# Include{groups} portals: open: # Include{portalLink} questions: # Include{global} # Include{workload} # Include{workloadDeployment} # Include{replicas1} # Include{podSpec} # Include{containerMain} # Include{containerBasic} # Include{containerAdvanced} - variable: webUI group: App Configuration label: WebUI Configuration schema: additional_attrs: true type: dict attrs: - variable: enabled label: Enable Web UI description: Enables Web UI schema: type: boolean default: true - variable: apiURL label: API URL description: API URL for webUI, including port. Only used when not using ingress schema: type: string default: "http://127.0.0.1:4000" - variable: overrideDefaults group: App Configuration label: Override Default Upstreams description: Overrides the predefined DNS server upstream list schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: defaultUpstreams label: Default Upstreams schema: type: list default: [] items: - variable: upstreamEntry label: Upstream Entry schema: type: string required: true default: "" - variable: upstreams group: App Configuration label: Upstreams Groups description: Refer to
https://0xerr0r.github.io/blocky/configuration/#upstream-configuration schema: type: list default: [] items: - variable: upstreamsGroupEntry label: Upstreams Group Entry schema: additional_attrs: true type: dict attrs: - variable: name label: Group Name schema: type: string required: true default: "" - variable: upstreams label: Upstreams schema: type: list required: true default: [] items: - variable: upstreamEntry label: upstream Entry schema: type: string required: true default: "" - variable: bootstrapDns group: App Configuration label: Bootstrap DNS description: Used to resolve upstream DoH and DoT servers that are specified as hostnames.
Refer to https://0xerr0r.github.io/blocky/configuration/#bootstrap-dns-configuration schema: additional_attrs: true type: dict attrs: - variable: upstream label: Upstream schema: type: string default: "" - variable: ips label: IPs schema: type: list default: [] items: - variable: ipEntry label: IP Entry schema: type: string required: true default: "" - variable: additionalBootstrapDns group: App Configuration label: Additional Bootstrap DNS schema: type: list show_if: [[ "bootstrapDns", "!=", {"upstream": "", "ips": []} ]] default: [] items: - variable: additionalBootstrapDnsEntry label: Additional Bootstrap DNS Entry schema: additional_attrs: true type: dict attrs: - variable: upstream label: Upstream schema: type: string default: "" - variable: ips label: IPs schema: type: list default: [] items: - variable: ipEntry label: IP Entry schema: type: string required: true default: "" - variable: filtering group: App Configuration label: Filtering description: Define one or more DNS query types; all queries with these types will be dropped
Refer to https://0xerr0r.github.io/blocky/configuration/#filtering schema: additional_attrs: true type: dict attrs: - variable: queryTypes label: Query Types schema: type: list default: [] items: - variable: queryTypeEntry label: Query Type Entry schema: type: string required: true default: "" - variable: customDNS group: App Configuration label: Custom DNS description: Define your own domain name to IP mappings.
Refer to https://0xerr0r.github.io/blocky/configuration/#custom-dns schema: additional_attrs: true type: dict attrs: - variable: customTTL label: Custom TTL schema: type: string default: 1h - variable: filterUnmappedTypes label: Filter Unmapped Types schema: type: boolean default: true - variable: rewrite label: Rewrite schema: type: list default: [] items: - variable: rewriteEntry label: Rewrite Entry schema: type: dict additional_attrs: true attrs: - variable: in label: In schema: type: string required: true default: "" - variable: out label: Out schema: type: string required: true default: "" - variable: mapping label: Mapping schema: type: list default: [] items: - variable: mappingEntry label: Mapping Entry schema: type: dict additional_attrs: true attrs: - variable: domain label: Domain schema: type: string required: true default: "" - variable: dnsserver label: DNS Server schema: type: string required: true default: "" - variable: clientLookup group: App Configuration label: Client Lookup description: Blocky can try to resolve a user-friendly client name from the IP address or server URL (DoT and DoH)
Refer to https://0xerr0r.github.io/blocky/configuration/#client-name-lookup schema: additional_attrs: true type: dict attrs: - variable: upstream label: Upstream schema: type: string default: "" - variable: singleNameOrder label: Single Name Order schema: type: list default: [] items: - variable: singleNameEntry label: Single Name Entry schema: type: string required: true default: "" - variable: clients label: Clients schema: type: list default: [] items: - variable: clientEntry label: Client Entry schema: type: dict additional_attrs: true attrs: - variable: domain label: Domain schema: type: string required: true default: "" - variable: ips label: IPs schema: type: list default: [] items: - variable: ipEntry label: IP Entry schema: type: string required: true default: "" - variable: caching group: App Configuration label: Caching description: Refer to
https://0xerr0r.github.io/blocky/configuration/#caching schema: additional_attrs: true type: dict attrs: - variable: minTime label: Min Time schema: type: string default: 5m - variable: maxTime label: Max Time schema: type: string default: 30m - variable: maxItemsCount label: Max Items Count schema: type: int default: 0 - variable: prefetching label: Prefetching schema: type: boolean default: false - variable: prefetchExpires label: Prefetch Expires schema: type: string default: 2h - variable: prefetchThreshold label: Prefetch Threshold schema: type: int default: 5 - variable: prefetchMaxItemsCount label: Prefetch Max Items Count schema: type: int default: 0 - variable: cacheTimeNegative label: Cache Time Negative schema: type: string default: 30m - variable: conditional group: App Configuration label: Conditional description: Define which DNS resolver(s) should be used for queries for the particular domain
Refer to https://0xerr0r.github.io/blocky/configuration/#conditional-dns-resolution schema: additional_attrs: true type: dict attrs: - variable: rewrite label: Rewrite schema: type: list default: [] items: - variable: rewriteEntry label: Rewrite Entry schema: type: dict additional_attrs: true attrs: - variable: in label: In schema: type: string required: true default: "" - variable: out label: Out schema: type: string required: true default: "" - variable: mapping label: Mapping schema: type: list default: [] items: - variable: mappingEntry label: Mapping Entry schema: type: dict additional_attrs: true attrs: - variable: domain label: Domain schema: type: string required: true default: "" - variable: dnsserver label: DNS Server schema: type: string required: true default: "" - variable: blocking group: App Configuration label: Blocking description: Each black or whitelist can be either a path to the local file or a URL to download. All Urls must be grouped to a group name.
Refer to https://0xerr0r.github.io/blocky/configuration/#blocking-and-whitelisting schema: additional_attrs: true type: dict attrs: - variable: blockType label: Block Type description: Set the response should be sent to the client, if a requested query is blocked schema: type: string default: nxDomain - variable: blockTTL label: Block TTL description: Set the TTL for answers to blocked domains schema: type: string default: 6h - variable: refreshPeriod label: Refresh Period description: Set how often blocky should refresh list cache schema: type: string default: 4h - variable: downloadTimeout label: Download Timeout description: Download attempt timeout schema: type: string default: 60s - variable: downloadAttempts label: Download Attempts description: How many download attempts should be performed schema: type: int default: 3 - variable: downloadCooldown label: Download Cooldown description: Time between the download attempts schema: type: string default: 2s - variable: startStrategy label: Start Strategy description: | blocking: all blocking lists will be loaded before DNS resolution starts.
failOnError: like blocking but blocky will shut down if any download fails.
fast: DNS resolution starts immediately without blocking which will be enabled after list load is completed schema: type: string default: blocking enum: - value: blocking description: Blocking - value: failOnError description: Fail On Error - value: fast description: Fast - variable: processingConcurrency label: Processing Concurrency description: Sets how many list-groups can be processed at the same time schema: type: int default: 4 - variable: whitelist label: Whitelist description: Define whitelists, either URL or file schema: type: list default: [] items: - variable: whitelistEntry label: Whitelist Group Entry schema: additional_attrs: true type: dict attrs: - variable: name label: Group Name schema: type: string required: true default: "" - variable: lists label: Lists schema: type: list required: true default: [] items: - variable: listEntry label: List Entry schema: type: string required: true default: "" - variable: blacklist label: Blacklist description: Define blacklists, either URL or file schema: type: list default: [] items: - variable: blacklistEntry label: Blacklist Group Entry schema: additional_attrs: true type: dict attrs: - variable: name label: Group Name schema: type: string required: true default: "" - variable: lists label: Lists schema: type: list required: true default: [] items: - variable: listEntry label: List Entry schema: type: string required: true default: "" - variable: clientGroupsBlock label: Client Groups Block description: Define, which blocking group(s) should be used for which client in your network. schema: type: list default: [] items: - variable: clientGroupBlockEntry label: Client Group Block Entry schema: additional_attrs: true type: dict attrs: - variable: name label: Client Group Name schema: type: string required: true default: "" - variable: groups label: Groups schema: type: list required: true default: [] items: - variable: groupEntry label: Group Entry schema: type: string required: true default: "" - variable: hostsFile group: App Configuration label: Hosts File description: You can enable resolving of entries, located in local hosts file.
Refer to https://0xerr0r.github.io/blocky/configuration/#hosts-file schema: additional_attrs: true type: dict attrs: - variable: enabled label: Enabled schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: filePath label: File Path schema: type: string default: /etc/hosts - variable: hostsTTL label: Hosts TTL schema: type: string default: 60m - variable: refreshPeriod label: Refresh Period schema: type: string default: 30m - variable: queryLog group: App Configuration label: Query Logging configuration schema: additional_attrs: true type: dict attrs: - variable: type label: Type schema: type: string default: "" enum: - value: "" description: Console - value: postgresql description: postgresql - value: csv description: csv - value: csv-client description: csv-client - variable: target label: Target schema: type: string show_if: [["type", "!=", "postgresql"]] default: "/var/log/something" - variable: logRetentionDays label: Log Retention Days schema: type: int default: 0 - variable: creationAttempts label: Creation Attempts schema: type: int default: 3 - variable: creationCooldown label: Creation Cooldown schema: type: string default: 2s - variable: k8sgateway group: App Configuration label: k8s-Gateway Configuration schema: additional_attrs: true type: dict attrs: - variable: enabled label: Enable k8s-Gateway description: Enables k8s-Gateway schema: type: boolean default: true show_subquestions_if: true subquestions: - variable: domains label: Domains description: Please refer to CoreDNS docs for options schema: type: list default: [] items: - variable: domainEntry label: "" schema: additional_attrs: true type: dict attrs: - variable: domain label: Domain name schema: type: string required: true default: example.com - variable: dnsChallenge label: Forward dnsChallenge description: Optional configuration option for DNS01 challenge that will redirect all acme schema: additional_attrs: true type: dict attrs: - variable: enabled label: Enable schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: domain label: Forward to Domain schema: type: string required: true default: dns01.clouddns.com - variable: advancedOptions label: Advanced Options schema: type: boolean default: false show_if: [["enabled", "=", true]] show_subquestions_if: true subquestions: - variable: ttl label: ttl description: TTL for non-apex responses (in seconds) schema: type: int default: 300 - variable: watchedResources label: Watched Resources description: imit what kind of resources to watch, e.g. Ingress schema: type: list default: [] items: - variable: watchedResource label: Watched Resource schema: type: string default: "" - variable: secondary label: Secondary DNS Server Service description: Service name of a secondary DNS server (should be serviceName.namespace) schema: type: string default: "" - variable: apex label: Apex description: Override the default `serviceName.namespace` domain apex schema: type: string default: "" # Include{containerConfig} # Include{podOptions} # Include{serviceRoot} - variable: dns label: DNS Service description: The DNS service schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: dns label: DNS Port Configuration schema: additional_attrs: true type: dict attrs: - variable: port label: Port description: This port exposes the container port on the service schema: type: int default: 53 required: true - variable: dot label: DoT Service description: "DNS-over-TLS service" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorClusterIP} # Include{serviceSelectorExtras} - variable: dot label: DoT Port Configuration schema: additional_attrs: true type: dict attrs: - variable: port label: Port description: This port exposes the container port on the service schema: type: int default: 853 required: true # Include{serviceExpertRoot} # Include{serviceExpert} # Include{serviceList} # Include{persistenceList} # Include{ingressRoot} - variable: main label: Main Ingress schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressAdvanced} # Include{ingressList} # Include{securityContextRoot} - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 568 - variable: runAsGroup label: "runAsGroup" description: "The groupID of the user running the application" schema: type: int default: 568 # Include{securityContextContainer} # Include{securityContextAdvanced} # Include{securityContextPod} - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 568 # Include{resources} # Include{postgresql} # Include{metrics} # Include{prometheusRule} # Include{advanced} # Include{addons} # Include{codeserver} # Include{netshoot} # Include{vpn} # Include{documentation}