Initial commit

author: Nantha Sorubakanthan <nantha@mielota.com> 2026-04-13 21:45:43 +0200
committer: Nantha Sorubakanthan <nantha@mielota.com> 2026-04-13 21:45:43 +0200
commit: 0c913f1e421b9d47c052350c4c1d619e4ac6a297 (patch)
tree: c9124ff04b9252836221c41d2ca2fa133d166251 /debian13/opt/blocky/blocky.yml
1 files changed, 50 insertions, 0 deletions
diff --git a/debian13/opt/blocky/blocky.yml b/debian13/opt/blocky/blocky.yml
new file mode 100644
index 0000000..a4420ac
--- /dev/null
+++ b/debian13/opt/blocky/blocky.yml
@@ -0,0 +1,50 @@
+upstreams:
+  init:
+    strategy: blocking
+  groups:
+    default:
+      - tcp-tls:dns.quad9.net
+      - tcp-tls:dns.mullvad.net
+
+ports:
+  dns: 53
+  http: 4000
+  tls: 853
+
+customDNS:
+  filterUnmappedTypes: false
+
+blocking:
+  denylists:
+    ads:
+      - https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
+      - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
+      - http://sysctl.org/cameleon/hosts
+      - https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
+    nsfw:
+      - https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/nsfw-onlydomains.txt
+  clientGroupsBlock:
+    default:
+      - ads
+      - nsfw
+  blockType: zeroIp
+  loading:
+    refreshPeriod: 24h
+    strategy: blocking
+
+minTlsServeVersion: 1.3
+
+bootstrapDns:
+  - upstream: tcp-tls:dns.quad9.net
+    ips:
+      - 9.9.9.9
+  - upstream: tcp-tls:dns.mullvad.net
+    ips:
+      - 194.242.2.2
+
+certFile: /opt/blocky/certs/fullchain.pem
+keyFile: /opt/blocky/certs/privkey.pem
+
+log:
+  level: warn
+  privacy: true
author	Nantha Sorubakanthan <nantha@mielota.com>	2026-04-13 21:45:43 +0200
committer	Nantha Sorubakanthan <nantha@mielota.com>	2026-04-13 21:45:43 +0200
commit	0c913f1e421b9d47c052350c4c1d619e4ac6a297 (patch)
tree	c9124ff04b9252836221c41d2ca2fa133d166251 /debian13/opt/blocky/blocky.yml