[blocky] Refactor config yaml (#169)

* Refactor config yaml Also disable logs volume (no longer needed) Signed-off-by: Jeff Billimek <jeff@billimek.com> * fix linting Signed-off-by: Jeff Billimek <jeff@billimek.com>
2025-02-03 15:59:09 +00:00 · 2020-03-11 00:09:41 -04:00 · 2020-03-11 00:09:41 -04:00 · 92a0db15d1
commit 92a0db15d1
parent def0e8c7ed
4 changed files with 64 additions and 76 deletions
--- a/charts/blocky/Chart.yaml
+++ b/charts/blocky/Chart.yaml
@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: "v0.5"
 description: DNS proxy as ad-blocker for local network
 name: blocky
-version: 2.1.0
+version: 2.2.0
 keywords:
  - blocky
  - dbs
--- a/charts/blocky/templates/configmap.yaml
+++ b/charts/blocky/templates/configmap.yaml
@ -9,5 +9,8 @@ metadata:
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
 data:
 {{- if .Values.config }}
 {{ $root := . }}
  config.yml: |
-{{ .Values.config | indent 4 }}
+{{ tpl (toYaml .Values.config | indent 4) $root }}
 {{- end }}
--- a/charts/blocky/templates/deployment.yaml
+++ b/charts/blocky/templates/deployment.yaml
@ -37,8 +37,6 @@ spec:
            - name: config
              mountPath: /app/config.yml
              subPath: config.yml
            - name: logs
              mountPath: /logs
          ports:
          ports:
            - name: monitoring
@ -74,9 +72,6 @@ spec:
        - name: config
          configMap:
            name: {{ template "blocky.fullname" . }}
        - name: logs
          emptyDir:
            medium: Memory
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
--- a/charts/blocky/values.yaml
+++ b/charts/blocky/values.yaml
@ -12,87 +12,87 @@ replicas: 1
 timeZone: "UTC"
-# blocky configuration
+# blocky configuration - will translate to config.yml file inside the pod
-config: |
+config:
  upstream:
-      # these external DNS resolvers will be used. Blocky picks 2 random resolvers from the list for each query
+    # these external DNS resolvers will be used. Blocky picks 2 random resolvers from the list for each query
-      # format for resolver: net:host:[port][/path]. net could be tcp, udp, tcp-tls or https (DoH). If port is empty, default port will be used (53 for udp and tcp, 853 for tcp-tls, 443 for https (Doh))
+    # format for resolver: net:host:[port][/path]. net could be tcp, udp, tcp-tls or https (DoH). If port is empty, default port will be used (53 for udp and tcp, 853 for tcp-tls, 443 for https (Doh))
-      externalResolvers:
+    externalResolvers:
-        - udp:8.8.8.8
+      - udp:8.8.8.8
-        - udp:8.8.4.4
+      - udp:8.8.4.4
-        - udp:1.1.1.1
+      - udp:1.1.1.1
-        - tcp-tls:1.0.0.1:853
+      - tcp-tls:1.0.0.1:853
-        - https://cloudflare-dns.com/dns-query
+      - https://cloudflare-dns.com/dns-query
  # optional: custom IP address for domain name (with all sub-domains)
  # example: query "printer.lan" or "my.printer.lan" will return 192.168.178.3
  customDNS:
-      mapping:
+    mapping:
-        printer.lan: 192.168.178.3
+      printer.lan: 192.168.178.3
  # optional: definition, which DNS resolver should be used for queries to the domain (with all sub-domains).
  # Example: Query client.fritz.box will ask DNS server 192.168.178.1. This is necessary for local network, to resolve clients by host name
  conditional:
-      mapping:
+    mapping:
-        fritz.box: udp:192.168.178.1
+      fritz.box: udp:192.168.178.1
  # optional: use black and white lists to block queries (for example ads, trackers, adult pages etc.)
  blocking:
-      # definition of blacklist groups. Can be external link (http/https) or local file
+    # definition of blacklist groups. Can be external link (http/https) or local file
-      blackLists:
+    blackLists:
-        ads:
+      ads:
-          - https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
+        - https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
-          - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
+        - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
-          - https://mirror1.malwaredomains.com/files/justdomains
+        - https://mirror1.malwaredomains.com/files/justdomains
-          - http://sysctl.org/cameleon/hosts
+        - http://sysctl.org/cameleon/hosts
-          - https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
+        - https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
-          - https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
+        - https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
-        special:
+      special:
-          - https://hosts-file.net/ad_servers.txt
+        - https://hosts-file.net/ad_servers.txt
-      # definition of whitelist groups. Attention: if the same group has black and whitelists, whitelists will be used to disable particular blacklist entries. If a group has only whitelist entries -> this means only domains from this list are allowed, all other domains will be blocked
+    # definition of whitelist groups. Attention: if the same group has black and whitelists, whitelists will be used to disable particular blacklist entries. If a group has only whitelist entries -> this means only domains from this list are allowed, all other domains will be blocked
-      whiteLists:
+    whiteLists:
-        ads:
+      ads:
-          - whitelist.txt
+        - whitelist.txt
-      # definition: which groups should be applied for which client
+    # definition: which groups should be applied for which client
-      clientGroupsBlock:
+    clientGroupsBlock:
-        # default will be used, if no special definition for a client name exists
+      # default will be used, if no special definition for a client name exists
-        default:
+      default:
-          - ads
+        - ads
-          - special
+        - special
-        # use client name or ip address
+      # use client name or ip address
-        laptop.fritz.box:
+      laptop.fritz.box:
-          - ads
+        - ads
-      # which response will be sent, if query is blocked:
+    # which response will be sent, if query is blocked:
-      # zeroIp: 0.0.0.0 will be returned (default)
+    # zeroIp: 0.0.0.0 will be returned (default)
-      # nxDomain: return NXDOMAIN as return code
+    # nxDomain: return NXDOMAIN as return code
-      blockType: zeroIp
+    blockType: zeroIp
-      # optional: automatically list refresh period in minutes. Default: 4h.
+    # optional: automatically list refresh period in minutes. Default: 4h.
-      # Negative value -> deactivate automatically refresh.
+    # Negative value -> deactivate automatically refresh.
-      # 0 value -> use default
+    # 0 value -> use default
-      refreshPeriod: 1
+    # refreshPeriod: 1
  # optional: configuration for caching of DNS responses
-  caching:
+  # caching:
    # amount in minutes, how long a response must be cached (min value).
    # If <=0, use response's TTL, if >0 use this value, if TTL is smaller
    # Default: 0
-    minTime: 40
+    # minTime: 40
    # amount in minutes, how long a response must be cached (max value).
    # If <0, do not cache responses
    # If 0, use TTL
    # If > 0, use this value, if TTL is greater
    # Default: 0
-    maxTime: -1
+    # maxTime: -1
  # optional: configuration of client name resolution
  clientLookup:
-      # this DNS resolver will be used to perform reverse DNS lookup (typically local router)
+    # this DNS resolver will be used to perform reverse DNS lookup (typically local router)
-      upstream: udp:192.168.178.1
+    upstream: udp:192.168.178.1
-      # optional: some routers return multiple names for client (host name and user defined name). Define which single name should be used.
+    # optional: some routers return multiple names for client (host name and user defined name). Define which single name should be used.
-      # Example: take second name if present, if not take first name
+    # Example: take second name if present, if not take first name
-      singleNameOrder:
+    # singleNameOrder:
-        - 2
+    #   - 2
-        - 1
+    #   - 1
  # optional: configuration for prometheus metrics endpoint
  prometheus:
    # enabled if true
@ -102,15 +102,6 @@ config: |
    # url path, optional (default '/metrics')
    path: /metrics
  # optional: write query information (question, answer, client, duration etc) to daily csv file
  queryLog:
      # directory (should be mounted as volume in docker)
      dir: /logs
      # if true, write one file per client. Writes all queries to single file otherwise
      perClient: true
      # if > 0, deletes log files which are older than ... days
      logRetentionDays: 7
  # optional: DNS listener port, default 53 (UDP and TCP)
  port: 53
  # optional: HTTP listener port, default 0 = no http listener. If > 0, will be used for prometheus metrics, pprof, ...
@ -167,11 +158,10 @@ resources: {}
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  # limits:
-  #  cpu: 100m
+  #  memory: 500Mi
  #  memory: 128Mi
  # requests:
-  #  cpu: 100m
+  #  cpu: 50m
-  #  memory: 128Mi
+  #  memory: 275Mi
 nodeSelector: {}