steve black host blocklist
This commit is contained in:
parent
0b73857ec4
commit
8749f5c254
3 changed files with 59 additions and 7 deletions
26
common/tooling/opensnitch/block_lists.nix
Normal file
26
common/tooling/opensnitch/block_lists.nix
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
{ stdenv, fetchFromGitHub, lib }:
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
pname = "stevenblack_block";
|
||||||
|
version = "3.14.116";
|
||||||
|
|
||||||
|
src = fetchFromGitHub {
|
||||||
|
owner = "StevenBlack";
|
||||||
|
repo = "hosts";
|
||||||
|
rev = version;
|
||||||
|
hash = "sha256-MATJK6QO//6z5CXS3zVo/s/Bz6c2z0g8C+InM5iiv2o=";
|
||||||
|
};
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir $out
|
||||||
|
# cp $src/hosts $out/hosts.list
|
||||||
|
grep 0\.0\.0\.0 $src/hosts > $out/hosts.list
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
description = "Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.";
|
||||||
|
homepage = "https://github.com/StevenBlack/hosts";
|
||||||
|
license = lib.licenses.mit;
|
||||||
|
maintainers = with lib.maintainers; [ grimmauld ];
|
||||||
|
platforms = lib.platforms.all;
|
||||||
|
};
|
||||||
|
}
|
|
@ -57,6 +57,18 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
block-list = {
|
||||||
|
name = "block-list";
|
||||||
|
action = "deny";
|
||||||
|
enabled = true;
|
||||||
|
duration = "always";
|
||||||
|
operator = {
|
||||||
|
type = "lists";
|
||||||
|
operand = "lists.domains";
|
||||||
|
data = pkgs.callPackage ./block_lists.nix {};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
nsncd = mkIf (config.services.nscd.enableNsncd) {
|
nsncd = mkIf (config.services.nscd.enableNsncd) {
|
||||||
name = "nsncd-dns";
|
name = "nsncd-dns";
|
||||||
enabled = true;
|
enabled = true;
|
||||||
|
@ -91,6 +103,20 @@ in
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
localhost = {
|
||||||
|
name = "localhost";
|
||||||
|
enabled = true;
|
||||||
|
action = "allow";
|
||||||
|
duration = "always";
|
||||||
|
precedence = true;
|
||||||
|
operator = {
|
||||||
|
type ="regexp";
|
||||||
|
sensitive = false;
|
||||||
|
operand = "dest.ip";
|
||||||
|
data = "^(127\\.0\\.0\\.1|::1)$";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
spotify_deny = mkIf (config.grimmShared.spotify.enable && graphical) {
|
spotify_deny = mkIf (config.grimmShared.spotify.enable && graphical) {
|
||||||
name = "spotify-deny";
|
name = "spotify-deny";
|
||||||
enabled = true;
|
enabled = true;
|
||||||
|
|
|
@ -41,10 +41,10 @@
|
||||||
"homepage": "https://nyx.chaotic.cx",
|
"homepage": "https://nyx.chaotic.cx",
|
||||||
"owner": "chaotic-cx",
|
"owner": "chaotic-cx",
|
||||||
"repo": "nyx",
|
"repo": "nyx",
|
||||||
"rev": "25f420d9cf70929455ba14642b92ae715ae8d792",
|
"rev": "371ba355dfb49d6c047525d078ee58b65f03e334",
|
||||||
"sha256": "00llpxbblf9v6s6sc8p4gppf1knmqb2mlp5040clwr4rfih7kjrs",
|
"sha256": "195p4mzisa9vxmzlh3yr2whb4h4wh5zxk4wcs3dp7drdai6ysfxl",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/chaotic-cx/nyx/archive/25f420d9cf70929455ba14642b92ae715ae8d792.tar.gz",
|
"url": "https://github.com/chaotic-cx/nyx/archive/371ba355dfb49d6c047525d078ee58b65f03e334.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
"glibc-eac": {
|
"glibc-eac": {
|
||||||
|
@ -68,7 +68,7 @@
|
||||||
"lix-pkg": {
|
"lix-pkg": {
|
||||||
"branch": "main",
|
"branch": "main",
|
||||||
"repo": "https://git.lix.systems/lix-project/lix.git",
|
"repo": "https://git.lix.systems/lix-project/lix.git",
|
||||||
"rev": "775292766025380d04004e42fefbdb8ca40b3fa3",
|
"rev": "5df2cccc4956e53b56ba1613e36d64dc8057c508",
|
||||||
"type": "git"
|
"type": "git"
|
||||||
},
|
},
|
||||||
"nixos-mailserver": {
|
"nixos-mailserver": {
|
||||||
|
@ -95,10 +95,10 @@
|
||||||
"homepage": null,
|
"homepage": null,
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "27e30d177e57d912d614c88c622dcfdb2e6e6515",
|
"rev": "bc947f541ae55e999ffdb4013441347d83b00feb",
|
||||||
"sha256": "1fvwlz931dvlx4anz7wk3ny33650a292bj4fdj41glckjcfkvzqw",
|
"sha256": "06187qzdapb6ghymwvzcv02bxbw7h1v6r4aywjg86b6i2sy97s1l",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/NixOS/nixpkgs/archive/27e30d177e57d912d614c88c622dcfdb2e6e6515.tar.gz",
|
"url": "https://github.com/NixOS/nixpkgs/archive/bc947f541ae55e999ffdb4013441347d83b00feb.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
"ranger_udisk_menu": {
|
"ranger_udisk_menu": {
|
||||||
|
|
Loading…
Reference in a new issue