adguard-cidre/README.md

<h1 align="center"> Adguard CIDRE Sync</h1>
<div align="center">
    <a href="https://discord.gg/gxffg3GA96">
        <img src="https://img.shields.io/badge/JV%20hardware-rejoindre-green?style=flat-square&logo=discord&logoColor=%23fff" alt="JV Hardware">
    </a>
</div>

**Adguard CIDRE Sync** - A bot to synchronize adguard clients disallow list with countries CIDR list of your choices.

*The code is partially generated by AI*

## Sommaire

- [Features](#features)
- [Environment Variables](#environment-variables)
- [File Structure](#file-structure)
- [Installation and Usage](#nstallation-and-usage)

## Features

- Automatically downloads IP CIDR blocks for specified countries to block.
- Supports additional manually blocked IPs from a configurable file.
- Updates the disallowed_clients section in the AdGuard Home config.
- Configurable update frequency via cron expression environment variable.
- Automatically restarts the AdGuard Home container after updates via Docker socket proxy.
- Backup `AdguardHome.yaml` at first startup, then create a second backup at each update.

## Environment Variables

| Variable            | Description                                                | Default                           |
| ------------------- | ---------------------------------------------------------- | --------------------------------- |
| `TZ`    | Your Time Zone    | (required) |
| `BLOCK_COUNTRIES`   | Comma-separated country codes to block (e.g., `CN,RU,IR`)  | (required)                        |
| `BLOCKLIST_CRON`    | Cron expression for update frequency (e.g., `0 6 * * *`) | `0 6 * * *` (at 6:00 everydays)          |
| `DOCKER_API_URL`    | URL of Docker socket proxy to restart AdGuard container    | `http://socket-proxy-adguard:2375` |
| `ADGUARD_CONTAINER_NAME`    | Name of your adguard container    | `adguardhome` |


## File Structure

- `update-blocklist.sh`: Main script to download CIDRs, merge manual IPs, update config, and restart AdGuard.
- `entrypoint.sh`: Sets up the cron job to periodically run the update script.
- `Dockerfile`: Builds the lightweight Alpine-based image.
- `docker-compose.yml`: Example compose file to run the container.
- `manually_blocked_ips.conf`: (Volume mount) Add extra IPs to block manually.

## Installation and Usage

### With our docker image

1. **Create `docker-compose.yml` in your `adguard-cidre` folder**

    ```yaml
    ---
    services:
    adguard-cidre:
        image: git.djeex.fr/djeex/adguard-cidre:latest
        container_name: adguard-cidre
        restart: unless-stopped
        environment:
        - TZ=Europe/Paris # change to your timezone
        - BLOCK_COUNTRIES=cn,ru # choose countries listed IP to block. Full lists here https://github.com/vulnebify/cidre/tree/main/output/cidr/ipv4
        - BLOCKLIST_CRON=0 6 * * * # at 6:00 every days
        - DOCKER_API_URL=http://socket-proxy-adguard:2375 # docker socket proxy
        - ADGUARD_CONTAINER_NAME=adguardhome # adguard container name
        volumes:
        - /path/to/adguard/confdir:/adguard

    socket-proxy:
        image: lscr.io/linuxserver/socket-proxy:latest
        container_name: socket-proxy-adguard
        security_opt:
        - no-new-privileges:true
        environment:
        - CONTAINERS=1
        - ALLOW_RESTARTS=1
        volumes:
        - /var/run/docker.sock:/var/run/docker.sock:ro
        restart: unless-stopped
        read_only: true
        tmpfs:
        - /run
    ```
2. **Modify docker-compose.yml**

- Set `BLOCK_COUNTRIES` environment variable with the countries you want to block.
- Adjust `BLOCKLIST_CRON` if you want a different update frequency.
- Bind mount your adguard configuration folder (wich contains `AdGuardHome.yaml`) to `/adguard`
- (optionnally) create and edit `manually_blocked_ips.conf` file in your adguard configuration folder to add other IPs you want to block. Only valid IP or CIDR entries will be processed, for exemple :

    ```bash
    192.168.1.100
    10.0.0.0/24
    # Comments or empty lines are ignored
    ```
3. **Start the container**

    ```bash
    docker compose up -d
    ```
    
4. **Check logs to verify updates**

   ```bash
   docker compose logs -f
   ```

### With git (developer)
1. **Clone the repository:**

    ```bash
    git clone https://git.djeex.fr/Djeex/adguard-cidre
    cd adguard-cidre
    ```
2. **Modify docker-compose.yml**

- Set `BLOCK_COUNTRIES` environment variable with the countries you want to block.
- Adjust `BLOCKLIST_CRON` if you want a different update frequency.
- Bind mount your adguard configuration folder (wich contains `AdGuardHome.yaml`) to `/adguard`
- (optionnally) create and edit `manually_blocked_ips.conf` file in your adguard configuration folder to add other IPs you want to block. Only valid IP or CIDR entries will be processed, for exemple :

    ```bash
    192.168.1.100
    10.0.0.0/24
    # Comments or empty lines are ignored
    ```

3. **Build and start the container**

    ```bash
    docker compose build
    docker compose up -d
    ```
4. **Check logs to verify updates**

   ```bash
   docker compose logs -f
   ```