From 60a1d0b83f68ab79f99e14b42f962ae9fa7fdbea Mon Sep 17 00:00:00 2001
From: Konrad Malik <konrad.malik@gmail.com>
Date: Thu, 14 Nov 2024 14:42:57 +0100
Subject: [PATCH] feat: enable blocky for rpis

---
 hosts/common/modules/blocky.nix | 37 +++++++++++++++++++++++++++++++++
 hosts/rpi4-1/default.nix        |  3 +++
 hosts/rpi4-2/default.nix        |  1 +
 3 files changed, 41 insertions(+)
 create mode 100644 hosts/common/modules/blocky.nix

diff --git a/hosts/common/modules/blocky.nix b/hosts/common/modules/blocky.nix
new file mode 100644
index 00000000..748c0c73
--- /dev/null
+++ b/hosts/common/modules/blocky.nix
@@ -0,0 +1,37 @@
+{
+  services.blocky = {
+    enable = true;
+    settings = {
+      ports = {
+        dns = 53;
+        http = 4000;
+      };
+      upstreams = {
+        groups = {
+          default = [
+            "1.1.1.1"
+            "9.9.9.9"
+            "8.8.8.8"
+          ];
+        };
+      };
+      blocking = {
+        denylists = {
+          ads = [
+            "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt"
+            "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"
+          ];
+          fakenews = [
+            "https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews/hosts"
+          ];
+        };
+        clientGroupsBlock = {
+          default = [
+            "ads"
+            "fakenews"
+          ];
+        };
+      };
+    };
+  };
+}
diff --git a/hosts/rpi4-1/default.nix b/hosts/rpi4-1/default.nix
index d423bb30..43ccafcd 100644
--- a/hosts/rpi4-1/default.nix
+++ b/hosts/rpi4-1/default.nix
@@ -2,6 +2,7 @@
 {
   imports = [
     ./hardware-configuration.nix
+    ./../common/blocky.nix
     ./../common/nixos.nix
   ];
 
@@ -9,6 +10,8 @@
 
   networking.firewall.enable = false;
 
+  services.blocky.enable = true;
+
   konrad.services = {
     autoupgrade = {
       enable = true;
diff --git a/hosts/rpi4-2/default.nix b/hosts/rpi4-2/default.nix
index cf737ebb..9eb0e502 100644
--- a/hosts/rpi4-2/default.nix
+++ b/hosts/rpi4-2/default.nix
@@ -1,6 +1,7 @@
 {
   imports = [
     ./hardware-configuration.nix
+    ./../common/modules/blocky.nix
     ./../common/nixos.nix
   ];