# shellcheck disable=SC2034 ## Common PODKOP_CONFIG="/etc/config/podkop" RESOLV_CONF="/etc/resolv.conf" DNS_RESOLVERS="1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 9.9.9.9 9.9.9.11 94.140.14.14 94.140.15.15 208.67.220.220 208.67.222.222 77.88.8.1 77.88.8.8" CHECK_PROXY_IP_DOMAIN="ip.podkop.fyi" FAKEIP_TEST_DOMAIN="fakeip.podkop.fyi" TMP_SING_BOX_FOLDER="/tmp/sing-box" TMP_RULESET_FOLDER="$TMP_SING_BOX_FOLDER/rulesets" CLOUDFLARE_OCTETS="8.47 162.159 188.114" # Endpoints https://github.com/ampetelin/warp-endpoint-checker ## nft NFT_TABLE_NAME="PodkopTable" NFT_LOCALV4_SET_NAME="localv4" NFT_COMMON_SET_NAME="podkop_subnets" NFT_DISCORD_SET_NAME="podkop_discord_subnets" NFT_INTERFACE_SET_NAME="interfaces" ## sing-box # Log SB_DEFAULT_LOG_LEVEL="warn" # DNS SB_DNS_SERVER_TAG="dns-server" SB_SPLIT_DNS_SERVER_TAG="split-dns-server" SB_FAKEIP_DNS_SERVER_TAG="fakeip-server" SB_FAKEIP_INET4_RANGE="198.18.0.0/15" SB_DNS_DOMAIN_RESOLVER_TAG="dns-domain-resolver" SB_FAKEIP_DNS_RULE_TAG="fakeip-dns-rule-tag" SB_INVERT_FAKEIP_DNS_RULE_TAG="invert-fakeip-dns-rule-tag" # Inbounds SB_TPROXY_INBOUND_TAG="tproxy-in" SB_TPROXY_INBOUND_ADDRESS="127.0.0.1" SB_TPROXY_INBOUND_PORT=1602 SB_DNS_INBOUND_TAG="dns-in" SB_DNS_INBOUND_ADDRESS="127.0.0.42" SB_DNS_INBOUND_PORT=53 SB_MIXED_INBOUND_TAG="mixed-in" SB_MIXED_INBOUND_ADDRESS="0.0.0.0" # TODO(ampetelin): maybe to determine address? SB_MIXED_INBOUND_PORT=2080 SB_SERVICE_MIXED_INBOUND_TAG="service-mixed-in" SB_SERVICE_MIXED_INBOUND_ADDRESS="127.0.0.1" SB_SERVICE_MIXED_INBOUND_PORT=4534 # Outbounds SB_DIRECT_OUTBOUND_TAG="direct-out" SB_MAIN_OUTBOUND_TAG="main-out" # Route SB_REJECT_RULE_TAG="reject-rule-tag" ## Lists GITHUB_RAW_URL="https://raw.githubusercontent.com/itdoginfo/allow-domains/main" SRS_MAIN_URL="https://github.com/itdoginfo/allow-domains/releases/latest/download" DOMAINS_RU_INSIDE="${GITHUB_RAW_URL}/Russia/inside-dnsmasq-nfset.lst" DOMAINS_RU_OUTSIDE="${GITHUB_RAW_URL}/Russia/outside-dnsmasq-nfset.lst" DOMAINS_UA="${GITHUB_RAW_URL}/Ukraine/inside-dnsmasq-nfset.lst" DOMAINS_YOUTUBE="${GITHUB_RAW_URL}/Services/youtube.lst" SUBNETS_TWITTER="${GITHUB_RAW_URL}/Subnets/IPv4/twitter.lst" SUBNETS_META="${GITHUB_RAW_URL}/Subnets/IPv4/meta.lst" SUBNETS_DISCORD="${GITHUB_RAW_URL}/Subnets/IPv4/discord.lst" SUBNETS_TELERAM="${GITHUB_RAW_URL}/Subnets/IPv4/telegram.lst" SUBNETS_CLOUDFLARE="${GITHUB_RAW_URL}/Subnets/IPv4/cloudflare.lst" SUBNETS_HETZNER="${GITHUB_RAW_URL}/Subnets/IPv4/hetzner.lst" SUBNETS_OVH="${GITHUB_RAW_URL}/Subnets/IPv4/ovh.lst" SUBNETS_DIGITALOCEAN="${GITHUB_RAW_URL}/Subnets/IPv4/digitalocean.lst" SUBNETS_CLOUDFRONT="${GITHUB_RAW_URL}/Subnets/IPv4/cloudfront.lst" COMMUNITY_DOMAIN_SERVICES="russia_inside russia_outside ukraine_inside geoblock block porn news anime youtube hdrezka tiktok google_ai google_play hodca" COMMUNITY_SUBNET_SERVICES="discord meta twitter cloudflare cloudfront digitalocean hetzner ovh telegram"