Skip to content

Commit

Permalink
add(adguard-home)
Browse files Browse the repository at this point in the history
  • Loading branch information
@Nold360
nold authored and Nold360 committed Apr 8, 2023
1 parent be98e7b commit ced035e
Show file tree
Hide file tree
Showing 5 changed files with 341 additions and 0 deletions.
30 changes: 30 additions & 0 deletions charts/adguard-home/.helmignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
# OWNERS file for Kubernetes
OWNERS

# helm-docs templates
*.gotmpl

# helm unit tests
tests/
21 changes: 21 additions & 0 deletions charts/adguard-home/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
---
apiVersion: v2
description: DNS proxy as ad-blocker for local network
name: adguard-home
version: 1.0.0
kubeVersion: ">=1.22.0-0"
maintainers:
- name: nold
email: [email protected]
sources:
- https://github.com/AdguardTeam/AdGuardHome
home: https://github.com/lib42/charts
icon: https://avatars.githubusercontent.com/u/8361145
dependencies:
- name: common
repository: https://bjw-s.github.io/helm-charts
version: 1.3.2
keywords:
- adguard-home
- adblock
- dns
5 changes: 5 additions & 0 deletions charts/adguard-home/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# Adguard-Home

Helm Chart for adguard-home. See `values.yaml` for exampe values.

Based on: [bjw-s common chart](https://github.com/bjw-s/helm-charts/tree/main/charts/library/common)
31 changes: 31 additions & 0 deletions charts/adguard-home/templates/common.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
---
{{- include "bjw-s.common.loader.init" . }}

{{- define "app.hardcodedValues" -}}
initContainers:
# -- Configures an initContainer that copies the configmap to the AdGuardHome conf directory
# It does NOT overwrite when the file already exists.
copy-configmap:
image: busybox
imagePullPolicy: IfNotPresent
command:
- "sh"
- "-c"
- |
if [ ! -f /opt/adguardhome/conf/AdGuardHome.yaml ]; then
mkdir -p /opt/adguardhome/conf
cp /tmp/AdGuardHome.yaml /opt/adguardhome/conf/AdGuardHome.yaml
fi
volumeMounts:
- name: configmap
mountPath: /tmp/AdGuardHome.yaml
subPath: AdGuardHome.yaml
- name: config
mountPath: /opt/adguardhome/conf
securityContext:
runAsUser: 0
{{- end -}}
{{- $_ := mergeOverwrite .Values (include "app.hardcodedValues" . | fromYaml) -}}

{{/* Render the templates */}}
{{ include "bjw-s.common.loader.generate" . }}
254 changes: 254 additions & 0 deletions charts/adguard-home/values.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,254 @@
image:
repository: adguard/adguardhome
tag: v0.107.26
pullPolicy: IfNotPresent

env:
# -- Set the container timezone
TZ: UTC

ingress:
main:
enabled: false
annotations: {}
#cert-manager.io/cluster-issuer: vault-issuer
#traefik.ingress.kubernetes.io/router.tls: 'true'
hosts:
- host: adguard.home
paths:
- path: /
pathType: Prefix
tls: []
# - secretName: adguard-tls
# hosts:
# - adguard.home

# -- arguments passed to the adguard-home command line.
args:
- "--config"
- "/opt/adguardhome/conf/AdGuardHome.yaml"
- "--work-dir"
- "/opt/adguardhome/work"
- "--no-check-update"

service:
main:
primary: true
ports:
http:
port: 3000
dns-tcp:
enabled: true
type: NodePort
ports:
dns-tcp:
enabled: true
port: 53
protocol: TCP
targetPort: 53
externalTrafficPolicy: Local
dns-udp:
enabled: true
type: NodePort
ports:
dns-udp:
enabled: true
port: 53
protocol: UDP
targetPort: 53
externalTrafficPolicy: Local

persistence:
config:
enabled: true
mountPath: /opt/adguardhome/conf
accessMode: ReadWriteOnce
size: 1Gi
configmap:
enabled: true
type: configMap
name: '{{ include "bjw-s.common.lib.chart.names.fullname" $ }}-config'
data:
enabled: false
mountPath: /opt/adguardhome/work

# config -- AdGuard Home configuration. For a full list of options see https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration.
configMaps:
configmap:
enabled: true
data:
AdGuardHome.yaml: |
bind_host: 0.0.0.0
bind_port: 3000
beta_bind_port: 0
users: []
auth_attempts: 5
block_auth_min: 15
http_proxy: ""
language: ""
debug_pprof: false
web_session_ttl: 720
dns:
bind_hosts:
- 0.0.0.0
port: 53
statistics_interval: 1
querylog_enabled: true
querylog_file_enabled: true
querylog_interval: 2160h
querylog_size_memory: 1000
anonymize_client_ip: false
protection_enabled: true
blocking_mode: default
blocking_ipv4: ""
blocking_ipv6: ""
blocked_response_ttl: 10
parental_block_host: family-block.dns.adguard.com
safebrowsing_block_host: standard-block.dns.adguard.com
ratelimit: 20
ratelimit_whitelist: []
refuse_any: true
upstream_dns:
- https://dns10.quad9.net/dns-query
upstream_dns_file: ""
bootstrap_dns:
- 9.9.9.10
- 149.112.112.10
- 2620:fe::10
- 2620:fe::fe:10
all_servers: false
fastest_addr: false
fastest_timeout: 1s
allowed_clients: []
disallowed_clients: []
blocked_hosts:
- version.bind
- id.server
- hostname.bind
trusted_proxies:
- 127.0.0.0/8
- ::1/128
cache_size: 4194304
cache_ttl_min: 0
cache_ttl_max: 0
cache_optimistic: false
bogus_nxdomain: []
aaaa_disabled: false
enable_dnssec: false
edns_client_subnet: false
max_goroutines: 300
ipset: []
filtering_enabled: true
filters_update_interval: 24
parental_enabled: false
safesearch_enabled: false
safebrowsing_enabled: false
safebrowsing_cache_size: 1048576
safesearch_cache_size: 1048576
parental_cache_size: 1048576
cache_time: 30
rewrites: []
blocked_services: []
upstream_timeout: 10s
private_networks: []
use_private_ptr_resolvers: true
local_ptr_upstreams: []
tls:
enabled: false
server_name: ""
force_https: false
port_https: 443
port_dns_over_tls: 853
port_dns_over_quic: 853
port_dnscrypt: 0
dnscrypt_config_file: ""
allow_unencrypted_doh: false
strict_sni_check: false
certificate_chain: ""
private_key: ""
certificate_path: ""
private_key_path: ""
filters:
- enabled: true
url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
name: AdGuard DNS filter
id: 1
- enabled: false
url: https://adaway.org/hosts.txt
name: AdAway Default Blocklist
id: 2
whitelist_filters: []
user_rules: []
dhcp:
enabled: false
interface_name: ""
local_domain_name: lan
dhcpv4:
gateway_ip: ""
subnet_mask: ""
range_start: ""
range_end: ""
lease_duration: 86400
icmp_timeout_msec: 1000
options: []
dhcpv6:
range_start: ""
lease_duration: 86400
ra_slaac_only: false
ra_allow_slaac: false
clients:
runtime_sources:
whois: true
arp: true
rdns: true
dhcp: true
hosts: true
persistent: []
log_compress: false
log_localtime: false
log_max_backups: 0
log_max_size: 100
log_max_age: 3
log_file: ""
verbose: false
os:
group: ""
user: ""
rlimit_nofile: 0
schema_version: 14
# # When using adguard-exporter:
# podAnnotations:
# prometheus.io/scrape: "true"
# prometheus.io/port: "9617"
# prometheus.io/path: "/metrics"

# # See: https://github.com/ebrianne/adguard-exporter
# additionalContainers:
# adguard-exporter:
# image: ebrianne/adguard-exporter:latest
# env:
# - name: adguard_protocol
# value: "http"
# - name: adguard_hostname
# value: '127.0.0.1'
# - name: adguard_username
# value: admin
# - name: adguard_password
# value: ""
# - name: adguard_port
# value: "3000"
# - name: interval
# value: "10s"
# - name: log_limit
# value: "10000"
# - name: server_port
# value: 9617
# securityContext:
# # runAsNonRoot: true
# privileged: false
# readOnlyRootFilesystem: true
# allowPrivilegeEscalation: false
# capabilities:
# drop:
# - ALL

0 comments on commit ced035e

Please sign in to comment.