From bf41705208648a696d4c0b96976ab94e613a8fdc Mon Sep 17 00:00:00 2001
From: Benoit <forgejo@benoit.jp.net>
Date: Thu, 21 Nov 2024 20:56:04 +0900
Subject: [PATCH] Adguard: Init

---
 cfg/jobs/adguard.run                  | 51 +++++++++++++++++++++++++++
 run/adguard/workspace/adguard.service | 25 +++++++++++++
 2 files changed, 76 insertions(+)
 create mode 100755 cfg/jobs/adguard.run
 create mode 100644 run/adguard/workspace/adguard.service

diff --git a/cfg/jobs/adguard.run b/cfg/jobs/adguard.run
new file mode 100755
index 0000000..6954bb3
--- /dev/null
+++ b/cfg/jobs/adguard.run
@@ -0,0 +1,51 @@
+#!/bin/env bash
+# Upstream doc: https://adguard-dns.io/kb/adguard-home/getting-started/
+set -euxo pipefail
+
+IMAGE="ubuntu/24.04"
+DIST="${IMAGE%%/*}"
+VER="${IMAGE#*/}"
+VER="${VER%/*}"
+VER="${VER//./-}"
+UPSTREAM_VER="0.107.54"
+UPSTREAM_VER_DASH="${UPSTREAM_VER//./-}"
+UPSTREAM_NAME="adguard"
+SERIAL="1benoitjpnet"
+CNAME="$UPSTREAM_NAME-$UPSTREAM_VER_DASH-$SERIAL-$DIST-$VER"
+ALIAS="$UPSTREAM_NAME-$UPSTREAM_VER-$SERIAL"
+
+cd "$WORKSPACE"
+incus launch images:$IMAGE "$CNAME" --quiet
+
+wait_network "$CNAME"
+
+incus exec "$CNAME" -- bash -c '
+apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends wget
+
+adduser \
+  --system \
+  --shell /bin/bash \
+  --gecos "AdGuard Home DNS Server" \
+  --group \
+  --disabled-password \
+  --home /opt/adguard \
+  adguard
+
+cd /tmp && \
+wget --quiet https://github.com/AdguardTeam/AdGuardHome/releases/download/v'"$UPSTREAM_VER"'/AdGuardHome_linux_amd64.tar.gz && \
+tar -xzf AdGuardHome_linux_amd64.tar.gz -C /opt/adguard --strip-components=1 && \
+rm AdGuardHome_linux_amd64.tar.gz
+
+install -d -m 755 -o adguard -g adguard /opt/adguard/{data,config}
+'
+
+incus file push adguard.service "$CNAME"/etc/systemd/system/
+incus exec "$CNAME" -- systemctl enable adguard
+
+laminarc run incus_publish \
+  CNAME="$CNAME" \
+  UPSTREAM=$UPSTREAM_NAME \
+  UPSTREAM_VER=$UPSTREAM_VER \
+  IMAGE=$IMAGE \
+  SERIAL=$SERIAL \
+  ALIAS=$ALIAS
diff --git a/run/adguard/workspace/adguard.service b/run/adguard/workspace/adguard.service
new file mode 100644
index 0000000..331014e
--- /dev/null
+++ b/run/adguard/workspace/adguard.service
@@ -0,0 +1,25 @@
+[Unit]
+Description=AdGuard Home: Network-level blocker
+ConditionFileIsExecutable=/opt/adguard/AdGuardHome
+
+After=syslog.target network-online.target
+
+[Service]
+User=adguard
+Group=adguard
+StartLimitInterval=5
+StartLimitBurst=10
+ExecStart=/tmp/AdGuardHome/AdGuardHome "-s" "run" "-c" "/etc/adguard/adguard.yaml"
+
+WorkingDirectory=/opt/adguard
+
+StandardOutput=journal
+StandardError=journal
+
+Restart=always
+
+RestartSec=10
+EnvironmentFile=-/etc/sysconfig/AdGuardHome
+
+[Install]
+WantedBy=multi-user.target