From 1d3dd77ac3a2bab9360f3c11e3f33161d451ef54 Mon Sep 17 00:00:00 2001 From: Alexey Belaytzev Date: Mon, 30 Jan 2023 13:26:03 +0300 Subject: [PATCH] Update version to v0.107.22 and config --- AdGuardHome.yaml | 193 ++++++++++++++++++++++++++++++++++++--------- Dockerfile | 2 +- docker-compose.yml | 1 - 3 files changed, 155 insertions(+), 41 deletions(-) diff --git a/AdGuardHome.yaml b/AdGuardHome.yaml index 3c777ab..66df461 100644 --- a/AdGuardHome.yaml +++ b/AdGuardHome.yaml @@ -4,54 +4,73 @@ beta_bind_port: 0 users: - name: homeadguard password: $2y$10$/NwRxjsTFpMyyJGrnrDgZ.BjS1lJtq6Yuu0Y1yJNPs4BO4MZMxZli +auth_attempts: 5 +block_auth_min: 15 http_proxy: "" -language: "" -rlimit_nofile: 0 +language: en debug_pprof: false web_session_ttl: 720 dns: - bind_host: 0.0.0.0 + bind_hosts: + - 0.0.0.0 port: 53 - statistics_interval: 30 + statistics_interval: 7 querylog_enabled: true querylog_file_enabled: true - querylog_interval: 30 + querylog_interval: 24h querylog_size_memory: 1000 anonymize_client_ip: false protection_enabled: true - blocking_mode: refused + blocking_mode: default blocking_ipv4: "" blocking_ipv6: "" blocked_response_ttl: 10 parental_block_host: family-block.dns.adguard.com safebrowsing_block_host: standard-block.dns.adguard.com - ratelimit: 20 + ratelimit: 1000 ratelimit_whitelist: [] refuse_any: true upstream_dns: - - tls://doh.mullvad.net #Mullvad - - tls://dns.quad9.net #Quad9 DNS + - tls://doh.mullvad.net + - tls://dns.quad9.net + - tls://dot.seby.io + - tls://getdnsapi.net + - tls://unicast.censurfridns.dk + - tls://dnsforge.de + - quic://dnsforge.de:853 + - tls://dot1.applied-privacy.net + - tls://dot.tiar.app + - quic://doh.tiar.app upstream_dns_file: "" bootstrap_dns: - - '9.9.9.10' #Quad9 DNS - - '149.112.112.112' #Quad9 DNS + - 9.9.9.9 + - 149.112.112.112 + - 145.100.185.15 all_servers: false fastest_addr: false + fastest_timeout: 1s allowed_clients: [] disallowed_clients: [] blocked_hosts: - - version.bind - - id.server - - hostname.bind - cache_size: 4194304 + - version.bind + - id.server + - hostname.bind + trusted_proxies: + - 127.0.0.0/8 + - ::1/128 + - 10.0.0.0/8 + cache_size: 0 cache_ttl_min: 0 cache_ttl_max: 3600 + cache_optimistic: true bogus_nxdomain: [] aaaa_disabled: false enable_dnssec: false edns_client_subnet: false max_goroutines: 300 + handle_ddr: true ipset: [] + ipset_file: "" filtering_enabled: true filters_update_interval: 24 parental_enabled: false @@ -63,7 +82,12 @@ dns: cache_time: 30 rewrites: [] blocked_services: [] - customresolver: null + upstream_timeout: 10s + private_networks: [] + use_private_ptr_resolvers: true + local_ptr_upstreams: [] + serve_http3: false + use_http3_upstreams: false tls: enabled: false server_name: "" @@ -73,34 +97,115 @@ tls: port_dns_over_quic: 784 port_dnscrypt: 0 dnscrypt_config_file: "" - allow_unencrypted_doh: false - strict_sni_check: false + allow_unencrypted_doh: true certificate_chain: "" private_key: "" certificate_path: "" private_key_path: "" + strict_sni_check: false filters: -- enabled: true - url: https://block.energized.pro/basic/formats/hosts.txt - name: Energized Protection Basic - id: 1 -- enabled: true - url: https://raw.githubusercontent.com/notracking/hosts-blocklists/master/adblock/adblock.txt - name: Notracking blocklist - id: 2 -- enabled: true - url: https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts - name: StevenBlack - id: 3 -- enabled: true - url: https://raw.githubusercontent.com/bongochong/CombinedPrivacyBlockLists/master/newhosts-final.hosts - name: Combined Privacy Block Lists - id: 4 + - enabled: true + url: https://easylist-downloads.adblockplus.org/ruadlist+easylist.txt + name: EasyList Russian + id: 1669459410 + - enabled: true + url: https://easylist-downloads.adblockplus.org/ruadlist.txt + name: RuAdList + id: 1669459412 + - enabled: true + url: https://filters.adtidy.org/extension/chromium/filters/1.txt + name: AdGuard Russian filter + id: 1669459413 + - enabled: true + url: https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt + name: Lightswitch05's + id: 1670425174 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_24.txt + name: 1Hosts (Lite) + id: 1671129583 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_27.txt + name: OISD Blocklist Full + id: 1671129585 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_32.txt + name: The NoTracking blocklist + id: 1671129586 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_4.txt + name: Dan Pollock's List + id: 1671129589 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_2.txt + name: AdAway Default Blocklist + id: 1671129590 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_26.txt + name: 'TUR: turk-adlist' + id: 1671129591 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_3.txt + name: Peter Lowe's Blocklist + id: 1671129592 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_10.txt + name: Scam Blocklist by DurableNapkin + id: 1671129593 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_11.txt + name: Malicious URL Blocklist (URLHaus) + id: 1671129594 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_33.txt + name: Steven Black's List + id: 1671129595 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_9.txt + name: The Big List of Hacked Malware Web Sites + id: 1671129596 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_31.txt + name: Stalkerware Indicators List + id: 1671129597 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_30.txt + name: Phishing URL Blocklist (PhishTank and OpenPhish) + id: 1671129598 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_12.txt + name: Dandelion Sprout's Anti-Malware List + id: 1671129599 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_8.txt + name: NoCoin Filter List + id: 1671129600 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_7.txt + name: Perflyst and Dandelion Sprout's Smart-TV Blocklist + id: 1671129601 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_23.txt + name: WindowsSpyBlocker - Hosts spy rules + id: 1671129603 + - enabled: true + url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt + name: AdGuard DNS filter + id: 1671536977 + - enabled: true + url: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/light.txt + name: HaGeZi's Light DNS Blocklist + id: 1672151128 + - enabled: true + url: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/adblock/doh-vpn-proxy-bypass.txt + name: HaGeZi's Enyrypted DNS/VPN/TOR/Proxy Bypass DNS Blocklist + id: 1672151129 whitelist_filters: [] user_rules: [] dhcp: enabled: false interface_name: "" + local_domain_name: lan dhcpv4: gateway_ip: "" subnet_mask: "" @@ -114,12 +219,22 @@ dhcp: lease_duration: 86400 ra_slaac_only: false ra_allow_slaac: false -clients: [] -log_compress: false -log_localtime: false +clients: + runtime_sources: + whois: true + arp: true + rdns: true + dhcp: true + hosts: true +log_file: "" log_max_backups: 0 log_max_size: 100 log_max_age: 3 -log_file: "" +log_compress: false +log_localtime: false verbose: false -schema_version: 7 +os: + group: "" + user: "" + rlimit_nofile: 0 +schema_version: 14 diff --git a/Dockerfile b/Dockerfile index 2c59fea..f60c9d9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM adguard/adguardhome:v0.106.2 +FROM adguard/adguardhome:v0.107.22 COPY AdGuardHome.yaml /opt/adguardhome/conf/AdGuardHome.yaml diff --git a/docker-compose.yml b/docker-compose.yml index 9e0e261..9343c2f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,7 +17,6 @@ services: volumes: - './data/work:/opt/adguardhome/work' dns: - - 1.1.1.1 - 208.67.222.222 - 9.9.9.10 logging: