notohh/snowflake
notohh/snowflake
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity

Compare commits

base: notohh:2c9ee605b46fe120ee7923dcf0468f8825b206ab
Branches Tags
notohh:master
...
compare: notohh:1a943cacfabb0998a4ed3bcfcc91340a3c78cd59
Branches Tags
notohh:master

3 commits
2c9ee605b4 ... 1a943cacfa

Author SHA1 Message Date
notohh
1a943cacfa
unbound: updates
All checks were successful
flake check / check (push) Successful in 4m20s
fmt check / check (push) Successful in 46s
 2024-01-17 09:03:50 -05:00
notohh
9a73fab307
blocky: updates 2024-01-17 09:03:34 -05:00
notohh
3b416b4677
grafana: provision more datasources 2024-01-17 08:55:46 -05:00
3 changed files with 39 additions and 12 deletions
Show stats Expand all files Collapse all files

31
hosts/haru/services/blocky.nix
View file

@ -1,8 +1,4 @@
{
pkgs,
config,
...
}: {
{pkgs, ...}: {
networking.firewall.allowedTCPPorts = [53 4000];
networking.firewall.allowedUDPPorts = [53];
@ -12,7 +8,7 @@
enable = true;
settings = {
connectIPVersion = "v4";
upstreamTimeout = "30s";
upstreamTimeout = "5s";
startVerifyUpstream = false;
minTlsServeVersion = "1.2";
log = {
@ -23,12 +19,24 @@
dns = 53;
http = 4000;
https = 443;
tls = 853;
};
upstreams = {
strategy = "strict";
timeout = "30s";
groups = {
default = [
"tcp+udp:127.0.0.1:5335"
"tcp-tls:dns.quad9.net"
];
};
};
upstream.default = ["tcp+udp:127.0.0.1:5335"];
blocking = {
blockType = "nxDomain";
loading = {
strategy = "fast";
concurrency = 8;
refreshPeriod = "4h";
};
blackLists = {
ads = [
@ -64,6 +72,9 @@
"https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser"
"https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-only/hosts"
];
catchall = [
"https://big.oisd.nl/domainswild"
];
};
whiteLists = {
default = [
@ -77,6 +88,7 @@
"tracking"
"malicious"
"misc"
"catchall"
];
};
};
@ -115,7 +127,7 @@
redis = {
address = "100.94.214.100:6381";
password = "blocky";
database = 2;
database = 0;
required = false;
connectionAttempts = 10;
connectionCooldown = "5s";
@ -132,6 +144,9 @@
enable = true;
path = "/metrics";
};
queryLog = {
type = "console";
};
};
};
}

2
hosts/haru/services/unbound.nix
View file

@ -1,8 +1,8 @@
_: {
services.unbound = {
enable = true;
resolveLocalQueries = false;
enableRootTrustAnchor = true;
settings = {
server = {
verbosity = 0;

18
hosts/sakura/services/grafana.nix
View file

@ -38,19 +38,19 @@ _: {
{
name = "Prometheus-kariru";
type = "prometheus";
url = "http://192.168.1.54:9090";
url = "http://100.126.229.95:9090";
orgId = 1;
}
{
name = "Prometheus-yuki";
type = "prometheus";
url = "http://192.168.1.36:9090";
url = "http://100.108.113.89:9090";
orgId = 1;
}
{
name = "Prometheus-arashi";
type = "prometheus";
url = "http://192.168.1.211:9090";
url = "http://100.94.214.100:9090";
orgId = 1;
}
{
@ -59,6 +59,18 @@ _: {
url = "http://100.104.42.96:9090";
orgId = 1;
}
{
name = "Prometheus-tsuru";
type = "prometheus";
url = "http://100.82.146.40:9090";
orgId = 1;
}
{
name = "Prometheus-kaze";
type = "prometheus";
url = "http://100.69.79.81:9090";
orgId = 1;
}
{
name = "Prometheus-haru";
type = "prometheus";