diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..7a0bff3 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,2 @@ +files/AdGuardHome.yaml filter=git-crypt diff=git-crypt + diff --git a/deploy.py b/deploy.py index 82fff4a..63cd72f 100644 --- a/deploy.py +++ b/deploy.py @@ -126,9 +126,9 @@ files.put( mode='644', ) -files.template( +files.put( name='Push AdGuardHome config', - src='templates/AdGuardHome.yaml.j2', + src='files/AdGuardHome.yaml', dest='/home/adguard/AdGuardHome/AdGuardHome.yaml', mode='640', user='adguard', diff --git a/files/AdGuardHome.yaml b/files/AdGuardHome.yaml new file mode 100644 index 0000000..52ed30a Binary files /dev/null and b/files/AdGuardHome.yaml differ diff --git a/group_data/all.py b/group_data/all.py index aa3e6c5..400267b 100644 --- a/group_data/all.py +++ b/group_data/all.py @@ -1,12 +1,2 @@ -from getpass import getpass - -import privy - -def get_secret(adguard_password): - password = getpass('Please provide the secret password: ') - return privy.peek(adguard_password, password) - -b_app_password = get_secret(b'1$2$LlFa8G5qg1DQqboBzagJywm5bayJ5CRDbVOeXrTPPKU=$Z0FBQUFBQmdDQlotZmYtd183cEE1MHpsbl9IaWlLNUlOdXBkMzhsdzQ0SUNhNXhiMDEwbUJfeUJIT2ctM1JFWm5oMW9IN1pocVFDSDIxN0dSSVRaSzdJdzJNQURPM3hyYVlWOUwxR09aOU9ubU1GbjNvNS1NdFNkWFhsS2tjcTNES0ZRYURjUkhWRGVpQkVuMmo0NTdrck9VTWRfaVVHUmZ3PT0=') -app_password = b_app_password.decode('utf-8') app_user = 'adguard' app_dir = '/home/adguard' diff --git a/templates/AdGuardHome.yaml.j2 b/templates/AdGuardHome.yaml.j2 deleted file mode 100644 index 63fb1aa..0000000 --- a/templates/AdGuardHome.yaml.j2 +++ /dev/null @@ -1,174 +0,0 @@ -bind_host: 0.0.0.0 -bind_port: 80 -beta_bind_port: 0 -users: -- name: benpro - password: {{ host.data.app_password }} -http_proxy: "" -language: "" -rlimit_nofile: 0 -debug_pprof: false -web_session_ttl: 720 -dns: - bind_host: 0.0.0.0 - port: 1053 - statistics_interval: 90 - querylog_enabled: true - querylog_file_enabled: true - querylog_interval: 90 - querylog_size_memory: 1000 - anonymize_client_ip: true - protection_enabled: true - blocking_mode: nxdomain - blocking_ipv4: "" - blocking_ipv6: "" - blocked_response_ttl: 10 - parental_block_host: family-block.dns.adguard.com - safebrowsing_block_host: standard-block.dns.adguard.com - ratelimit: 20 - ratelimit_whitelist: [] - refuse_any: true - upstream_dns: - - https://dns11.quad9.net/dns-query - - https://dns.cloudflare.com/dns-query - - tls://dns-unfiltered.adguard.com - - quic://dns-unfiltered.adguard.com:784 - - tls://dns.google - - tls://public.dns.iij.jp - - tls://dns.nextdns.io - - https://doh.mullvad.net/dns-query - upstream_dns_file: "" - bootstrap_dns: - - 94.140.14.140 - all_servers: false - fastest_addr: false - allowed_clients: [] - disallowed_clients: [] - blocked_hosts: - - version.bind - - id.server - - hostname.bind - cache_size: 4194304 - cache_ttl_min: 0 - cache_ttl_max: 0 - bogus_nxdomain: [] - aaaa_disabled: false - enable_dnssec: true - edns_client_subnet: true - max_goroutines: 50 - ipset: [] - filtering_enabled: true - filters_update_interval: 24 - parental_enabled: false - safesearch_enabled: false - safebrowsing_enabled: false - safebrowsing_cache_size: 1048576 - safesearch_cache_size: 1048576 - parental_cache_size: 1048576 - cache_time: 30 - rewrites: [] - blocked_services: - - facebook - - twitter - - snapchat - - origin - - epic_games - - vk - - mail_ru - - discord - - ok - - tiktok - - 9gag - - hulu - - whatsapp - - wechat - - tinder - - skype - - pinterest - - disneyplus - - qq - - weibo - customresolver: null -tls: - enabled: true - server_name: dns.benpro.fr - force_https: true - port_https: 443 - port_dns_over_tls: 853 - port_dns_over_quic: 784 - port_dnscrypt: 0 - dnscrypt_config_file: "" - allow_unencrypted_doh: false - strict_sni_check: false - certificate_chain: "" - private_key: "" - certificate_path: /home/adguard/fullchain.pem - private_key_path: /home/adguard/privkey.pem -filters: -- enabled: true - url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt - name: AdGuard DNS filter - id: 1 -- enabled: true - url: https://www.malwaredomainlist.com/hostslist/hosts.txt - name: MalwareDomainList.com Hosts List - id: 4 -- enabled: true - url: https://280blocker.net/files/280blocker_domain.txt - name: 'JPN: 280blocker adblock domain lists' - id: 1598087712 -- enabled: true - url: https://raw.githubusercontent.com/AdAway/adaway.github.io/master/hosts.txt - name: AdAway default blocklist - id: 1598087713 -- enabled: true - url: https://raw.githubusercontent.com/notracking/hosts-blocklists/master/adblock/adblock.txt - name: notracking - id: 1598087714 -- enabled: true - url: https://logroid.github.io/adaway-hosts/hosts.txt - name: AdAway Blocking Hosts File for Japan - id: 1598087715 -- enabled: true - url: https://sebsauvage.net/hosts/hosts-adguard - name: Sebsauvage - id: 1598087716 -whitelist_filters: [] -user_rules: -- '@@||links.eml.atlassian.com^$important' -- '@@||t.paypal.com^$important' -- '@@||email.strava.com^$important' -- '||disqus.com^$important' -- '@@||api2.branch.io^$important' -- '@@||www.navitime.co.jp^$important' -- '@@||minexmr.com^$important' -- '@@||secure.rat.rakuten.co.jp^$important' -- '@@||searchapi.agoda.com^$important' -- '@@||analytics.agoda.com^$important' -- '@@||go.menu.jp^$important' -- "" -dhcp: - enabled: false - interface_name: "" - dhcpv4: - gateway_ip: "" - subnet_mask: "" - range_start: "" - range_end: "" - lease_duration: 86400 - icmp_timeout_msec: 1000 - options: [] - dhcpv6: - range_start: "" - lease_duration: 86400 - ra_slaac_only: false - ra_allow_slaac: false -clients: [] -log_compress: false -log_localtime: false -log_max_backups: 0 -log_max_size: 100 -log_max_age: 3 -log_file: "" -verbose: false -schema_version: 7