parent
8429cc4ffd
commit
6532d3417e
@ -0,0 +1,40 @@ |
||||
{ config, lib, pkgs, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
cfg = config.services.blocky; |
||||
|
||||
format = pkgs.formats.yaml { }; |
||||
configFile = format.generate "config.yaml" cfg.settings; |
||||
in |
||||
{ |
||||
options.services.blocky = { |
||||
enable = mkEnableOption "Fast and lightweight DNS proxy as ad-blocker for local network with many features"; |
||||
|
||||
settings = mkOption { |
||||
type = format.type; |
||||
default = { }; |
||||
description = '' |
||||
Blocky configuration. Refer to |
||||
<link xlink:href="https://0xerr0r.github.io/blocky/configuration/"/> |
||||
for details on supported values. |
||||
''; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
systemd.services.blocky = { |
||||
description = "A DNS proxy and ad-blocker for the local network"; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
|
||||
serviceConfig = { |
||||
DynamicUser = true; |
||||
ExecStart = "${pkgs.blocky}/bin/blocky --config ${configFile}"; |
||||
|
||||
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]; |
||||
CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ]; |
||||
}; |
||||
}; |
||||
}; |
||||
} |
@ -0,0 +1,34 @@ |
||||
import ./make-test-python.nix { |
||||
name = "blocky"; |
||||
|
||||
nodes = { |
||||
server = { pkgs, ... }: { |
||||
environment.systemPackages = [ pkgs.dnsutils ]; |
||||
services.blocky = { |
||||
enable = true; |
||||
|
||||
settings = { |
||||
customDNS = { |
||||
mapping = { |
||||
"printer.lan" = "192.168.178.3,2001:0db8:85a3:08d3:1319:8a2e:0370:7344"; |
||||
}; |
||||
}; |
||||
upstream = { |
||||
default = [ "8.8.8.8" "1.1.1.1" ]; |
||||
}; |
||||
port = 53; |
||||
httpPort = 5000; |
||||
logLevel = "info"; |
||||
}; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
testScript = '' |
||||
with subtest("Service test"): |
||||
server.wait_for_unit("blocky.service") |
||||
server.wait_for_open_port(53) |
||||
server.wait_for_open_port(5000) |
||||
server.succeed("dig @127.0.0.1 +short -x 192.168.178.3 | grep -qF printer.lan") |
||||
''; |
||||
} |
Loading…
Reference in new issue