notohh/snowflake
notohh/snowflake
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity

Compare commits

base: notohh:1a943cacfabb0998a4ed3bcfcc91340a3c78cd59
Branches Tags
notohh:master
..
compare: notohh:2c9ee605b46fe120ee7923dcf0468f8825b206ab
Branches Tags
notohh:master

No commits in common. "1a943cacfabb0998a4ed3bcfcc91340a3c78cd59" and "2c9ee605b46fe120ee7923dcf0468f8825b206ab" have entirely different histories.
1a943cacfa ... 2c9ee605b4

3 changed files with 12 additions and 39 deletions
Show stats Expand all files Collapse all files

31
hosts/haru/services/blocky.nix
View file

@ -1,4 +1,8 @@
{pkgs, ...}: { {
pkgs,
config,
...
}: {
networking.firewall.allowedTCPPorts = [53 4000]; networking.firewall.allowedTCPPorts = [53 4000];
networking.firewall.allowedUDPPorts = [53]; networking.firewall.allowedUDPPorts = [53];
@ -8,7 +12,7 @@
enable = true; enable = true;
settings = { settings = {
connectIPVersion = "v4"; connectIPVersion = "v4";
upstreamTimeout = "5s"; upstreamTimeout = "30s";
startVerifyUpstream = false; startVerifyUpstream = false;
minTlsServeVersion = "1.2"; minTlsServeVersion = "1.2";
log = { log = {
@ -19,24 +23,12 @@
dns = 53; dns = 53;
http = 4000; http = 4000;
https = 443; https = 443;
tls = 853;
};
upstreams = {
strategy = "strict";
timeout = "30s";
groups = {
default = [
"tcp+udp:127.0.0.1:5335"
"tcp-tls:dns.quad9.net"
];
};
}; };
upstream.default = ["tcp+udp:127.0.0.1:5335"];
blocking = { blocking = {
blockType = "nxDomain";
loading = { loading = {
strategy = "fast"; strategy = "fast";
concurrency = 8; concurrency = 8;
refreshPeriod = "4h";
}; };
blackLists = { blackLists = {
ads = [ ads = [
@ -72,9 +64,6 @@
"https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser" "https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser"
"https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-only/hosts" "https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-only/hosts"
]; ];
catchall = [
"https://big.oisd.nl/domainswild"
];
}; };
whiteLists = { whiteLists = {
default = [ default = [
@ -88,7 +77,6 @@
"tracking" "tracking"
"malicious" "malicious"
"misc" "misc"
"catchall"
]; ];
}; };
}; };
@ -127,7 +115,7 @@
redis = { redis = {
address = "100.94.214.100:6381"; address = "100.94.214.100:6381";
password = "blocky"; password = "blocky";
database = 0; database = 2;
required = false; required = false;
connectionAttempts = 10; connectionAttempts = 10;
connectionCooldown = "5s"; connectionCooldown = "5s";
@ -144,9 +132,6 @@
enable = true; enable = true;
path = "/metrics"; path = "/metrics";
}; };
queryLog = {
type = "console";
};
}; };
}; };
} }

2
hosts/haru/services/unbound.nix
View file

@ -1,8 +1,8 @@
_: { _: {
services.unbound = { services.unbound = {
enable = true; enable = true;
resolveLocalQueries = false; resolveLocalQueries = false;
enableRootTrustAnchor = true;
settings = { settings = {
server = { server = {
verbosity = 0; verbosity = 0;

18
hosts/sakura/services/grafana.nix
View file

@ -38,19 +38,19 @@ _: {
{ {
name = "Prometheus-kariru"; name = "Prometheus-kariru";
type = "prometheus"; type = "prometheus";
url = "http://100.126.229.95:9090"; url = "http://192.168.1.54:9090";
orgId = 1; orgId = 1;
} }
{ {
name = "Prometheus-yuki"; name = "Prometheus-yuki";
type = "prometheus"; type = "prometheus";
url = "http://100.108.113.89:9090"; url = "http://192.168.1.36:9090";
orgId = 1; orgId = 1;
} }
{ {
name = "Prometheus-arashi"; name = "Prometheus-arashi";
type = "prometheus"; type = "prometheus";
url = "http://100.94.214.100:9090"; url = "http://192.168.1.211:9090";
orgId = 1; orgId = 1;
} }
{ {
@ -59,18 +59,6 @@ _: {
url = "http://100.104.42.96:9090"; url = "http://100.104.42.96:9090";
orgId = 1; orgId = 1;
} }
{
name = "Prometheus-tsuru";
type = "prometheus";
url = "http://100.82.146.40:9090";
orgId = 1;
}
{
name = "Prometheus-kaze";
type = "prometheus";
url = "http://100.69.79.81:9090";
orgId = 1;
}
{ {
name = "Prometheus-haru"; name = "Prometheus-haru";
type = "prometheus"; type = "prometheus";