ctrld-sync/config.yaml.example at main · abhimehro/ctrld-sync · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# config.yaml.example
# ─────────────────────────────────────────────────────────────────────────────
# Control D Sync – example configuration file
#
# Copy this file to config.yaml (or config.yml) in your current working
# directory (where you run python main.py), or to ~/.ctrld-sync/config.yaml,
# and customise it to suit your setup.  You can also point to any location
# with the --config flag:
#
#   python main.py --config /path/to/my-config.yaml
#
# Configuration precedence (highest → lowest):
#   1. --folder-url CLI flags  (override everything)
#   2. --config FILE argument
#   3. ./config.yaml or ./config.yml (current working directory)
#   4. ~/.ctrld-sync/config.yaml or ~/.ctrld-sync/config.yml
#   5. Built-in defaults (the DEFAULT_FOLDER_URLS list in main.py)
# ─────────────────────────────────────────────────────────────────────────────

# folders: list of remote JSON block-list definitions to sync.
#
# Required fields per entry:
#   url    – HTTPS URL to the Control D JSON folder file
#
# Optional fields per entry:
#   name   – human-readable label (informational only; the actual folder name
#            comes from the JSON file itself)
#   action – "block" or "allow" (informational only; the action is defined
#            inside the JSON file)
folders:
  # ── Native-tracker block lists ──────────────────────────────────────────
  - name: "Native Tracker – Amazon"
    url: "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/controld/native-tracker-amazon-folder.json"
    action: "block"

  - name: "Native Tracker – Apple"
    url: "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/controld/native-tracker-apple-folder.json"
    action: "block"

  - name: "Native Tracker – Samsung"
    url: "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/controld/native-tracker-samsung-folder.json"
    action: "block"

  - name: "Native Tracker – TikTok (Aggressive)"
    url: "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/controld/native-tracker-tiktok-aggressive-folder.json"
    action: "block"

  # ── Allow lists (permit traffic that broad block lists would catch) ──────
  - name: "Apple Private Relay – Allow"
    url: "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/controld/apple-private-relay-allow-folder.json"
    action: "allow"

  - name: "Microsoft – Allow"
    url: "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/controld/microsoft-allow-folder.json"
    action: "allow"

  # ── Badware / spam / malware ─────────────────────────────────────────────
  - name: "Badware Hoster"
    url: "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/controld/badware-hoster-folder.json"
    action: "block"

  - name: "Spam – TLDs (Combined)"
    url: "https://raw.githubusercontent.com/hagezi/dns-blocklists/main/controld/spam-tlds-combined-folder.json"
    action: "block"

  # ── Custom / community lists ─────────────────────────────────────────────
  - name: "Potentially Malicious IPs"
    url: "https://raw.githubusercontent.com/yokoffing/Control-D-Config/main/folders/potentially-malicious-ips.json"
    action: "block"

# settings: reserved for future runtime behaviour tuning.
#
# NOTE: As of this version, ctrld-sync ignores all keys under `settings`.
#       They are documented here for future use only and have no effect
#       at runtime. If/when they become active, all values will need to be
#       positive integers, and the examples below will act as built-in defaults.
settings:
  # Number of rules that would be pushed to the Control D API in a single
  # batch request if settings support is enabled in a future version.
  batch_size: 500

  # Number of parallel workers that would be used when deleting existing
  # folders if settings support is enabled in a future version.
  delete_workers: 3

  # Maximum number of HTTP retry attempts that would be made before giving
  # up on a request if settings support is enabled in a future version.
  max_retries: 10

  # Log output format.
  # Accepted values: "human" (default coloured text) or "json" (one JSON
  # object per line, suitable for observability pipelines such as Datadog,
  # CloudWatch, or Loki).
  # Intended to be equivalent to setting the JSON_LOG=1 environment variable
  # when implemented. As of this version, this key is reserved for future
  # use and has no effect at runtime.
  log_format: human