-online.target" ];
  services = {
    blocky = {
      enable = true;
      settings = {
        bootstrapDns = [
          "tcp+udp:1.1.1.1"
          "tcp+udp:1.0.0.1"
        ];
        upstreams = {
          groups = {
            default = [
              # Cloudflare
              "tcp+udp:1.1.1.1"
              "tcp+udp:1.0.0.1"

              # Google
              "tcp+udp:8.8.8.8"
              "tcp+udp:8.8.4.4"
            ];
          };
          strategy = "parallel_best";
          timeout = "2s";
          userAgent = "Praise the DNS overlords!";
        };
        connectIPVersion = "v4";
        customDNS = {
          customTTL = "1h";
          filterUnmappedTypes = true;
          mapping = { };
        };
        blocking = {
          loading.strategy = "fast";
          denylists = {
            ads = [
              "https://raw.githubusercontent.com/blocklistproject/Lists/master/ads.txt"
            ];
            pihole = [
              "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"
            ];
          };
          allowlists = {
            pihole = [
              (pkgs.writeText "allowlist.txt" ''
                s.youtube.com
              '')
            ];

          };
          clientGroupsBlock = {
            default = [ "ads" "pihole" ];
          };
        };
        prometheus = {
          enable = true;
          path = "/metrics";
        };
        log = {
          level = "warn";
          format = "json";
          timestamp = true;
          privacy = true;
        };
      };
    };
  };
}
rico1, rico2: redundant dns 2024-10-28 23:54:19 +05:30			`{ pkgs, ... }: {`
all: redo dns 2024-11-17 17:22:10 +05:30			`systemd.services.blocky.unitConfig.After = [ "network-online.target" ];`
rico1, rico2: redundant dns 2024-10-28 23:54:19 +05:30			`services = {`
			`blocky = {`
			`enable = true;`
			`settings = {`
remove quad9 from dns. it's slow af 2024-12-01 23:15:54 +05:30			`bootstrapDns = [`
			`"tcp+udp:1.1.1.1"`
			`"tcp+udp:1.0.0.1"`
			`];`
rico1, rico2: redundant dns 2024-10-28 23:54:19 +05:30			`upstreams = {`
			`groups = {`
			`default = [`
			`# Cloudflare`
			`"tcp+udp:1.1.1.1"`
remove quad9 from dns. it's slow af 2024-12-01 23:15:54 +05:30			`"tcp+udp:1.0.0.1"`
rico1, rico2: redundant dns 2024-10-28 23:54:19 +05:30
			`# Google`
			`"tcp+udp:8.8.8.8"`
			`"tcp+udp:8.8.4.4"`
			`];`
			`};`
			`strategy = "parallel_best";`
			`timeout = "2s";`
			`userAgent = "Praise the DNS overlords!";`
			`};`
			`connectIPVersion = "v4";`
			`customDNS = {`
			`customTTL = "1h";`
			`filterUnmappedTypes = true;`
all: redo dns 2024-11-17 17:22:10 +05:30			`mapping = { };`
rico1, rico2: redundant dns 2024-10-28 23:54:19 +05:30			`};`
			`blocking = {`
blocky: fix warnings 2024-11-24 16:26:51 +05:30			`loading.strategy = "fast";`
rico1, rico2: redundant dns 2024-10-28 23:54:19 +05:30			`denylists = {`
			`ads = [`
			`"https://raw.githubusercontent.com/blocklistproject/Lists/master/ads.txt"`
			`];`
			`pihole = [`
			`"https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"`
			`];`
			`};`
			`allowlists = {`
			`pihole = [`
			`(pkgs.writeText "allowlist.txt" ''`
			`s.youtube.com`
			`'')`
			`];`

			`};`
			`clientGroupsBlock = {`
			`default = [ "ads" "pihole" ];`
			`};`
			`};`
			`prometheus = {`
			`enable = true;`
			`path = "/metrics";`
			`};`
			`log = {`
			`level = "warn";`
			`format = "json";`
			`timestamp = true;`
			`privacy = true;`
			`};`
			`};`
			`};`
			`};`
			`}`