817 lines
27 KiB
YAML
817 lines
27 KiB
YAML
# Include{groups}
|
|
portals:
|
|
open:
|
|
# Include{portalLink}
|
|
questions:
|
|
# Include{global}
|
|
# Include{credentials}
|
|
# Include{workload}
|
|
# Include{workloadDeployment}
|
|
# Include{replicas1}
|
|
# Include{podSpec}
|
|
# Include{containerMain}
|
|
# Include{containerBasic}
|
|
# Include{containerAdvanced}
|
|
- variable: webUI
|
|
group: App Configuration
|
|
label: WebUI Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: Enable Web UI
|
|
description: Enables Web UI
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: apiURL
|
|
label: API URL
|
|
description: API URL for webUI, including port. Only used when not using ingress
|
|
schema:
|
|
type: string
|
|
default: "http://127.0.0.1:4000"
|
|
- variable: overrideDefaults
|
|
group: App Configuration
|
|
label: Override Default Upstreams
|
|
description: Overrides the predefined DNS server upstream list
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: defaultUpstreams
|
|
label: Default Upstreams
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: upstreamEntry
|
|
label: Upstream Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: upstreams
|
|
group: App Configuration
|
|
label: Upstreams Groups
|
|
description: Refer to
|
|
<br /><a href="https://0xerr0r.github.io/blocky/configuration/#upstream-configuration" target="_blank" rel="noopener noreferrer">https://0xerr0r.github.io/blocky/configuration/#upstream-configuration</a>
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: upstreamsGroupEntry
|
|
label: Upstreams Group Entry
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: name
|
|
label: Group Name
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: upstreams
|
|
label: Upstreams
|
|
schema:
|
|
type: list
|
|
required: true
|
|
default: []
|
|
items:
|
|
- variable: upstreamEntry
|
|
label: upstream Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: bootstrapDns
|
|
group: App Configuration
|
|
label: Bootstrap DNS
|
|
description: Used to resolve upstream DoH and DoT servers that are specified as hostnames.
|
|
<br />Refer to <a href="https://0xerr0r.github.io/blocky/configuration/#bootstrap-dns-configuration" target="_blank" rel="noopener noreferrer">https://0xerr0r.github.io/blocky/configuration/#bootstrap-dns-configuration</a>
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: upstream
|
|
label: Upstream
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: ips
|
|
label: IPs
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: ipEntry
|
|
label: IP Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: additionalBootstrapDns
|
|
group: App Configuration
|
|
label: Additional Bootstrap DNS
|
|
schema:
|
|
type: list
|
|
show_if: [[ "bootstrapDns", "!=", {"upstream": "", "ips": []} ]]
|
|
default: []
|
|
items:
|
|
- variable: additionalBootstrapDnsEntry
|
|
label: Additional Bootstrap DNS Entry
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: upstream
|
|
label: Upstream
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: ips
|
|
label: IPs
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: ipEntry
|
|
label: IP Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: filtering
|
|
group: App Configuration
|
|
label: Filtering
|
|
description: Define one or more DNS query types; all queries with these types will be dropped
|
|
<br />Refer to <a href="https://0xerr0r.github.io/blocky/configuration/#filtering" target="_blank" rel="noopener noreferrer">https://0xerr0r.github.io/blocky/configuration/#filtering</a>
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: queryTypes
|
|
label: Query Types
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: queryTypeEntry
|
|
label: Query Type Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: customDNS
|
|
group: App Configuration
|
|
label: Custom DNS
|
|
description: Define your own domain name to IP mappings.
|
|
<br />Refer to <a href="https://0xerr0r.github.io/blocky/configuration/#custom-dns" target="_blank" rel="noopener noreferrer">https://0xerr0r.github.io/blocky/configuration/#custom-dns</a>
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: customTTL
|
|
label: Custom TTL
|
|
schema:
|
|
type: string
|
|
default: 1h
|
|
- variable: filterUnmappedTypes
|
|
label: Filter Unmapped Types
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: rewrite
|
|
label: Rewrite
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: rewriteEntry
|
|
label: Rewrite Entry
|
|
schema:
|
|
type: dict
|
|
additional_attrs: true
|
|
attrs:
|
|
- variable: in
|
|
label: In
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: out
|
|
label: Out
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: mapping
|
|
label: Mapping
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: mappingEntry
|
|
label: Mapping Entry
|
|
schema:
|
|
type: dict
|
|
additional_attrs: true
|
|
attrs:
|
|
- variable: domain
|
|
label: Domain
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: dnsserver
|
|
label: DNS Server
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: clientLookup
|
|
group: App Configuration
|
|
label: Client Lookup
|
|
description: Blocky can try to resolve a user-friendly client name from the IP address or server URL (DoT and DoH)
|
|
<br />Refer to <a href="https://0xerr0r.github.io/blocky/configuration/#client-name-lookup" target="_blank" rel="noopener noreferrer">https://0xerr0r.github.io/blocky/configuration/#client-name-lookup</a>
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: upstream
|
|
label: Upstream
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: singleNameOrder
|
|
label: Single Name Order
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: singleNameEntry
|
|
label: Single Name Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: clients
|
|
label: Clients
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: clientEntry
|
|
label: Client Entry
|
|
schema:
|
|
type: dict
|
|
additional_attrs: true
|
|
attrs:
|
|
- variable: domain
|
|
label: Domain
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: ips
|
|
label: IPs
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: ipEntry
|
|
label: IP Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: caching
|
|
group: App Configuration
|
|
label: Caching
|
|
description: Refer to
|
|
<br /><a href="https://0xerr0r.github.io/blocky/configuration/#caching" target="_blank" rel="noopener noreferrer">https://0xerr0r.github.io/blocky/configuration/#caching</a>
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: minTime
|
|
label: Min Time
|
|
schema:
|
|
type: string
|
|
default: 5m
|
|
- variable: maxTime
|
|
label: Max Time
|
|
schema:
|
|
type: string
|
|
default: 30m
|
|
- variable: maxItemsCount
|
|
label: Max Items Count
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: prefetching
|
|
label: Prefetching
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: prefetchExpires
|
|
label: Prefetch Expires
|
|
schema:
|
|
type: string
|
|
default: 2h
|
|
- variable: prefetchThreshold
|
|
label: Prefetch Threshold
|
|
schema:
|
|
type: int
|
|
default: 5
|
|
- variable: prefetchMaxItemsCount
|
|
label: Prefetch Max Items Count
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: cacheTimeNegative
|
|
label: Cache Time Negative
|
|
schema:
|
|
type: string
|
|
default: 30m
|
|
- variable: conditional
|
|
group: App Configuration
|
|
label: Conditional
|
|
description: Define which DNS resolver(s) should be used for queries for the particular domain
|
|
<br />Refer to <a href="https://0xerr0r.github.io/blocky/configuration/#conditional-dns-resolution" target="_blank" rel="noopener noreferrer">https://0xerr0r.github.io/blocky/configuration/#conditional-dns-resolution</a>
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: rewrite
|
|
label: Rewrite
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: rewriteEntry
|
|
label: Rewrite Entry
|
|
schema:
|
|
type: dict
|
|
additional_attrs: true
|
|
attrs:
|
|
- variable: in
|
|
label: In
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: out
|
|
label: Out
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: mapping
|
|
label: Mapping
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: mappingEntry
|
|
label: Mapping Entry
|
|
schema:
|
|
type: dict
|
|
additional_attrs: true
|
|
attrs:
|
|
- variable: domain
|
|
label: Domain
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: dnsserver
|
|
label: DNS Server
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: blocking
|
|
group: App Configuration
|
|
label: Blocking
|
|
description: Each black or whitelist can be either a path to the local file or a URL to download. All Urls must be grouped to a group name.
|
|
<br />Refer to <a href="https://0xerr0r.github.io/blocky/configuration/#blocking-and-whitelisting" target="_blank" rel="noopener noreferrer">https://0xerr0r.github.io/blocky/configuration/#blocking-and-whitelisting</a>
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: blockType
|
|
label: Block Type
|
|
description: Set the response should be sent to the client, if a requested query is blocked
|
|
schema:
|
|
type: string
|
|
default: nxDomain
|
|
- variable: blockTTL
|
|
label: Block TTL
|
|
description: Set the TTL for answers to blocked domains
|
|
schema:
|
|
type: string
|
|
default: 6h
|
|
- variable: refreshPeriod
|
|
label: Refresh Period
|
|
description: Set how often blocky should refresh list cache
|
|
schema:
|
|
type: string
|
|
default: 4h
|
|
- variable: downloadTimeout
|
|
label: Download Timeout
|
|
description: Download attempt timeout
|
|
schema:
|
|
type: string
|
|
default: 60s
|
|
- variable: downloadAttempts
|
|
label: Download Attempts
|
|
description: How many download attempts should be performed
|
|
schema:
|
|
type: int
|
|
default: 3
|
|
- variable: downloadCooldown
|
|
label: Download Cooldown
|
|
description: Time between the download attempts
|
|
schema:
|
|
type: string
|
|
default: 2s
|
|
- variable: startStrategy
|
|
label: Start Strategy
|
|
description: |
|
|
blocking: all blocking lists will be loaded before DNS resolution starts.</br>
|
|
failOnError: like blocking but blocky will shut down if any download fails.</br>
|
|
fast: DNS resolution starts immediately without blocking which will be enabled after list load is completed
|
|
schema:
|
|
type: string
|
|
default: blocking
|
|
enum:
|
|
- value: blocking
|
|
description: Blocking
|
|
- value: failOnError
|
|
description: Fail On Error
|
|
- value: fast
|
|
description: Fast
|
|
- variable: processingConcurrency
|
|
label: Processing Concurrency
|
|
description: Sets how many list-groups can be processed at the same time
|
|
schema:
|
|
type: int
|
|
default: 4
|
|
- variable: whitelist
|
|
label: Whitelist
|
|
description: Define whitelists, either URL or file
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: whitelistEntry
|
|
label: Whitelist Group Entry
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: name
|
|
label: Group Name
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: lists
|
|
label: Lists
|
|
schema:
|
|
type: list
|
|
required: true
|
|
default: []
|
|
items:
|
|
- variable: listEntry
|
|
label: List Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: blacklist
|
|
label: Blacklist
|
|
description: Define blacklists, either URL or file
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: blacklistEntry
|
|
label: Blacklist Group Entry
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: name
|
|
label: Group Name
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: lists
|
|
label: Lists
|
|
schema:
|
|
type: list
|
|
required: true
|
|
default: []
|
|
items:
|
|
- variable: listEntry
|
|
label: List Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: clientGroupsBlock
|
|
label: Client Groups Block
|
|
description: Define, which blocking group(s) should be used for which client in your network.
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: clientGroupBlockEntry
|
|
label: Client Group Block Entry
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: name
|
|
label: Client Group Name
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: groups
|
|
label: Groups
|
|
schema:
|
|
type: list
|
|
required: true
|
|
default: []
|
|
items:
|
|
- variable: groupEntry
|
|
label: Group Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: hostsFile
|
|
group: App Configuration
|
|
label: Hosts File
|
|
description: You can enable resolving of entries, located in local hosts file.
|
|
<br />Refer to <a href="https://0xerr0r.github.io/blocky/configuration/#hosts-file" target="_blank" rel="noopener noreferrer">https://0xerr0r.github.io/blocky/configuration/#hosts-file</a>
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: Enabled
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: filePath
|
|
label: File Path
|
|
schema:
|
|
type: string
|
|
default: /etc/hosts
|
|
- variable: hostsTTL
|
|
label: Hosts TTL
|
|
schema:
|
|
type: string
|
|
default: 60m
|
|
- variable: refreshPeriod
|
|
label: Refresh Period
|
|
schema:
|
|
type: string
|
|
default: 30m
|
|
- variable: queryLog
|
|
group: App Configuration
|
|
label: Query Logging configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: type
|
|
label: Type
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: Console
|
|
- value: postgresql
|
|
description: postgresql
|
|
- value: csv
|
|
description: csv
|
|
- value: csv-client
|
|
description: csv-client
|
|
- variable: target
|
|
label: Target
|
|
schema:
|
|
type: string
|
|
show_if: [["type", "!=", "postgresql"]]
|
|
default: "/var/log/something"
|
|
- variable: logRetentionDays
|
|
label: Log Retention Days
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: creationAttempts
|
|
label: Creation Attempts
|
|
schema:
|
|
type: int
|
|
default: 3
|
|
- variable: creationCooldown
|
|
label: Creation Cooldown
|
|
schema:
|
|
type: string
|
|
default: 2s
|
|
- variable: k8sgateway
|
|
group: App Configuration
|
|
label: k8s-Gateway Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: Enable k8s-Gateway
|
|
description: Enables k8s-Gateway
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: domains
|
|
label: Domains
|
|
description: Please refer to CoreDNS docs for options
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: domainEntry
|
|
label: ""
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: domain
|
|
label: Domain name
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: example.com
|
|
- variable: dnsChallenge
|
|
label: Forward dnsChallenge
|
|
description: Optional configuration option for DNS01 challenge that will redirect all acme
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: Enable
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: domain
|
|
label: Forward to Domain
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: dns01.clouddns.com
|
|
- variable: advancedOptions
|
|
label: Advanced Options
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_if: [["enabled", "=", true]]
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: ttl
|
|
label: ttl
|
|
description: TTL for non-apex responses (in seconds)
|
|
schema:
|
|
type: int
|
|
default: 300
|
|
- variable: watchedResources
|
|
label: Watched Resources
|
|
description: imit what kind of resources to watch, e.g. Ingress
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: watchedResource
|
|
label: Watched Resource
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: secondary
|
|
label: Secondary DNS Server Service
|
|
description: Service name of a secondary DNS server (should be serviceName.namespace)
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: apex
|
|
label: Apex
|
|
description: Override the default `serviceName.namespace` domain apex
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
# Include{containerConfig}
|
|
# Include{podOptions}
|
|
# Include{serviceRoot}
|
|
- variable: dns
|
|
label: DNS Service
|
|
description: The DNS service
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorLoadBalancer}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: dns
|
|
label: DNS Port Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: Port
|
|
description: This port exposes the container port on the service
|
|
schema:
|
|
type: int
|
|
default: 53
|
|
required: true
|
|
- variable: dot
|
|
label: DoT Service
|
|
description: "DNS-over-TLS service"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorClusterIP}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: dot
|
|
label: DoT Port Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: Port
|
|
description: This port exposes the container port on the service
|
|
schema:
|
|
type: int
|
|
default: 853
|
|
required: true
|
|
# Include{externalInterfaces}
|
|
|
|
# Include{serviceList}
|
|
# Include{persistenceList}
|
|
# Include{ingressRoot}
|
|
- variable: main
|
|
label: Main Ingress
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{ingressDefault}
|
|
# Include{ingressAdvanced}
|
|
# Include{ingressList}
|
|
# Include{securityContextRoot}
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: "The groupID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
# Include{securityContextContainer}
|
|
# Include{securityContextAdvanced}
|
|
# Include{securityContextPod}
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage."
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
# Include{resources}
|
|
# Include{postgresql}
|
|
# Include{metrics}
|
|
# Include{prometheusRule}
|
|
# Include{advanced}
|
|
# Include{addons}
|
|
# Include{codeserver}
|
|
# Include{netshoot}
|
|
# Include{vpn}
|
|
# Include{documentation}
|