Adguard CIDRE Sync

JV Hardware
**Adguard CIDRE Sync** - A bot to synchronize adguard clients disallow list with countries CIDR list of your choices. > [!NOTE] >_The code was partially written and structured using a generative AI._ > >_Github repo is a mirror of https://git.djeex.fr/Djeex/nvidia-stock-bot. You'll find full package, history and release note there._ ## Sommaire - [Features](#features) - [Environment Variables](#environment-variables) - [Volumes](#volumes) - [File Structure](#file-structure) - [Installation and Usage](#installation-and-usage) ## Features - Downloads CIDR lists by country from GitHub - (Optional) Adds manual IPs from a `manually_blocked_ips.conf` file - Updates the `AdGuardHome.yaml` file by replacing the `disallowed_clients` list - Creates a backup of the original config (`AdGuardHome.yaml.first-start.bak`) on first run - Creates a backup before each update (`AdGuardHome.yaml.last-update.bak`) - Restarts the AdGuard Home container via Docker API - Built-in Python scheduler using the `schedule` library, configurable to run updates daily or weekly ## Environment Variables | Variable | Description | Example | Possible Values | |--------------------------|--------------------------------------------------------------------------|-----------------------------|---------------------------------------------| | `TZ` | Timezone of the container to correctly schedule updates | `Europe/Paris` | Any valid timezone (e.g., `UTC`, `America/New_York`, etc.) | | `BLOCK_COUNTRIES` | List of country codes for CIDR lists, separated by commas | `cn,ru,ir` | ISO 2-letter country codes | | `BLOCKLIST_CRON_TYPE` | Scheduling type: `daily` or `weekly` | `daily` | `daily`, `weekly` | | `BLOCKLIST_CRON_TIME` | Time to run update in `HH:MM` 24-hour format | `06:00` | 24-hour time format | | `BLOCKLIST_CRON_DAY` | Day of the week for weekly schedule (e.g., `mon`, `tue`, etc.) | `mon` | `mon`, `tue`, `wed`, `thu`, `fri`, `sat`, `sun` | | `ADGUARD_CONTAINER_NAME` | Name of the AdGuard Home container to restart | `adguardhome` | Valid Docker container name | | `DOCKER_API_URL` | Docker API URL (used to restart the container) | `http://socket-proxy-adguard:2375` | HTTP URL | ## Volumes - `/path/to/adguard/confdir` : configuration directory containing `AdGuardHome.yaml` from your adguard container, and optionally `manually_blocked_ips.conf`. ## File Structure - `blocklist_scheduler.py`: Script to backup, schedule, download CIDRs, merge manual IPs, update config, and restart AdGuard. - `Dockerfile`: Builds the lightweight python3-slim image. - `docker-compose.yml`: Example compose file to run the container. - (optional) `manually_blocked_ips.conf`: Add extra IPs to block manually. ## Installation and Usage ### With our provided docker image 1. **Create `docker-compose.yml` in your `adguard-cidre` folder** ```yaml --- services: adguard-cidre: image: git.djeex.fr/djeex/adguard-cidre:latest container_name: adguard-cidre restart: unless-stopped environment: - TZ=Europe/Paris # change to your timezone - BLOCK_COUNTRIES=cn,ru # choose countries listed IP to block. Full lists here https://github.com/vulnebify/cidre/tree/main/output/cidr/ipv4 - BLOCKLIST_CRON_TYPE=daily # daily or weekly # if weekly, choose the day # - BLOCKLIST_CRON_DAY=mon - BLOCKLIST_CRON_TIME=06:00 - DOCKER_API_URL=http://socket-proxy-adguard:2375 # docker socket proxy - ADGUARD_CONTAINER_NAME=adguardhome # adguard container name volumes: - /path/to/adguard/confdir:/adguard socket-proxy: image: lscr.io/linuxserver/socket-proxy:latest container_name: socket-proxy-adguard security_opt: - no-new-privileges:true environment: - CONTAINERS=1 - ALLOW_RESTARTS=1 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro restart: unless-stopped read_only: true tmpfs: - /run ``` 2. **Modify docker-compose.yml** - Set `BLOCK_COUNTRIES` environment variable with the countries you want to block. - Adjust `BLOCKLIST_CRON` variables if you want a different update frequency. - Bind mount your adguard configuration folder (wich contains `AdGuardHome.yaml`) to `/adguard` - (optionnally) create and edit `manually_blocked_ips.conf` file in your adguard configuration folder to add other IPs you want to block. Only valid IP or CIDR entries will be processed, for exemple : ```bash 192.168.1.100 10.0.0.0/24 # Comments or empty lines are ignored ``` 3. **Start the container** ```bash docker compose up -d ``` 4. **Check logs to verify updates** ```bash docker compose logs -f ``` ### With git (developer) 1. **Clone the repository:** ```bash git clone https://git.djeex.fr/Djeex/adguard-cidre cd adguard-cidre ``` 2. **Modify docker-compose.yml** - Set `BLOCK_COUNTRIES` environment variable with the countries you want to block. - Adjust `BLOCKLIST_CRON` variables if you want a different update frequency. - Bind mount your adguard configuration folder (wich contains `AdGuardHome.yaml`) to `/adguard` - (optionnally) create and edit `manually_blocked_ips.conf` file in your adguard configuration folder to add other IPs you want to block. Only valid IP or CIDR entries will be processed, for exemple : ```bash 192.168.1.100 10.0.0.0/24 # Comments or empty lines are ignored ``` 3. **Build and start the container** ```bash docker compose up -d ``` 4. **Check logs to verify updates** ```bash docker compose logs -f ```