--accept-dns=false.
I intend on eventually making this fault-tolerant by using another device as a failover with keepalived. Where and what that other device will be is to be determined. I have Blocky configured to use the strict strategy for the upstreams setting, so after a timeout of the topmost server it will fallback to the next one, which is Quad9. An idea I have is to setup a cheap VPS on Vultr and run a public DNS resolver on it, but Quad9 is fine for now. Using a completely self-hosted recursive DNS resolver is fairly important to me, but as long as it's not going through Google or my ISP it is fine.
I have the Orange Pi 5 Plus Tailnet IP address configured to be my Tailnet's global nameserver. So every device on my Tailnet that uses MagicDNS will be using Blocky and Unbound.
upstreams:
strategy: strict
groups:
default:
- 127.0.0.1:5335
- 9.9.9.9
- 149.112.112.112
blocking:
denylists:
ads:
- https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
- https://adaway.org/hosts.txt
- https://v.firebog.net/hosts/AdguardDNS.txt
suspicious:
- https://v.firebog.net/hosts/static/w3kbl.txt
tracking:
- https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt
- https://v.firebog.net/hosts/Easyprivacy.txt
- https://v.firebog.net/hosts/Prigent-Ads.txt
malicious:
- http://phishing.mailscanner.info/phishing.bad.sites.conf
- https://v.firebog.net/hosts/Prigent-Crypto.txt
- https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews/hosts
clientGroupsBlock:
default:
- ads
- suspicious
- tracking
- malicious
ports:
dns: 53
http: 4000
prometheus:
enable: yes
caching:
minTime: 60s
maxItemsCount: 10000
prefetching: yes
prefetchMaxItemsCount: 2000
queryLog:
type: csv-client
target: /home/jas/dns-query-logs
logRetentionDays: 5
clientLookup:
upstream: 10.0.0.1
singleNameOrder:
- 1Last updated: 2025-01-05
=> Gemlog archive | hyperreal.coffee This content has been proxied by September (ba2dc).Proxy Information
text/gemini