From 2532a967e000c4fd3d24a0d1ca667db4e980035a Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Mon, 20 Nov 2023 13:44:21 +0100
Subject: [PATCH] feat(dns): Add dns blocklists

This patch should integrate some upstream blocklists from pihole. This
is mainly an experiment, testing whether it's worth exploring these
blocklists further. Since quad9 should already take care of a lot of it,
it shouldn't matter too much.
---
 apps/k8s01/dns/dns.yaml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/apps/k8s01/dns/dns.yaml b/apps/k8s01/dns/dns.yaml
index 45001becb..94f098b10 100644
--- a/apps/k8s01/dns/dns.yaml
+++ b/apps/k8s01/dns/dns.yaml
@@ -21,6 +21,16 @@ data:
       - https://1.1.1.1/dns-query
       - tcp+udp:9.9.9.9
     startVerifyUpstream: true
+    blocking:
+      clientGroupsBlock:
+        default:
+          - pihole
+      blackLists:
+        pihole:
+        - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
+        - http://sysctl.org/cameleon/hosts
+        - https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
+        - https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
     caching:
       minTime: 5m
       maxItemsCount: 262144
-- 
GitLab