Move from shell-script to named-blacklist

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2024-11-09 10:10:00 +00:00 · 2019-08-25 21:27:02 +02:00 · 2019-08-25 21:27:02 +02:00 · 2f751eb56d
commit 2f751eb56d
parent 0ecb98ce3d
6 changed files with 123 additions and 47 deletions
--- a/2
+++ b/2
@ -10,7 +10,7 @@ RUN set -ex \
      git \
      make \
 && go get -v \
-      github.com/Luzifer/korvike\
+      github.com/Luzifer/named-blacklist \
      github.com/Luzifer/rootzone \
 && rootzone >named.stubs \
 && make blacklist
--- a/4
+++ b/4
@ -1,4 +1,6 @@
+export GIT_VERSION:=$(shell git describe --tags --always)
+
 default:

 blacklist:
-	bash -x build_blacklist.sh
+	named-blacklist --config blacklist-config.yaml >named.blacklist
--- a/blacklist-config.yaml
+++ b/blacklist-config.yaml
@ -0,0 +1,118 @@
+---
+
+# List of third-party lists to download and include into generated
+# blacklist zone file (entries are just examples and copied from the
+# source of https://github.com/StevenBlack/hosts#sources-of-hosts-data-unified-in-this-variant)
+# Please verify the list matches your interest or compile your own!
+# 
+# Whitelists are applied AFTER all blacklists are compiled together
+# which means an entry in the whitelist will finally remove the domain
+# from the whole blacklist. Provider order does not matter in this case.
+providers:
+
+  - name: Local blacklist
+    file: blacklist.local
+    action: blacklist
+    type: domain-list
+
+  - name: Local whitelist
+    file: whitelist.local
+    action: whitelist
+    type: domain-list
+
+  - name: Steven Black's ad-hoc list # License: MIT, URL: https://github.com/StevenBlack/hosts/blob/master/data/StevenBlack/hosts
+    url: https://raw.githubusercontent.com/StevenBlack/hosts/master/data/StevenBlack/hosts
+    action: blacklist
+    type: hosts-file
+
+  - name: Malware Domain List # License: can be used for free by anyone, URL: https://www.malwaredomainlist.com/
+    url: https://www.malwaredomainlist.com/hostslist/hosts.txt
+    action: blacklist
+    type: hosts-file
+
+  - name: add.Dead # License: GPLv3+, URL: https://github.com/FadeMind/hosts.extras
+    url: https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Dead/hosts
+    action: blacklist
+    type: hosts-file
+
+  - name: hostsVN # License: MIT, URL: https://github.com/bigdargon/hostsVN
+    url: https://raw.githubusercontent.com/bigdargon/hostsVN/master/option/hosts-VN
+    action: blacklist
+    type: hosts-file
+
+  - name: add.Spam # License: GPLv3+, URL: https://github.com/FadeMind/hosts.extras
+    url: https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Spam/hosts
+    action: blacklist
+    type: hosts-file
+
+  - name: Dan Pollock - someonewhocares # License: non-commercial with attribution, URL:https://someonewhocares.org/hosts/
+    url: https://someonewhocares.org/hosts/zero/hosts
+    action: blacklist
+    type: hosts-file
+
+  - name: MVPS hosts file # License: CC BY-NC-SA 4.0, URL: http://winhelp2002.mvps.org/
+    url: http://winhelp2002.mvps.org/hosts.txt
+    action: blacklist
+    type: hosts-file
+
+  - name: yoyo.org # URL: https://pgl.yoyo.org/adservers/
+    url: https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&mimetype=plaintext&useip=0.0.0.0
+    action: blacklist
+    type: hosts-file
+
+  - name: Mitchell Krog's - Badd Boyz Hosts # License: non-commercial with attribution, URL: https://github.com/mitchellkrogza/Badd-Boyz-Hosts
+    url: https://raw.githubusercontent.com/mitchellkrogza/Badd-Boyz-Hosts/master/hosts
+    action: blacklist
+    type: hosts-file
+
+  - name: CoinBlocker # License: GPLv3, URL: https://gitlab.com/ZeroDot1/CoinBlockerLists
+    url: https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser
+    action: blacklist
+    type: hosts-file
+
+  - name: UncheckyAds # URL: https://github.com/FadeMind/hosts.extras
+    url: https://raw.githubusercontent.com/FadeMind/hosts.extras/master/UncheckyAds/hosts
+    action: blacklist
+    type: hosts-file
+
+  - name: add.2o7Net # License: GPLv3+, URL: https://github.com/FadeMind/hosts.extras
+    url: https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.2o7Net/hosts
+    action: blacklist
+    type: hosts-file
+
+  - name: KADhosts # License: GPLv3, URL: https://github.com/azet12/KADhosts
+    url: https://raw.githubusercontent.com/azet12/KADhosts/master/KADhosts.txt
+    action: blacklist
+    type: hosts-file
+
+  - name: AdAway # License: CC BY 3.0, URL: https://adaway.org/
+    url: https://raw.githubusercontent.com/AdAway/adaway.github.io/master/hosts.txt
+    action: blacklist
+    type: hosts-file
+
+  - name: add.Risk # License: GPLv3+, URL: https://github.com/FadeMind/hosts.extras
+    url: https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Risk/hosts
+    action: blacklist
+    type: hosts-file
+
+  - name: Tiuxo hostlist - ads # License: CC BY 4.0, URL: https://github.com/tiuxo/hosts
+    url: https://raw.githubusercontent.com/tiuxo/hosts/master/ads
+    action: blacklist
+    type: hosts-file
+
+template: |
+  $TTL 1H
+
+  @ SOA LOCALHOST. dns-master.localhost. (1 1h 15m 30d 2h)
+    NS  LOCALHOST.
+
+  ; Healthcheck record - don't remove
+  health.pdns.luzifer.io    A     127.0.1.1
+  version.pdns.luzifer.io   TXT   "{{ env `GIT_VERSION` }} @ {{ now `2006-01-02 15:04:05 -07:00` }}"
+
+  ; Blacklist entries
+  {{ range .blacklist -}}
+  {{ to_punycode .Domain }} CNAME . ; {{ .Comment }}
+  {{ end }}
+
+...
--- a/blacklist.local
+++ b/blacklist.local
@ -1,2 +1,2 @@
 # Block TAZ
-0.0.0.0 taz.de
+taz.de
--- a/blacklist.tpl
+++ b/blacklist.tpl
@ -1,11 +0,0 @@
-$TTL 1H
-
-@                         SOA   LOCALHOST. personal-dns.luzifer.io. (1 1h 15m 30d 2h)
-                          NS    LOCALHOST.
-
-; Healthcheck record - don't remove
-health.pdns.luzifer.io    A     127.0.1.1
-version.pdns.luzifer.io   TXT   "{{ .version }} @ {{ now `2006-01-02 15:04:05 -07:00` }}"
-
-; vim: set ft=bindzone:
-; Blacklist entries
--- a/build_blacklist.sh
+++ b/build_blacklist.sh
@ -1,33 +0,0 @@
-#!/bin/bash
-set -euo pipefail
-
-target=blacklist
-
-function cleanup() {
-	rm -rf \
-		${target} \
-		${target}.tmp
-}
-trap cleanup EXIT
-
-# Download compiled blacklist
-curl -sSfL https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts | awk '/^(#.*|0.0.0.0.*|)$$/' >${target}
-
-# Remove entries on local whitelist
-for entry in $(cat whitelist.local); do
-	grep -v "${entry}" ${target} >${target}.tmp
-	mv ${target}.tmp ${target}
-done
-
-# Add local blacklist
-cat blacklist.local >>${target}
-
-# Convert into named response-policy file
-korvike \
-	-i blacklist.tpl \
-	-o named.${target} \
-	-v version=$(git describe --tags --always)
-
-awk '/^0.0.0.0/{ printf "%s  CNAME .\n", $2 }' blacklist |
-	grep -v '^0.0.0.0  ' |
-	sort >>named.${target}