Gen. domains list for dnsmasq with ipset or nftset #53
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This is a basic workflow to help you get started with Actions | |
name: Gen. domains list for dnsmasq with ipset or nftset | |
# Controls when the action will run. Triggers the workflow on push or pull request | |
on: | |
workflow_dispatch: | |
schedule: | |
# * is a special character in YAML so you have to quote this string | |
- cron: '00 22 * * *' | |
# A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
jobs: | |
# The "build" workflow | |
Generation_list: | |
# The type of runner that the job will run on | |
runs-on: ubuntu-latest | |
# Steps represent a sequence of tasks that will be executed as part of the job | |
steps: | |
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
- uses: actions/checkout@v4 | |
# - name: Change DNS-Server's in runner | |
# run: | | |
# echo -e "nameserver 1.0.0.1\nnameserver 8.8.4.4\nnameserver 8.8.8.8\nnameserver 1.1.1.1" | sudo tee /etc/resolv.conf.DNSoverride &>/dev/null; | |
# sudo ln -svf /etc/resolv.conf.DNSoverride /etc/resolv.conf | |
# echo "" | |
# cat -n /etc/resolv.conf | |
# echo "" | |
# - name: Settings DoT DNS with systemd-resolved | |
# run: | | |
# sudo apt update | |
# sudo apt install -y bind9-dnsutils sudo --no-install-suggests | |
# sudo mkdir -pv /etc/systemd/resolved.conf.d/ | |
# echo -e "[Resolve]\nDNS=8.8.4.4#dns.google\nFallbackDNS=\nDNSOverTLS=yes\nDNSSEC=yes\nCache=yes\nCacheFromLocalhost=yes\nReadEtcHosts=no" | sudo tee /etc/systemd/resolved.conf.d/google.conf &>/dev/null; | |
# echo -e "[Resolve]\nDNS=1.0.0.1#1dot1dot1dot1.cloudflare-dns.com\nFallbackDNS=\nDNSOverTLS=yes\nDNSSEC=yes\nCache=yes\nCacheFromLocalhost=yes\nReadEtcHosts=no" | sudo tee /etc/systemd/resolved.conf.d/cloudflare.conf &>/dev/null; | |
# cat /etc/systemd/resolved.conf.d/google.conf | |
# echo "" | |
# cat /etc/systemd/resolved.conf.d/cloudflare.conf | |
# echo "" | |
# echo "nameserver 127.0.0.53" | sudo tee /etc/resolv.conf.DNSoverride &>/dev/null; | |
# sudo ln -svf /etc/resolv.conf.DNSoverride /etc/resolv.conf | |
# cat -n /etc/resolv.conf | |
# echo "" | |
# cat -n /etc/hosts | |
# echo "" | |
# sudo systemctl restart systemd-resolved.service | |
# sleep 3s | |
# nc -z -v 127.0.0.53 53 && echo "" | |
############################ | |
- name: Install depens for CoreDNS | |
env: | |
DEBIAN_FRONTEND: noninteractive | |
run: | | |
sudo apt update && sudo apt install curl make software-properties-common git -y --no-install-suggests && sudo add-apt-repository ppa:longsleep/golang-backports -y | |
sudo apt install golang upx-ucl -y --no-install-suggests | |
- name: Compile CoreDNS | |
env: | |
DEBIAN_FRONTEND: noninteractive | |
run: | | |
git clone --depth 1 https://github.com/coredns/coredns.git | |
cd coredns && make -j$(nproc) && sudo upx -q ./coredns && sudo cp coredns /usr/local/bin/ && cd ../ && sudo rm -r ./coredns/ | |
sudo apt autoremove golang upx-ucl -y | |
- name: Install CoreDNS | |
env: | |
URL_CONFIG_COREDNS: https://gist.githubusercontent.com/naruto522ru/e244f9f6fe96a609b8d9cf2f1f478bdf/raw/51ece1c11022cd9604206bff94698316567a4881/CoreDNS_config.conf | |
run: | | |
sudo chmod -c 755 /usr/local/bin/coredns && sudo chown -c root:root /usr/local/bin/coredns | |
whereis coredns | |
sudo mkdir -p /etc/coredns/ /etc/systemd/system/ | |
echo -e "[Unit]\nDescription=CoreDNS DNS server\nDocumentation=https://coredns.io\nAfter=network.target\n[Service]\nPermissionsStartOnly=true\nLimitNOFILE=1048576\nLimitNPROC=512\nCapabilityBoundingSet=CAP_NET_BIND_SERVICE\nAmbientCapabilities=CAP_NET_BIND_SERVICE\nNoNewPrivileges=true\nUser=root\nExecStart=/usr/local/bin/coredns -conf=/etc/coredns/Corefile\nExecReload=/bin/kill -SIGUSR1 $MAINPID\nRestart=on-failure\n[Install]\nWantedBy=multi-user.target" | sudo tee /etc/systemd/system/coredns.service | |
curl --max-time 30 --retry-delay 3 --retry 10 -4 -# ${URL_CONFIG_COREDNS} | sudo tee /etc/coredns/Corefile &>/dev/null | |
sudo chown root:root /etc/coredns/Corefile | |
sudo cat -n /etc/coredns/Corefile | |
echo "" | |
sudo systemctl daemon-reload | |
- name: Change DNS-Server's using CoreDNS | |
run: | | |
echo "nameserver 127.0.0.1" | sudo tee /etc/resolv.conf.DNSoverride &>/dev/null; | |
sudo ln -svf /etc/resolv.conf.DNSoverride /etc/resolv.conf | |
echo "" | |
cat -n /etc/resolv.conf | |
echo "" | |
sudo systemctl stop systemd-resolved.service && sudo systemctl disable systemd-resolved.service | |
sudo systemctl start coredns.service && sleep 15s && echo "" && nc -z -v 127.0.0.1 53 && echo "" | |
systemctl -q status coredns.service | |
############################ | |
- name: Test DNS-query | |
run: | | |
nslookup -type=A google.com | |
echo "" | |
dig google.com A | |
- name: Install dependencies for start script | |
env: | |
DEBIAN_FRONTEND: noninteractive | |
run: | | |
sudo apt update | |
sudo apt upgrade -y | |
sudo apt install -y bind9-dnsutils git wget curl bash coreutils util-linux moreutils ccache dos2unix sudo language-pack-ru language-pack-en locales --no-install-suggests | |
sudo sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \ | |
sudo sed -i -e 's/# ru_RU.UTF-8 UTF-8/ru_RU.UTF-8 UTF-8/' /etc/locale.gen | |
sudo locale-gen --no-purge en_US.UTF-8 ru_RU.UTF-8 | |
sudo apt install -y grepcidr jq idn ipset bc --no-install-suggests | |
- shell: bash | |
env: | |
TOKEN: ${{ secrets.PERSONAL_TOKEN }} | |
run: | | |
curl --max-time 30 --retry-delay 3 --retry 10 -4 -H "Authorization: token ${TOKEN}" -# https://raw.githubusercontent.com/naruto522ru/dnsmasq-private/master/generate_list.sh > /tmp/generate_list.sh | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.11' | |
- name: Cache pip | |
uses: actions/cache@v4 | |
with: | |
path: ~/.cache/pip | |
key: ${{ runner.os }}-pip-${{ hashFiles('utils/requirements.txt') }} | |
restore-keys: | | |
${{ runner.os }}-pip- | |
${{ runner.os }}- | |
- name: Install dependencies | |
run: | | |
pip install -r utils/requirements.txt | |
- name: Pre-start and start bash script | |
env: | |
LANG: en_US.UTF-8 | |
CHARSET: UTF-8 | |
MODE: ${{ secrets.MODE }} | |
TOKEN: ${{ secrets.PERSONAL_TOKEN }} | |
run: | | |
chmod -c 755 /tmp/generate_list.sh && /tmp/generate_list.sh donwload | |
#### | |
#### | |
- name: Commit configs files | |
uses: stefanzweifel/git-auto-commit-action@v5 | |
with: | |
commit_message: "Auto-update config" | |
file_pattern: '*.conf' | |
commit_options: "--no-verify" | |
repository: . | |
commit_user_name: github-actions[bot] | |
commit_user_email: github-actions[bot]@users.noreply.github.com | |
commit_author: github-actions[bot] <github-actions[bot]@users.noreply.github.com> | |
- name: Prepare artifacts | |
run: echo "BUILD_TIMESTAMP=$(date '+%d.%m.%Y_%H-%M-%S')" >> $GITHUB_ENV | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4.3.1 | |
with: | |
name: configs-${{ env.BUILD_TIMESTAMP }} | |
retention-days: 3 | |
path: | | |
domain_bad_ipset.conf | |
domain_bad_nftset.conf | |
unblock_ipset.conf | |
unblock_nftset.conf |