From fb89fd15ffe41c8aa9eb08a733f45039759399cc Mon Sep 17 00:00:00 2001 From: Gerrit Pannek Date: Sun, 30 Jan 2022 09:16:23 +0100 Subject: [PATCH] Add: adGuard Home --- projects/adguard/project.yml | 8 ++ projects/adguard/values/adguard.yaml | 172 +++++++++++++++++++++++++++ projects/homer/values/homer.yml | 4 + 3 files changed, 184 insertions(+) create mode 100644 projects/adguard/project.yml create mode 100644 projects/adguard/values/adguard.yaml diff --git a/projects/adguard/project.yml b/projects/adguard/project.yml new file mode 100644 index 00000000..1c17760d --- /dev/null +++ b/projects/adguard/project.yml @@ -0,0 +1,8 @@ +config: + description: Adguard Home DNS Server + +apps: +- name: adguard + repoURL: https://k8s-at-home.com/charts + chart: adguard-home + targetRevision: 5.2.0 diff --git a/projects/adguard/values/adguard.yaml b/projects/adguard/values/adguard.yaml new file mode 100644 index 00000000..4a4dafef --- /dev/null +++ b/projects/adguard/values/adguard.yaml @@ -0,0 +1,172 @@ +image: + repository: adguard/adguardhome + tag: v0.106.3 + +env: + TZ: Europe/Amsterdam + +ingress: + main: + enabled: true + annotations: + cert-manager.io/cluster-issuer: vault-issuer + traefik.ingress.kubernetes.io/router.tls: 'true' + hosts: + - host: adguard.dc + paths: + - path: / + pathType: Prefix + tls: + - secretName: adguard-tls + hosts: + - adguard.dc + +service: + dns-tcp: + enabled: true + type: LoadBalancer + annotations: + metallb.universe.tf/address-pool: dns + metallb.universe.tf/allow-shared-ip: adguard + ports: + dns-tcp: + enabled: true + port: 53 + protocol: TCP + targetPort: 5353 + externalTrafficPolicy: Local + dns-udp: + enabled: true + type: LoadBalancer + annotations: + metallb.universe.tf/address-pool: dns + metallb.universe.tf/allow-shared-ip: adguard + ports: + dns-udp: + enabled: true + port: 53 + protocol: UDP + targetPort: 5353 + externalTrafficPolicy: Local + +config: | + bind_host: 0.0.0.0 + bind_port: 3000 + beta_bind_port: 0 + users: [] + auth_attempts: 5 + block_auth_min: 15 + http_proxy: "" + language: en + rlimit_nofile: 0 + debug_pprof: false + web_session_ttl: 720 + dns: + bind_hosts: + - 0.0.0.0 + port: 5353 + statistics_interval: 1 + querylog_enabled: true + querylog_file_enabled: true + querylog_interval: 90 + querylog_size_memory: 1000 + anonymize_client_ip: false + protection_enabled: true + blocking_mode: default + blocking_ipv4: "" + blocking_ipv6: "" + blocked_response_ttl: 10 + parental_block_host: family-block.dns.adguard.com + safebrowsing_block_host: standard-block.dns.adguard.com + ratelimit: 0 + ratelimit_whitelist: [] + refuse_any: true + upstream_dns: + - 192.168.1.1 + #- https://dns10.quad9.net/dns-query + upstream_dns_file: "" + bootstrap_dns: + - 192.168.1.1 + all_servers: false + fastest_addr: false + allowed_clients: [] + disallowed_clients: [] + blocked_hosts: [] + cache_size: 4194304 + cache_ttl_min: 0 + cache_ttl_max: 0 + bogus_nxdomain: [] + aaaa_disabled: false + enable_dnssec: false + edns_client_subnet: false + max_goroutines: 300 + ipset: [] + filtering_enabled: true + filters_update_interval: 24 + parental_enabled: false + safesearch_enabled: false + safebrowsing_enabled: false + safebrowsing_cache_size: 1048576 + safesearch_cache_size: 1048576 + parental_cache_size: 1048576 + cache_time: 30 + rewrites: [] + blocked_services: [] + local_domain_name: lan + resolve_clients: true + local_ptr_upstreams: [] + tls: + enabled: false + server_name: "" + force_https: false + port_https: 443 + port_dns_over_tls: 853 + port_dns_over_quic: 784 + port_dnscrypt: 0 + dnscrypt_config_file: "" + allow_unencrypted_doh: false + strict_sni_check: false + certificate_chain: "" + private_key: "" + certificate_path: "" + private_key_path: "" + filters: + - enabled: true + url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt + name: AdGuard DNS filter + id: 1 + - enabled: false + url: https://adaway.org/hosts.txt + name: AdAway + id: 2 + - enabled: false + url: https://www.malwaredomainlist.com/hostslist/hosts.txt + name: MalwareDomainList.com Hosts List + id: 4 + whitelist_filters: [] + user_rules: [] + dhcp: + enabled: false + interface_name: "" + dhcpv4: + gateway_ip: "" + subnet_mask: "" + range_start: "" + range_end: "" + lease_duration: 86400 + icmp_timeout_msec: 1000 + options: [] + dhcpv6: + range_start: "" + lease_duration: 86400 + ra_slaac_only: false + ra_allow_slaac: false + clients: [] + log_compress: false + log_localtime: false + log_max_backups: 0 + log_max_size: 100 + log_max_age: 3 + log_file: "" + verbose: false + schema_version: 10 diff --git a/projects/homer/values/homer.yml b/projects/homer/values/homer.yml index 1f445ff3..a24cece8 100644 --- a/projects/homer/values/homer.yml +++ b/projects/homer/values/homer.yml @@ -118,6 +118,10 @@ configmap: name: OpenWRT url: https://openwrt.lan target: "_blank" + - logo: assets/png/adguardhome.png + name: AdGuard Home + url: https://adguard.dc + target: "_blank" - logo: assets/png/argocd.png name: ArgoCD url: https://argocd.dc