blocky helm release - kubesearch

No introduction found. Create it?

Name	Repo	Stars	Version	Timestamp
blocky	Pumba98/flux2-gitops	70	4.5.0	a month ago
blocky	cbirkenbeul/homelab	45	4.3.0	4 months ago

Name

Repo

Stars

Version

Timestamp

blocky

Pumba98/flux2-gitops

4.5.0

a month ago

blocky

cbirkenbeul/homelab

4.3.0

4 months ago

Key	Types
persistence.config.name (7) `blocky`	string
persistence.config.type (7) `configMap`	string
persistence.config.globalMounts[].path (6) `/app/config.yml`	string
persistence.config.globalMounts[].subPath (6) `config.yml`	string
persistence.config.globalMounts[].readOnly (3) `true`	boolean
persistence.config.enabled (2) `true`	boolean
persistence.config.advancedMounts.blocky.app[].path (1) `/app/config.yml`	string
persistence.config.advancedMounts.blocky.app[].subPath (1) `config.yaml`	string
persistence.lists.globalMounts[].readOnly (1) `true`	boolean
persistence.lists.items[].key (1) `allowlist.txt blocklist.txt`	string
persistence.lists.items[].path (1) `allowlist.txt blocklist.txt`	string
persistence.lists.name (1) `blocky-lists`	string
persistence.lists.type (1) `configMap`	string
persistence.tls.globalMounts[].path (1) `/certs/tls.crt /certs/tls.key`	string
persistence.tls.globalMounts[].subPath (1) `tls.crt tls.key`	string
persistence.tls.name (1) `blocky-tls`	string
persistence.tls.type (1) `secret`	string
service.dns.type (6) `LoadBalancer`	string
service.dns.controller (5) `blocky`	string
service.dns.ports.dns-tcp.port (5) `53`	number
service.dns.ports.dns-tcp.protocol (4) `TCP`	string
service.dns.ports.dns-tcp.enabled (1) `true`	boolean
service.dns.ports.dns-udp.port (5) `53`	number
service.dns.ports.dns-udp.protocol (5) `UDP`	string
service.dns.ports.dns-udp.enabled (1) `true`	boolean
service.dns.ports.dns-tls.port (1) `853`	number
service.dns.ports.http.port (1) `4000`	number
service.dns.ports.http.protocol (1) `TCP`	string
service.dns.ports.tcp.port (1) `53`	number
service.dns.ports.tcp.protocol (1) `TCP`	string
service.dns.ports.udp.port (1) `53`	number
service.dns.ports.udp.protocol (1) `UDP`	string
service.dns.annotations."metallb.io/loadBalancerIPs" (3) `${BLOCKY_IP_ADDRESS}`	string
service.dns.annotations."lbipam.cilium.io/ips" (2) `192.168.10.85`	string
service.dns.annotations."coredns.io/hostname" (1) `dot.${SECRET_DOMAIN}`	string
service.dns.externalTrafficPolicy (3) `Local`	string
service.dns.ipFamilyPolicy (1) `RequireDualStack`	string
service.dns.loadBalancerIP (1) `${LB_IP_BLOCKY_SVC}`	string
service.app.ports.http.port (5) `4000`	number
service.app.ports.http.primary (1) `true`	boolean
service.app.ports.http.protocol (1) `HTTP`	string
service.app.ports.http.targetPort (1) `4000`	number
service.app.ports.dns-tcp.port (1) `53`	number
service.app.ports.dns-tcp.protocol (1) `TCP`	string
service.app.ports.dns-udp.port (1) `53`	number
service.app.ports.dns-udp.protocol (1) `UDP`	string
service.app.controller (4) `blocky`	string
service.app.annotations."lbipam.cilium.io/ips" (1) `fd42:78a5:2c09::53,192.168.0.53`	string
service.app.annotations."metallb.io/loadBalancerIPs" (1) `fd42:78a5:2c09::53,192.168.0.53`	string
service.app.forceRename (1) `blocky`	string
service.app.ipFamilyPolicy (1) `PreferDualStack`	string
service.app.type (1) `LoadBalancer`	string
service.cache.controller (1) `cache`	string
service.cache.ports.http.port (1) `6379`	number
service.internal.clusterIP (1) `2001:cafe:43::c`	string
service.internal.controller (1) `blocky`	string
service.internal.ports.dns-tcp.port (1) `53`	number
service.internal.ports.dns-tcp.protocol (1) `TCP`	string
service.internal.ports.dns-udp.port (1) `53`	number
service.internal.ports.dns-udp.protocol (1) `UDP`	string
service.k8s.clusterIP (1) `${BLOCKY_CLUSTER_IP:-1.1.1.1}`	string
service.k8s.controller (1) `blocky`	string
service.k8s.ports.dns-tcp.port (1) `53`	number
service.k8s.ports.dns-tls.port (1) `853`	number
service.k8s.ports.dns-udp.port (1) `53`	number
service.k8s.ports.dns-udp.protocol (1) `UDP`	string
service.k8s.ports.http.port (1) `4000`	number
service.main.controller (1) `main`	string
service.main.ports.http.port (1) `4000`	number
service.ts.annotations."tailscale.com/hostname" (1) `blocky`	string
service.ts.annotations."tailscale.com/proxy-group" (1) `ingress-proxy`	string
service.ts.controller (1) `blocky`	string
service.ts.ipFamilyPolicy (1) `PreferDualStack`	string
service.ts.loadBalancerClass (1) `tailscale`	string
service.ts.ports.dns-tcp.port (1) `53`	number
service.ts.ports.dns-tcp.protocol (1) `TCP`	string
service.ts.ports.dns-udp.port (1) `53`	number
service.ts.ports.dns-udp.protocol (1) `UDP`	string
service.ts.ports.http.port (1) `80`	number
service.ts.ports.http.primary (1) `true`	boolean
service.ts.ports.http.targetPort (1) `4000`	number
service.ts.type (1) `LoadBalancer`	string
controllers.blocky.replicas (5) `2`	number
controllers.blocky.strategy (5) `RollingUpdate`	string
controllers.blocky.containers.app.image.repository (4) `ghcr.io/0xerr0r/blocky`	string
controllers.blocky.containers.app.image.tag (4) `v0.28.2@sha256:5f84a54e4ee950c4ab21db905b7497476ece2f4e1a376d23ab8c4855cabddcba`	string
controllers.blocky.containers.app.probes.liveness.custom (3) `true`	boolean
controllers.blocky.containers.app.probes.liveness.enabled (3) `true`	boolean
controllers.blocky.containers.app.probes.liveness.spec.exec.command[] (2) `- /app/blocky - healthcheck`	string
controllers.blocky.containers.app.probes.liveness.spec.failureThreshold (2) `3`	number
controllers.blocky.containers.app.probes.liveness.spec.initialDelaySeconds (2) `15`	number
controllers.blocky.containers.app.probes.liveness.spec.periodSeconds (2) `10`	number
controllers.blocky.containers.app.probes.liveness.spec.timeoutSeconds (2) `1`	number
controllers.blocky.containers.app.probes.liveness.spec.tcpSocket.port (1) `53`	number
controllers.blocky.containers.app.probes.readiness.custom (3) `true`	boolean
controllers.blocky.containers.app.probes.readiness.enabled (3) `true`	boolean
controllers.blocky.containers.app.probes.readiness.spec.exec.command[] (2) `- /app/blocky - healthcheck`	string
controllers.blocky.containers.app.probes.readiness.spec.failureThreshold (2) `3`	number
controllers.blocky.containers.app.probes.readiness.spec.initialDelaySeconds (2) `15`	number
controllers.blocky.containers.app.probes.readiness.spec.periodSeconds (2) `10`	number
controllers.blocky.containers.app.probes.readiness.spec.timeoutSeconds (2) `1`	number
controllers.blocky.containers.app.probes.readiness.spec.tcpSocket.port (1) `53`	number
controllers.blocky.containers.app.probes.startup.custom (1) `true`	boolean
controllers.blocky.containers.app.probes.startup.enabled (1) `true`	boolean
controllers.blocky.containers.app.probes.startup.spec.exec.command[] (1) `- /app/blocky - healthcheck`	string
controllers.blocky.containers.app.resources.limits.memory (3) `512Mi`	string
controllers.blocky.containers.app.resources.limits.cpu (1) `1`	number
controllers.blocky.containers.app.resources.requests.cpu (3) `10m`	string
controllers.blocky.containers.app.resources.requests.memory (3) `128Mi`	string
controllers.blocky.containers.app.securityContext.allowPrivilegeEscalation (3) `false`	boolean
controllers.blocky.containers.app.securityContext.capabilities.add[] (3) `- NET_BIND_SERVICE`	string
controllers.blocky.containers.app.securityContext.capabilities.drop[] (3) `- ALL`	string
controllers.blocky.containers.app.securityContext.readOnlyRootFilesystem (3) `true`	boolean
controllers.blocky.containers.app.env.TZ (2) `${TIMEZONE}`	string
controllers.blocky.containers.main.env.PGCONNECT_TIMEOUT (1) `10`	number
controllers.blocky.containers.main.env.PGDATABASE.valueFrom.secretKeyRef.key (1) `dbname`	string
controllers.blocky.containers.main.env.PGDATABASE.valueFrom.secretKeyRef.name (1) `blocky-db-app`	string
controllers.blocky.containers.main.env.PGHOST.valueFrom.secretKeyRef.key (1) `host`	string
controllers.blocky.containers.main.env.PGHOST.valueFrom.secretKeyRef.name (1) `blocky-db-app`	string
controllers.blocky.containers.main.env.PGPASSWORD.valueFrom.secretKeyRef.key (1) `password`	string
controllers.blocky.containers.main.env.PGPASSWORD.valueFrom.secretKeyRef.name (1) `blocky-db-app`	string
controllers.blocky.containers.main.env.PGPORT.valueFrom.secretKeyRef.key (1) `port`	string
controllers.blocky.containers.main.env.PGPORT.valueFrom.secretKeyRef.name (1) `blocky-db-app`	string
controllers.blocky.containers.main.env.PGUSER.valueFrom.secretKeyRef.key (1) `username`	string
controllers.blocky.containers.main.env.PGUSER.valueFrom.secretKeyRef.name (1) `blocky-db-app`	string
controllers.blocky.containers.main.image.repository (1) `ghcr.io/0xerr0r/blocky`	string
controllers.blocky.containers.main.image.tag (1) `v0.28.2@sha256:5f84a54e4ee950c4ab21db905b7497476ece2f4e1a376d23ab8c4855cabddcba`	string
controllers.blocky.containers.main.probes.liveness.custom (1) `true`	boolean
controllers.blocky.containers.main.probes.liveness.enabled (1) `true`	boolean
controllers.blocky.containers.main.probes.liveness.spec.exec.command[] (1) `- /app/blocky - healthcheck`	string
controllers.blocky.containers.main.probes.readiness.custom (1) `true`	boolean
controllers.blocky.containers.main.probes.readiness.enabled (1) `true`	boolean
controllers.blocky.containers.main.probes.readiness.spec.exec.command[] (1) `- /app/blocky - healthcheck`	string
controllers.blocky.containers.main.resources.limits.memory (1) `512Mi`	string
controllers.blocky.containers.main.resources.requests.cpu (1) `50m`	string
controllers.blocky.containers.main.resources.requests.memory (1) `100Mi`	string
controllers.blocky.containers.main.securityContext.allowPrivilegeEscalation (1) `false`	boolean
controllers.blocky.containers.main.securityContext.capabilities.add[] (1) `- NET_BIND_SERVICE`	string
controllers.blocky.containers.main.securityContext.capabilities.drop[] (1) `- ALL`	string
controllers.blocky.containers.main.securityContext.readOnlyRootFilesystem (1) `true`	boolean
controllers.blocky.pod.securityContext.runAsGroup (3) `65534`	number
controllers.blocky.pod.securityContext.runAsNonRoot (3) `true`	boolean
controllers.blocky.pod.securityContext.runAsUser (3) `65534`	number
controllers.blocky.pod.securityContext.seccompProfile.type (3) `RuntimeDefault`	string
controllers.blocky.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].labelSelector.matchLabels."app.kubernetes.io/instance" (1) `blocky`	string
controllers.blocky.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].topologyKey (1) `kubernetes.io/hostname`	string
controllers.blocky.pod.hostUsers (1) `false`	boolean
controllers.blocky.pod.tolerations[].effect (1) `NoSchedule`	string
controllers.blocky.pod.tolerations[].key (1) `rpi`	string
controllers.blocky.pod.tolerations[].operator (1) `Equal`	string
controllers.blocky.pod.tolerations[].value (1) `true`	string
controllers.blocky.pod.topologySpreadConstraints[].labelSelector.matchLabels."app.kubernetes.io/name" (1) `blocky`	string
controllers.blocky.pod.topologySpreadConstraints[].maxSkew (1) `1`	number
controllers.blocky.pod.topologySpreadConstraints[].topologyKey (1) `kubernetes.io/hostname`	string
controllers.blocky.pod.topologySpreadConstraints[].whenUnsatisfiable (1) `DoNotSchedule`	string
controllers.blocky.annotations."reloader.stakater.com/auto" (2) `true`	string
controllers.blocky.rollingUpdate.surge (2) `1`	number
controllers.blocky.rollingUpdate.unavailable (2) `1`	number
controllers.${APP}.annotations."reloader.stakater.com/auto" (1) `true`	string
controllers.${APP}.containers.app.env.TZ (1) `${TIMEZONE}`	string
controllers.${APP}.containers.app.image.repository (1) `ghcr.io/0xerr0r/blocky`	string
controllers.${APP}.containers.app.image.tag (1) `v0.28.2@sha256:5f84a54e4ee950c4ab21db905b7497476ece2f4e1a376d23ab8c4855cabddcba`	string
controllers.${APP}.containers.app.probes.liveness.custom (1) `true`	boolean
controllers.${APP}.containers.app.probes.liveness.enabled (1) `true`	boolean
controllers.${APP}.containers.app.probes.liveness.spec.failureThreshold (1) `3`	number
controllers.${APP}.containers.app.probes.liveness.spec.initialDelaySeconds (1) `30`	number
controllers.${APP}.containers.app.probes.liveness.spec.periodSeconds (1) `30`	number
controllers.${APP}.containers.app.probes.liveness.spec.tcpSocket.port (1) `53`	number
controllers.${APP}.containers.app.probes.readiness.custom (1) `true`	boolean
controllers.${APP}.containers.app.probes.readiness.enabled (1) `true`	boolean
controllers.${APP}.containers.app.probes.readiness.spec.failureThreshold (1) `3`	number
controllers.${APP}.containers.app.probes.readiness.spec.initialDelaySeconds (1) `30`	number
controllers.${APP}.containers.app.probes.readiness.spec.periodSeconds (1) `30`	number
controllers.${APP}.containers.app.probes.readiness.spec.tcpSocket.port (1) `53`	number
controllers.${APP}.containers.app.probes.startup.enabled (1) `false`	boolean
controllers.${APP}.containers.app.resources.limits.memory (1) `512Mi`	string
controllers.${APP}.containers.app.resources.requests.cpu (1) `10m`	string
controllers.${APP}.containers.app.securityContext.allowPrivilegeEscalation (1) `false`	boolean
controllers.${APP}.containers.app.securityContext.capabilities.add[] (1) `- NET_BIND_SERVICE`	string
controllers.${APP}.containers.app.securityContext.capabilities.drop[] (1) `- ALL`	string
controllers.${APP}.containers.app.securityContext.readOnlyRootFilesystem (1) `true`	boolean
controllers.${APP}.initContainers.init-db.envFrom[].secretRef.name (1) `blocky-secret`	string
controllers.${APP}.initContainers.init-db.image.repository (1) `ghcr.io/home-operations/postgres-init`	string
controllers.${APP}.initContainers.init-db.image.tag (1) `17`	number
controllers.${APP}.pod.securityContext.runAsGroup (1) `568`	number
controllers.${APP}.pod.securityContext.runAsNonRoot (1) `true`	boolean
controllers.${APP}.pod.securityContext.runAsUser (1) `568`	number
controllers.${APP}.strategy (1) `RollingUpdate`	string
controllers.${APP}.type (1) `daemonset`	string
controllers.cache.containers.server.command (1) `redis-server`	string
controllers.cache.containers.server.env.REDIS_REPLICATION_MODE (1) `master`	string
controllers.cache.containers.server.image.repository (1) `public.ecr.aws/docker/library/redis`	string
controllers.cache.containers.server.image.tag (1) `8.4.0@sha256:47200b04138293fae39737e50878a238b13ec0781083126b1b0c63cf5d992e8d`	string
controllers.cache.containers.server.resources.limits.memory (1) `100Mi`	string
controllers.cache.containers.server.resources.requests.cpu (1) `10m`	string
controllers.cache.containers.server.resources.requests.memory (1) `10Mi`	string
controllers.main.annotations."reloader.stakater.com/auto" (1) `true`	string
controllers.main.containers.main.image.repository (1) `ghcr.io/0xerr0r/blocky`	string
controllers.main.containers.main.image.tag (1) `v0.28.2@sha256:5f84a54e4ee950c4ab21db905b7497476ece2f4e1a376d23ab8c4855cabddcba`	string
controllers.main.containers.main.probes.liveness.enabled (1) `true`	boolean
controllers.main.containers.main.probes.readiness.enabled (1) `true`	boolean
controllers.main.containers.main.probes.startup.enabled (1) `true`	boolean
controllers.main.containers.main.probes.startup.spec.failureThreshold (1) `30`	number
controllers.main.containers.main.probes.startup.spec.periodSeconds (1) `5`	number
controllers.main.replicas (1) `2`	number
controllers.main.strategy (1) `RollingUpdate`	string
serviceMonitor.app.endpoints[].path (4) `/metrics`	string
serviceMonitor.app.endpoints[].port (4) `http`	string
serviceMonitor.app.endpoints[].interval (3) `1m`	string
serviceMonitor.app.endpoints[].scheme (3) `http`	string
serviceMonitor.app.endpoints[].scrapeTimeout (3) `10s`	string
serviceMonitor.app.serviceName (3) `blocky`	string
serviceMonitor.app.service.name (1) `blocky-app`	string
serviceMonitor.blocky.endpoints[].port (1) `http`	string
serviceMonitor.blocky.serviceName (1) `blocky-k8s`	string
serviceMonitor.main.enabled (1) `true`	boolean
serviceMonitor.main.endpoints[].interval (1) `30s`	string
serviceMonitor.main.endpoints[].path (1) `/metrics`	string
serviceMonitor.main.endpoints[].port (1) `http`	string
serviceMonitor.main.endpoints[].scrapeTimeout (1) `10s`	string
serviceMonitor.main.serviceName (1) `blocky-app`	string
ingress.app.hosts[].host (2) `{{ .Release.Name }}.${SECRET_DOMAIN}`	string
ingress.app.hosts[].paths[].path (2) `/`	string
ingress.app.hosts[].paths[].service.identifier (2) `app`	string
ingress.app.hosts[].paths[].service.port (2) `http`	string
ingress.app.annotations."cert-manager.io/cluster-issuer" (1) `letsencrypt-production`	string
ingress.app.annotations."hajimari.io/enable" (1) `false`	string
ingress.app.className (1) `internal`	string
ingress.app.enabled (1) `true`	boolean
ingress.app.tls[].hosts[] (1) `- ${APP}.local.${SECRET_DOMAIN}`	string
ingress.app.tls[].secretName (1) `${APP}-tls-production`	string
ingress.main.annotations."kubernetes.io/tls-acme" (1) `true`	string
ingress.main.annotations."nginx.ingress.kubernetes.io/auth-signin" (1) `https://auth.${SECRET_DOMAIN}`	string
ingress.main.annotations."nginx.ingress.kubernetes.io/auth-url" (1) `http://authelia.networking.svc.cluster.local/api/authz/auth-request`	string
ingress.main.className (1) `nginx`	string
ingress.main.hosts[].host (1) `blocky.${SECRET_DOMAIN}`	string
ingress.main.hosts[].paths[].path (1) `/`	string
ingress.main.hosts[].paths[].service.identifier (1) `main`	string
ingress.main.hosts[].paths[].service.port (1) `http`	string
ingress.main.tls[].hosts[] (1) `- blocky.${SECRET_DOMAIN}`	string
ingress.main.tls[].secretName (1) `blocky-tls`	string
configMaps.config.data."config.yml" (1) caching: minTime: 2m maxTime: 1h maxItemsCount: 0 prefetching: true prefetchExpires: 1h prefetchThreshold: 30 prefetchMaxItemsCount: 0 cacheTimeNegative: -1 log: level: info minTlsServeVersion: 1.3 certFile: /certs/tls.crt keyFile: /certs/tls.key ports: dns: 53 tls: 853 http: 4000 prometheus: enable: true conditional: fallbackUpstream: false mapping: ${SECRET_DOMAIN}: ${K8S_GATEWAY_CLUSTER_IP}:53 # House internal: 10.0.30.1:53 0.10.in-addr.arpa: 10.0.30.1:53 # kube cluster.local: ${COREDNS_CLUSTER_IP} 16.172.in-addr.arpa: ${COREDNS_CLUSTER_IP} # ClientLookup is set to blocky so it can conditionally forward it to coredns/apt/house DHCP clientLookup: upstream: 127.0.0.1 clients: localhost: - 127.0.0.1 # To resolve devices behind coredns ecs: useAsClient: true forward: false bootstrapDns: - https://1.1.1.1/dns-query # dnssec: # validate: true # cacheExpirationHours: 2 # clockSkewToleranceSec: 300 upstreams: groups: default: - https://dns.quad9.net/dns-query - https://freedns.controld.com/p0 - https://doh.opendns.com/dns-query - https://cloudflare-dns.com/dns-query blocking: denylists: ads: - https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/multi.txt allowlists: ads: - \| epi-graphql.conde.digital clientGroupsBlock: 10.0.0.0/8: - ads redis: address: dragonfly-db.database.svc.cluster.local:6379 database: 4 connectionAttempts: 10 connectionCooldown: 60s queryLog: # https://github.com/0xERR0R/blocky/issues/1949 # type: timescale type: postgresql logRetentionDays: 90 creationAttempts: 5 creationCooldown: 60s flushInterval: 5s	string
defaultPodOptions.nodeSelector."kubernetes.io/arch" (1) `amd64`	string
defaultPodOptions.securityContext.fsGroup (1) `568`	number
defaultPodOptions.securityContext.runAsGroup (1) `568`	number
defaultPodOptions.securityContext.runAsNonRoot (1) `true`	boolean
defaultPodOptions.securityContext.runAsUser (1) `568`	number
defaultPodOptions.securityContext.seccompProfile.type (1) `RuntimeDefault`	string
defaultPodOptions.shareProcessNamespace (1) `true`	boolean
route.app.annotations."gethomepage.dev/description" (1) `DNS proxy and ad-blocker written in Go`	string
route.app.annotations."gethomepage.dev/enabled" (1) `true`	string
route.app.annotations."gethomepage.dev/group" (1) `Network`	string
route.app.annotations."gethomepage.dev/icon" (1) `blocky`	string
route.app.annotations."gethomepage.dev/name" (1) `Blocky`	string
route.app.hostnames[] (1) `- {{ .Release.Name }}.${CLUSTER_DOMAIN}`	string
route.app.parentRefs[].name (1) `traefik-gateway`	string
route.app.parentRefs[].namespace (1) `traefik`	string
route.app.rules[].backendRefs[].identifier (1) `app`	string
route.app.rules[].filters[].extensionRef.group (1) `traefik.io`	string
route.app.rules[].filters[].extensionRef.kind (1) `Middleware`	string
route.app.rules[].filters[].extensionRef.name (1) `auth-chain`	string
route.app.rules[].filters[].type (1) `ExtensionRef`	string
route.blocky-DOH.annotations."gatus.home-operations.com/endpoint" (1) `url: https://dns.${SECRET_DOMAIN}/dns-query`	string
route.blocky-DOH.hostnames[] (1) `- dns.${SECRET_DOMAIN}`	string
route.blocky-DOH.parentRefs[].name (1) `external`	string
route.blocky-DOH.parentRefs[].namespace (1) `envoy-system`	string
route.blocky-DOH.parentRefs[].sectionName (1) `https`	string
route.blocky-DOH.rules[].backendRefs[].identifier (1) `k8s`	string
route.blocky-DOH.rules[].backendRefs[].port (1) `4000`	number
route.blocky-DOH.rules[].matches[].path.type (1) `PathPrefix`	string
route.blocky-DOH.rules[].matches[].path.value (1) `/dns-query`	string

Key

Types

persistence.config.name (7)

blocky

string

persistence.config.type (7)

configMap

string

persistence.config.globalMounts[].path (6)

/app/config.yml

string

persistence.config.globalMounts[].subPath (6)

config.yml

string

persistence.config.globalMounts[].readOnly (3)

true

boolean

persistence.config.enabled (2)

true

boolean

persistence.config.advancedMounts.blocky.app[].path (1)

/app/config.yml

string

persistence.config.advancedMounts.blocky.app[].subPath (1)

config.yaml

string

persistence.lists.globalMounts[].readOnly (1)

true

boolean

persistence.lists.items[].key (1)

allowlist.txt
blocklist.txt

string

persistence.lists.items[].path (1)

allowlist.txt
blocklist.txt

string

persistence.lists.name (1)

blocky-lists

string

persistence.lists.type (1)

configMap

string

persistence.tls.globalMounts[].path (1)

/certs/tls.crt
/certs/tls.key

string

persistence.tls.globalMounts[].subPath (1)

tls.crt
tls.key

string

persistence.tls.name (1)

blocky-tls

string

persistence.tls.type (1)

secret

string

service.dns.type (6)

LoadBalancer

string

service.dns.controller (5)

blocky

string

service.dns.ports.dns-tcp.port (5)

number

service.dns.ports.dns-tcp.protocol (4)

TCP

string

service.dns.ports.dns-tcp.enabled (1)

true

boolean

service.dns.ports.dns-udp.port (5)

number

service.dns.ports.dns-udp.protocol (5)

UDP

string

service.dns.ports.dns-udp.enabled (1)

true

boolean

service.dns.ports.dns-tls.port (1)

number

service.dns.ports.http.port (1)

number

service.dns.ports.http.protocol (1)

TCP

string

service.dns.ports.tcp.port (1)

number

service.dns.ports.tcp.protocol (1)

TCP

string

service.dns.ports.udp.port (1)

number

service.dns.ports.udp.protocol (1)

UDP

string

service.dns.annotations."metallb.io/loadBalancerIPs" (3)

${BLOCKY_IP_ADDRESS}

string

service.dns.annotations."lbipam.cilium.io/ips" (2)

192.168.10.85

string

service.dns.annotations."coredns.io/hostname" (1)

dot.${SECRET_DOMAIN}

string

service.dns.externalTrafficPolicy (3)

Local

string

service.dns.ipFamilyPolicy (1)

RequireDualStack

string

service.dns.loadBalancerIP (1)

${LB_IP_BLOCKY_SVC}

string

service.app.ports.http.port (5)

number

service.app.ports.http.primary (1)

true

boolean

service.app.ports.http.protocol (1)

HTTP

string

service.app.ports.http.targetPort (1)

number

service.app.ports.dns-tcp.port (1)

number

service.app.ports.dns-tcp.protocol (1)

TCP

string

service.app.ports.dns-udp.port (1)

number

service.app.ports.dns-udp.protocol (1)

UDP

string

service.app.controller (4)

blocky

string

service.app.annotations."lbipam.cilium.io/ips" (1)

fd42:78a5:2c09::53,192.168.0.53

string

service.app.annotations."metallb.io/loadBalancerIPs" (1)

fd42:78a5:2c09::53,192.168.0.53

string

service.app.forceRename (1)

blocky

string

service.app.ipFamilyPolicy (1)

PreferDualStack

string

service.app.type (1)

LoadBalancer

string

service.cache.controller (1)

cache

string

service.cache.ports.http.port (1)

number

service.internal.clusterIP (1)

2001:cafe:43::c

string

service.internal.controller (1)

blocky

string

service.internal.ports.dns-tcp.port (1)

number

service.internal.ports.dns-tcp.protocol (1)

TCP

string

service.internal.ports.dns-udp.port (1)

number

service.internal.ports.dns-udp.protocol (1)

UDP

string

service.k8s.clusterIP (1)

${BLOCKY_CLUSTER_IP:-1.1.1.1}

string

service.k8s.controller (1)

blocky

string

service.k8s.ports.dns-tcp.port (1)

number

service.k8s.ports.dns-tls.port (1)

number

service.k8s.ports.dns-udp.port (1)

number

service.k8s.ports.dns-udp.protocol (1)

UDP

string

service.k8s.ports.http.port (1)

number

service.main.controller (1)

main

string

service.main.ports.http.port (1)

number

service.ts.annotations."tailscale.com/hostname" (1)

blocky

string

service.ts.annotations."tailscale.com/proxy-group" (1)

ingress-proxy

string

service.ts.controller (1)

blocky

string

service.ts.ipFamilyPolicy (1)

PreferDualStack

string

service.ts.loadBalancerClass (1)

tailscale

string

service.ts.ports.dns-tcp.port (1)

number

service.ts.ports.dns-tcp.protocol (1)

TCP

string

service.ts.ports.dns-udp.port (1)

number

service.ts.ports.dns-udp.protocol (1)

UDP

string

service.ts.ports.http.port (1)

number

service.ts.ports.http.primary (1)

true

boolean

service.ts.ports.http.targetPort (1)

number

service.ts.type (1)

LoadBalancer

string

controllers.blocky.replicas (5)

number

controllers.blocky.strategy (5)

RollingUpdate

string

controllers.blocky.containers.app.image.repository (4)

ghcr.io/0xerr0r/blocky

string

controllers.blocky.containers.app.image.tag (4)

v0.28.2@sha256:5f84a54e4ee950c4ab21db905b7497476ece2f4e1a376d23ab8c4855cabddcba

string

controllers.blocky.containers.app.probes.liveness.custom (3)

true

boolean

controllers.blocky.containers.app.probes.liveness.enabled (3)

true

boolean

controllers.blocky.containers.app.probes.liveness.spec.exec.command[] (2)

- /app/blocky
- healthcheck

string

controllers.blocky.containers.app.probes.liveness.spec.failureThreshold (2)

number

controllers.blocky.containers.app.probes.liveness.spec.initialDelaySeconds (2)

number

controllers.blocky.containers.app.probes.liveness.spec.periodSeconds (2)

number

controllers.blocky.containers.app.probes.liveness.spec.timeoutSeconds (2)

number

controllers.blocky.containers.app.probes.liveness.spec.tcpSocket.port (1)

number

controllers.blocky.containers.app.probes.readiness.custom (3)

true

boolean

controllers.blocky.containers.app.probes.readiness.enabled (3)

true

boolean

controllers.blocky.containers.app.probes.readiness.spec.exec.command[] (2)

- /app/blocky
- healthcheck

string

controllers.blocky.containers.app.probes.readiness.spec.failureThreshold (2)

number

controllers.blocky.containers.app.probes.readiness.spec.initialDelaySeconds (2)

number

controllers.blocky.containers.app.probes.readiness.spec.periodSeconds (2)

number

controllers.blocky.containers.app.probes.readiness.spec.timeoutSeconds (2)

number

controllers.blocky.containers.app.probes.readiness.spec.tcpSocket.port (1)

number

controllers.blocky.containers.app.probes.startup.custom (1)

true

boolean

controllers.blocky.containers.app.probes.startup.enabled (1)

true

boolean

controllers.blocky.containers.app.probes.startup.spec.exec.command[] (1)

- /app/blocky
- healthcheck

string

controllers.blocky.containers.app.resources.limits.memory (3)

512Mi

string

controllers.blocky.containers.app.resources.limits.cpu (1)

number

controllers.blocky.containers.app.resources.requests.cpu (3)

10m

string

controllers.blocky.containers.app.resources.requests.memory (3)

128Mi

string

controllers.blocky.containers.app.securityContext.allowPrivilegeEscalation (3)

false

boolean

controllers.blocky.containers.app.securityContext.capabilities.add[] (3)

- NET_BIND_SERVICE

string

controllers.blocky.containers.app.securityContext.capabilities.drop[] (3)

- ALL

string

controllers.blocky.containers.app.securityContext.readOnlyRootFilesystem (3)

true

boolean

controllers.blocky.containers.app.env.TZ (2)

${TIMEZONE}

string

controllers.blocky.containers.main.env.PGCONNECT_TIMEOUT (1)

number

controllers.blocky.containers.main.env.PGDATABASE.valueFrom.secretKeyRef.key (1)

dbname

string

controllers.blocky.containers.main.env.PGDATABASE.valueFrom.secretKeyRef.name (1)

blocky-db-app

string

controllers.blocky.containers.main.env.PGHOST.valueFrom.secretKeyRef.key (1)

host

string

controllers.blocky.containers.main.env.PGHOST.valueFrom.secretKeyRef.name (1)

blocky-db-app

string

controllers.blocky.containers.main.env.PGPASSWORD.valueFrom.secretKeyRef.key (1)

password

string

controllers.blocky.containers.main.env.PGPASSWORD.valueFrom.secretKeyRef.name (1)

blocky-db-app

string

controllers.blocky.containers.main.env.PGPORT.valueFrom.secretKeyRef.key (1)

port

string

controllers.blocky.containers.main.env.PGPORT.valueFrom.secretKeyRef.name (1)

blocky-db-app

string

controllers.blocky.containers.main.env.PGUSER.valueFrom.secretKeyRef.key (1)

username

string

controllers.blocky.containers.main.env.PGUSER.valueFrom.secretKeyRef.name (1)

blocky-db-app

string

controllers.blocky.containers.main.image.repository (1)

ghcr.io/0xerr0r/blocky

string

controllers.blocky.containers.main.image.tag (1)

v0.28.2@sha256:5f84a54e4ee950c4ab21db905b7497476ece2f4e1a376d23ab8c4855cabddcba

string

controllers.blocky.containers.main.probes.liveness.custom (1)

true

boolean

controllers.blocky.containers.main.probes.liveness.enabled (1)

true

boolean

controllers.blocky.containers.main.probes.liveness.spec.exec.command[] (1)

- /app/blocky
- healthcheck

string

controllers.blocky.containers.main.probes.readiness.custom (1)

true

boolean

controllers.blocky.containers.main.probes.readiness.enabled (1)

true

boolean

controllers.blocky.containers.main.probes.readiness.spec.exec.command[] (1)

- /app/blocky
- healthcheck

string

controllers.blocky.containers.main.resources.limits.memory (1)

512Mi

string

controllers.blocky.containers.main.resources.requests.cpu (1)

50m

string

controllers.blocky.containers.main.resources.requests.memory (1)

100Mi

string

controllers.blocky.containers.main.securityContext.allowPrivilegeEscalation (1)

false

boolean

controllers.blocky.containers.main.securityContext.capabilities.add[] (1)

- NET_BIND_SERVICE

string

controllers.blocky.containers.main.securityContext.capabilities.drop[] (1)

- ALL

string

controllers.blocky.containers.main.securityContext.readOnlyRootFilesystem (1)

true

boolean

controllers.blocky.pod.securityContext.runAsGroup (3)

number

controllers.blocky.pod.securityContext.runAsNonRoot (3)

true

boolean

controllers.blocky.pod.securityContext.runAsUser (3)

number

controllers.blocky.pod.securityContext.seccompProfile.type (3)

RuntimeDefault

string

controllers.blocky.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].labelSelector.matchLabels."app.kubernetes.io/instance" (1)

blocky

string

controllers.blocky.pod.affinity.podAntiAffinity.requiredDuringSchedulingIgnoredDuringExecution[].topologyKey (1)

kubernetes.io/hostname

string

controllers.blocky.pod.hostUsers (1)

false

boolean

controllers.blocky.pod.tolerations[].effect (1)

NoSchedule

string

controllers.blocky.pod.tolerations[].key (1)

rpi

string

controllers.blocky.pod.tolerations[].operator (1)

Equal

string

controllers.blocky.pod.tolerations[].value (1)

true

string

controllers.blocky.pod.topologySpreadConstraints[].labelSelector.matchLabels."app.kubernetes.io/name" (1)

blocky

string

controllers.blocky.pod.topologySpreadConstraints[].maxSkew (1)

number

controllers.blocky.pod.topologySpreadConstraints[].topologyKey (1)

kubernetes.io/hostname

string

controllers.blocky.pod.topologySpreadConstraints[].whenUnsatisfiable (1)

DoNotSchedule

string

controllers.blocky.annotations."reloader.stakater.com/auto" (2)

true

string

controllers.blocky.rollingUpdate.surge (2)

number

controllers.blocky.rollingUpdate.unavailable (2)

number

controllers.${APP}.annotations."reloader.stakater.com/auto" (1)

true

string

controllers.${APP}.containers.app.env.TZ (1)

${TIMEZONE}

string

controllers.${APP}.containers.app.image.repository (1)

ghcr.io/0xerr0r/blocky

string

controllers.${APP}.containers.app.image.tag (1)

v0.28.2@sha256:5f84a54e4ee950c4ab21db905b7497476ece2f4e1a376d23ab8c4855cabddcba

string

controllers.${APP}.containers.app.probes.liveness.custom (1)

true

boolean

controllers.${APP}.containers.app.probes.liveness.enabled (1)

true

boolean

controllers.${APP}.containers.app.probes.liveness.spec.failureThreshold (1)

number

controllers.${APP}.containers.app.probes.liveness.spec.initialDelaySeconds (1)

number

controllers.${APP}.containers.app.probes.liveness.spec.periodSeconds (1)

number

controllers.${APP}.containers.app.probes.liveness.spec.tcpSocket.port (1)

number

controllers.${APP}.containers.app.probes.readiness.custom (1)

true

boolean

controllers.${APP}.containers.app.probes.readiness.enabled (1)

true

boolean

controllers.${APP}.containers.app.probes.readiness.spec.failureThreshold (1)

number

controllers.${APP}.containers.app.probes.readiness.spec.initialDelaySeconds (1)

number

controllers.${APP}.containers.app.probes.readiness.spec.periodSeconds (1)

number

controllers.${APP}.containers.app.probes.readiness.spec.tcpSocket.port (1)

number

controllers.${APP}.containers.app.probes.startup.enabled (1)

false

boolean

controllers.${APP}.containers.app.resources.limits.memory (1)

512Mi

string

controllers.${APP}.containers.app.resources.requests.cpu (1)

10m

string

controllers.${APP}.containers.app.securityContext.allowPrivilegeEscalation (1)

false

boolean

controllers.${APP}.containers.app.securityContext.capabilities.add[] (1)

- NET_BIND_SERVICE

string

controllers.${APP}.containers.app.securityContext.capabilities.drop[] (1)

- ALL

string

controllers.${APP}.containers.app.securityContext.readOnlyRootFilesystem (1)

true

boolean

controllers.${APP}.initContainers.init-db.envFrom[].secretRef.name (1)

blocky-secret

string

controllers.${APP}.initContainers.init-db.image.repository (1)

ghcr.io/home-operations/postgres-init

string

controllers.${APP}.initContainers.init-db.image.tag (1)

number

controllers.${APP}.pod.securityContext.runAsGroup (1)

number

controllers.${APP}.pod.securityContext.runAsNonRoot (1)

true

boolean

controllers.${APP}.pod.securityContext.runAsUser (1)

number

controllers.${APP}.strategy (1)

RollingUpdate

string

controllers.${APP}.type (1)

daemonset

string

controllers.cache.containers.server.command (1)

redis-server

string

controllers.cache.containers.server.env.REDIS_REPLICATION_MODE (1)

master

string

controllers.cache.containers.server.image.repository (1)

public.ecr.aws/docker/library/redis

string

controllers.cache.containers.server.image.tag (1)

8.4.0@sha256:47200b04138293fae39737e50878a238b13ec0781083126b1b0c63cf5d992e8d

string

controllers.cache.containers.server.resources.limits.memory (1)

100Mi

string

controllers.cache.containers.server.resources.requests.cpu (1)

10m

string

controllers.cache.containers.server.resources.requests.memory (1)

10Mi

string

controllers.main.annotations."reloader.stakater.com/auto" (1)

true

string

controllers.main.containers.main.image.repository (1)

ghcr.io/0xerr0r/blocky

string

controllers.main.containers.main.image.tag (1)

v0.28.2@sha256:5f84a54e4ee950c4ab21db905b7497476ece2f4e1a376d23ab8c4855cabddcba

string

controllers.main.containers.main.probes.liveness.enabled (1)

true

boolean

controllers.main.containers.main.probes.readiness.enabled (1)

true

boolean

controllers.main.containers.main.probes.startup.enabled (1)

true

boolean

controllers.main.containers.main.probes.startup.spec.failureThreshold (1)

number

controllers.main.containers.main.probes.startup.spec.periodSeconds (1)

number

controllers.main.replicas (1)

number

controllers.main.strategy (1)

RollingUpdate

string

serviceMonitor.app.endpoints[].path (4)

/metrics

string

serviceMonitor.app.endpoints[].port (4)

http

string

serviceMonitor.app.endpoints[].interval (3)

1m

string

serviceMonitor.app.endpoints[].scheme (3)

http

string

serviceMonitor.app.endpoints[].scrapeTimeout (3)

10s

string

serviceMonitor.app.serviceName (3)

blocky

string

serviceMonitor.app.service.name (1)

blocky-app

string

serviceMonitor.blocky.endpoints[].port (1)

http

string

serviceMonitor.blocky.serviceName (1)

blocky-k8s

string

serviceMonitor.main.enabled (1)

true

boolean

serviceMonitor.main.endpoints[].interval (1)

30s

string

serviceMonitor.main.endpoints[].path (1)

/metrics

string

serviceMonitor.main.endpoints[].port (1)

http

string

serviceMonitor.main.endpoints[].scrapeTimeout (1)

10s

string

serviceMonitor.main.serviceName (1)

blocky-app

string

ingress.app.hosts[].host (2)

{{ .Release.Name }}.${SECRET_DOMAIN}

string

ingress.app.hosts[].paths[].path (2)

string

ingress.app.hosts[].paths[].service.identifier (2)

app

string

ingress.app.hosts[].paths[].service.port (2)

http

string

ingress.app.annotations."cert-manager.io/cluster-issuer" (1)

letsencrypt-production

string

ingress.app.annotations."hajimari.io/enable" (1)

false

string

ingress.app.className (1)

internal

string

ingress.app.enabled (1)

true

boolean

ingress.app.tls[].hosts[] (1)

- ${APP}.local.${SECRET_DOMAIN}

string

ingress.app.tls[].secretName (1)

${APP}-tls-production

string

ingress.main.annotations."kubernetes.io/tls-acme" (1)

true

string

ingress.main.annotations."nginx.ingress.kubernetes.io/auth-signin" (1)

https://auth.${SECRET_DOMAIN}

string

ingress.main.annotations."nginx.ingress.kubernetes.io/auth-url" (1)

http://authelia.networking.svc.cluster.local/api/authz/auth-request

string

ingress.main.className (1)

nginx

string

ingress.main.hosts[].host (1)

blocky.${SECRET_DOMAIN}

string

ingress.main.hosts[].paths[].path (1)

string

ingress.main.hosts[].paths[].service.identifier (1)

main

string

ingress.main.hosts[].paths[].service.port (1)

http

string

ingress.main.tls[].hosts[] (1)

- blocky.${SECRET_DOMAIN}

string

ingress.main.tls[].secretName (1)

blocky-tls

string

configMaps.config.data."config.yml" (1)

caching:
  minTime: 2m
  maxTime: 1h
  maxItemsCount: 0
  prefetching: true
  prefetchExpires: 1h
  prefetchThreshold: 30
  prefetchMaxItemsCount: 0
  cacheTimeNegative: -1

log:
  level: info

minTlsServeVersion: 1.3
certFile: /certs/tls.crt
keyFile: /certs/tls.key
ports:
  dns: 53
  tls: 853
  http: 4000

prometheus:
  enable: true

conditional:
  fallbackUpstream: false
  mapping:
    ${SECRET_DOMAIN}: ${K8S_GATEWAY_CLUSTER_IP}:53

    # House
    internal: 10.0.30.1:53
    0.10.in-addr.arpa: 10.0.30.1:53
    # kube
    cluster.local: ${COREDNS_CLUSTER_IP}
    16.172.in-addr.arpa: ${COREDNS_CLUSTER_IP}

# ClientLookup is set to blocky so it can conditionally forward it to coredns/apt/house DHCP
clientLookup:
  upstream: 127.0.0.1
  clients:
    localhost:
      - 127.0.0.1

# To resolve devices behind coredns
ecs:
  useAsClient: true
  forward: false

bootstrapDns:
  - https://1.1.1.1/dns-query

# dnssec:
#   validate: true
#   cacheExpirationHours: 2
#   clockSkewToleranceSec: 300

upstreams:
  groups:
    default:
      - https://dns.quad9.net/dns-query
      - https://freedns.controld.com/p0
      - https://doh.opendns.com/dns-query
      - https://cloudflare-dns.com/dns-query

blocking:
  denylists:
    ads:
      - https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/multi.txt
  allowlists:
    ads:
      - |
        epi-graphql.conde.digital
  clientGroupsBlock:
    10.0.0.0/8:
      - ads

redis:
  address: dragonfly-db.database.svc.cluster.local:6379
  database: 4
  connectionAttempts: 10
  connectionCooldown: 60s

queryLog:
  # https://github.com/0xERR0R/blocky/issues/1949
  # type: timescale
  type: postgresql
  logRetentionDays: 90
  creationAttempts: 5
  creationCooldown: 60s
  flushInterval: 5s

string

defaultPodOptions.nodeSelector."kubernetes.io/arch" (1)

amd64

string

defaultPodOptions.securityContext.fsGroup (1)

number

defaultPodOptions.securityContext.runAsGroup (1)

number

defaultPodOptions.securityContext.runAsNonRoot (1)

true

boolean

defaultPodOptions.securityContext.runAsUser (1)

number

defaultPodOptions.securityContext.seccompProfile.type (1)

RuntimeDefault

string

defaultPodOptions.shareProcessNamespace (1)

true

boolean

route.app.annotations."gethomepage.dev/description" (1)

DNS proxy and ad-blocker written in Go

string

route.app.annotations."gethomepage.dev/enabled" (1)

true

string

route.app.annotations."gethomepage.dev/group" (1)

Network

string

route.app.annotations."gethomepage.dev/icon" (1)

blocky

string

route.app.annotations."gethomepage.dev/name" (1)

Blocky

string

route.app.hostnames[] (1)

- {{ .Release.Name }}.${CLUSTER_DOMAIN}

string

route.app.parentRefs[].name (1)

traefik-gateway

string

route.app.parentRefs[].namespace (1)

traefik

string

route.app.rules[].backendRefs[].identifier (1)

app

string

route.app.rules[].filters[].extensionRef.group (1)

traefik.io

string

route.app.rules[].filters[].extensionRef.kind (1)

Middleware

string

route.app.rules[].filters[].extensionRef.name (1)

auth-chain

string

route.app.rules[].filters[].type (1)

ExtensionRef

string

route.blocky-DOH.annotations."gatus.home-operations.com/endpoint" (1)

url: https://dns.${SECRET_DOMAIN}/dns-query

string

route.blocky-DOH.hostnames[] (1)

- dns.${SECRET_DOMAIN}

string

route.blocky-DOH.parentRefs[].name (1)

external

string

route.blocky-DOH.parentRefs[].namespace (1)

envoy-system

string

route.blocky-DOH.parentRefs[].sectionName (1)

https

string

route.blocky-DOH.rules[].backendRefs[].identifier (1)

k8s

string

route.blocky-DOH.rules[].backendRefs[].port (1)

number

route.blocky-DOH.rules[].matches[].path.type (1)

PathPrefix

string

route.blocky-DOH.rules[].matches[].path.value (1)

/dns-query

string

blocky helm

Install

Examples

Top Repositories (2 out of 7)

Values