notohh/snowflake
notohh/snowflake
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity

Compare commits

base: notohh:2c9ee605b46fe120ee7923dcf0468f8825b206ab
Branches Tags
notohh:master
..
compare: notohh:1a943cacfabb0998a4ed3bcfcc91340a3c78cd59
Branches Tags
notohh:master

3 commits
2c9ee605b4 ... 1a943cacfa

Author SHA1 Message Date
notohh
1a943cacfa
unbound: updates
All checks were successful
flake check / check (push) Successful in 4m20s
fmt check / check (push) Successful in 46s
 2024-01-17 09:03:50 -05:00
notohh
9a73fab307
blocky: updates 2024-01-17 09:03:34 -05:00
notohh
3b416b4677
grafana: provision more datasources 2024-01-17 08:55:46 -05:00
3 changed files with 39 additions and 12 deletions
Show stats Expand all files Collapse all files

31
hosts/haru/services/blocky.nix
View file

@ -1,8 +1,4 @@
{ {pkgs, ...}: {
pkgs,
config,
...
}: {
networking.firewall.allowedTCPPorts = [53 4000]; networking.firewall.allowedTCPPorts = [53 4000];
networking.firewall.allowedUDPPorts = [53]; networking.firewall.allowedUDPPorts = [53];
@ -12,7 +8,7 @@
enable = true; enable = true;
settings = { settings = {
connectIPVersion = "v4"; connectIPVersion = "v4";
upstreamTimeout = "30s"; upstreamTimeout = "5s";
startVerifyUpstream = false; startVerifyUpstream = false;
minTlsServeVersion = "1.2"; minTlsServeVersion = "1.2";
log = { log = {
@ -23,12 +19,24 @@
dns = 53; dns = 53;
http = 4000; http = 4000;
https = 443; https = 443;
tls = 853;
};
upstreams = {
strategy = "strict";
timeout = "30s";
groups = {
default = [
"tcp+udp:127.0.0.1:5335"
"tcp-tls:dns.quad9.net"
];
};
}; };
upstream.default = ["tcp+udp:127.0.0.1:5335"];
blocking = { blocking = {
blockType = "nxDomain";
loading = { loading = {
strategy = "fast"; strategy = "fast";
concurrency = 8; concurrency = 8;
refreshPeriod = "4h";
}; };
blackLists = { blackLists = {
ads = [ ads = [
@ -64,6 +72,9 @@
"https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser" "https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser"
"https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-only/hosts" "https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-only/hosts"
]; ];
catchall = [
"https://big.oisd.nl/domainswild"
];
}; };
whiteLists = { whiteLists = {
default = [ default = [
@ -77,6 +88,7 @@
"tracking" "tracking"
"malicious" "malicious"
"misc" "misc"
"catchall"
]; ];
}; };
}; };
@ -115,7 +127,7 @@
redis = { redis = {
address = "100.94.214.100:6381"; address = "100.94.214.100:6381";
password = "blocky"; password = "blocky";
database = 2; database = 0;
required = false; required = false;
connectionAttempts = 10; connectionAttempts = 10;
connectionCooldown = "5s"; connectionCooldown = "5s";
@ -132,6 +144,9 @@
enable = true; enable = true;
path = "/metrics"; path = "/metrics";
}; };
queryLog = {
type = "console";
};
}; };
}; };
} }

2
hosts/haru/services/unbound.nix
View file

@ -1,8 +1,8 @@
_: { _: {
services.unbound = { services.unbound = {
enable = true; enable = true;
resolveLocalQueries = false; resolveLocalQueries = false;
enableRootTrustAnchor = true;
settings = { settings = {
server = { server = {
verbosity = 0; verbosity = 0;

18
hosts/sakura/services/grafana.nix
View file

@ -38,19 +38,19 @@ _: {
{ {
name = "Prometheus-kariru"; name = "Prometheus-kariru";
type = "prometheus"; type = "prometheus";
url = "http://192.168.1.54:9090"; url = "http://100.126.229.95:9090";
orgId = 1; orgId = 1;
} }
{ {
name = "Prometheus-yuki"; name = "Prometheus-yuki";
type = "prometheus"; type = "prometheus";
url = "http://192.168.1.36:9090"; url = "http://100.108.113.89:9090";
orgId = 1; orgId = 1;
} }
{ {
name = "Prometheus-arashi"; name = "Prometheus-arashi";
type = "prometheus"; type = "prometheus";
url = "http://192.168.1.211:9090"; url = "http://100.94.214.100:9090";
orgId = 1; orgId = 1;
} }
{ {
@ -59,6 +59,18 @@ _: {
url = "http://100.104.42.96:9090"; url = "http://100.104.42.96:9090";
orgId = 1; orgId = 1;
} }
{
name = "Prometheus-tsuru";
type = "prometheus";
url = "http://100.82.146.40:9090";
orgId = 1;
}
{
name = "Prometheus-kaze";
type = "prometheus";
url = "http://100.69.79.81:9090";
orgId = 1;
}
{ {
name = "Prometheus-haru"; name = "Prometheus-haru";
type = "prometheus"; type = "prometheus";