ngine-io · Salvoxia · Aug 15, 2025 · Aug 15, 2025 · Aug 15, 2025 · Aug 16, 2025
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -46,6 +46,8 @@ jobs:
           # Temporarily disabled due to "sudo: A password is required" error, see https://github.com/geerlingguy/docker-rockylinux9-ansible/issues/6
           #- rockylinux9
         blocky_version:
+          - v0.26
+          - v0.25
           - v0.24
           - v0.23
           - v0.22

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-blocky__version: v0.24
+blocky__version: v0.26.2
 blocky__arch: "{{ ansible_machine }}"
 blocky__system: "{{ ansible_system }}"
 blocky__base_url: https://github.com/0xERR0R/blocky/releases/download
@@ -30,8 +30,19 @@ blocky__blocking_blacklists:
 blocky__blocking_whitelists:
   ads:
     - https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/whitelist.txt
-#   - |
-#     www.googleadservices.com
+
+# List groups of literal domains, domain wildcards or regular expressions
+# May use the same group names as blocky__blocking_blacklists, these lists will be merged in the
+# final configuration.
+blocky__blocking_inline_blacklists: {}
+  # ads:
+  #   - www.googleadservices.com
+  #   - "/^banners?[_.-]/"
+
+blocky__blocking_inline_whitelists: {}
+  # ads:
+  #   - "*.example.com"
+
 
 blocky__ports_dns: 53
 blocky__ports_http: 4000
@@ -76,3 +87,19 @@ blocky__min_tls_version: ""
 blocky__redis: {}
 
 blocky__bootstrap_dns: {}
+
+
+# Caching configuration
+# Refer to https://0xerr0r.github.io/blocky/latest/configuration/#caching
+blocky__caching_min_time: 5m
+blocky__caching_max_time: 60m
+blocky__caching_max_items_count: 0
+blocky__caching_prefetching: true
+blocky__caching_prefetch_expires: 2h
+blocky__caching_prefetch_threshold: 5
+blocky__caching_prefetch_max_items_count: 0
+blocky__caching_cache_time_negative: 30m
+blocky__caching_exclude: []
+  # - /.*\\.lan$/
+  # - /.*\\.local$/
+  # - /.*\\.host\.com\.(jp|fr)$/
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
@@ -6,7 +6,15 @@
     blocky__hosts_dns_enabled: true
     blocky__hosts_dns_host_ip_var: "ansible_host"
     blocky__hosts_dns_domain: ".local.example.com"
+    blocky__blocking_inline_blacklists:
+      ads:
+        - www.example.com
+    blocky__blocking_inline_whitelists:
+      ads:
+        - www.example.org
     blocky__blocking_blacklists: {}
+    blocky__caching_exclude:
+      - "/.*\\.lan$/"
     blocky__ports_dns: 127.0.0.1:5353
     blocky__cert_file: "/etc/cert/blocky_cert.pem"
     blocky__key_file: "/etc/cert/blocky_key.key"

diff --git a/tasks/main.yml b/tasks/main.yml
@@ -85,6 +85,56 @@
         that: blocky__config_template is defined
         fail_msg: "No config template found for requested blocky version {{ blocky__version }}! That version might not be supported by this role!"
 
+- name: "Inline blocklists: Create dict with inline blocklist goups"
+  ansible.builtin.set_fact:
+    __blocky__blocking_inline_blocklist_files: "{{ __blocky__blocking_inline_blocklist_files | default({}) |
+                                                  ansible.builtin.combine({item.key: [blocky__install_path + '/blocklist_' + item.key + '.txt']}) }}"
+  with_items: "{{ blocky__blocking_inline_blacklists | dict2items }}"
+
+- name: "Inline blocklists: Store inline blocklists as file"
+  ansible.builtin.copy:
+    dest: "{{ item.value | first }}"
+    content: "{{ blocky__blocking_inline_blacklists[item.key] | join('\n') }}"
+    owner: blocky
+    group: blocky
+    mode: '0640'
+  when:
+    - blocky__blocking_inline_blacklists[item.key] is defined
+    - blocky__blocking_inline_blacklists[item.key] | length > 0
+  with_items: "{{ __blocky__blocking_inline_blocklist_files | default({}) | dict2items }}"
+
+- name: "Inline blocklists: Merge explicitly configured and inline blocklist groups"
+  ansible.builtin.set_fact:
+    blocky__blocking_blacklists: "{{ blocky__blocking_blacklists | ansible.builtin.combine(__blocky__blocking_inline_blocklist_files,
+                                                                                             list_merge='append', recursive=true) }}"
+  when:
+    - __blocky__blocking_inline_blocklist_files | length > 0
+
+- name: "Inline allowlists: Create dict with inline allowlist goups"
+  ansible.builtin.set_fact:
+    __blocky__blocking_inline_allowlist_files: "{{ __blocky__blocking_inline_allowlist_files | default({}) |
+                                                  ansible.builtin.combine({item.key: [blocky__install_path + '/allowlist_' + item.key + '.txt']}) }}"
+  with_items: "{{ blocky__blocking_inline_whitelists | dict2items }}"
+
+- name: "Inline allowlists: Store inline allowlists as file"
+  ansible.builtin.copy:
+    dest: "{{ item.value | first }}"
+    content: "{{ blocky__blocking_inline_whitelists[item.key] | join('\n') }}"
+    owner: blocky
+    group: blocky
+    mode: '0640'
+  when:
+    - blocky__blocking_inline_whitelists[item.key] is defined
+    - blocky__blocking_inline_whitelists[item.key] | length > 0
+  with_items: "{{ __blocky__blocking_inline_allowlist_files | default({}) | dict2items }}"
+
+- name: "Inline allowlists: Merge explicitly configured and inline allowlist groups"
+  ansible.builtin.set_fact:
+    blocky__blocking_whitelists: "{{ blocky__blocking_whitelists | ansible.builtin.combine(__blocky__blocking_inline_allowlist_files,
+                                                                                             list_merge='append', recursive=true) }}"
+  when:
+    - __blocky__blocking_inline_allowlist_files | length > 0
+
 - name: Configure blocky
   ansible.builtin.template:
     src: "{{ blocky__config_template }}"
@@ -118,4 +168,5 @@
     port: "{{ (blocky__ports_dns | string | ansible.builtin.split(':') | last) if ':' in blocky__ports_dns | string else blocky__ports_dns }}"
     delay: 5
     timeout: 30
+  retries: 5
   when: blocky__readiness_check_enabled
diff --git a/templates/config.yaml.0.24_to_0.25.j2 b/templates/config.yaml.0.24_to_0.25.j2
@@ -0,0 +1,13 @@
+{% extends "config_base.j2" -%}
+
+{% block caching -%}
+caching:
+  minTime: {{ blocky__caching_min_time }}
+  maxTime: {{ blocky__caching_max_time }}
+  maxItemsCount: {{ blocky__caching_max_items_count }}
+  prefetching: {{ blocky__caching_prefetching }}
+  prefetchExpires: {{ blocky__caching_prefetch_expires }}
+  prefetchThreshold: {{ blocky__caching_prefetch_threshold }}
+  prefetchMaxItemsCount: {{ blocky__caching_prefetch_max_items_count }}
+  cacheTimeNegative: {{ blocky__caching_cache_time_negative }}
+{% endblock %}
diff --git a/templates/config.yaml.from_0.24.j2 b/templates/config.yaml.from_0.24.j2
diff --git a/templates/config.yaml.from_0.26.j2 b/templates/config.yaml.from_0.26.j2
@@ -0,0 +1 @@
+{% extends "config_base.j2" -%}
diff --git a/templates/config.yaml.up_to_0.23.j2 b/templates/config.yaml.up_to_0.23.j2
@@ -13,3 +13,15 @@ blocking:
   whiteLists:
     {{ blocky__blocking_whitelists | to_nice_yaml(indent=2) | trim | indent(4) }}
 {% endblock%}
+
+{% block caching -%}
+caching:
+  minTime: {{ blocky__caching_min_time }}
+  maxTime: {{ blocky__caching_max_time }}
+  maxItemsCount: {{ blocky__caching_max_items_count }}
+  prefetching: {{ blocky__caching_prefetching }}
+  prefetchExpires: {{ blocky__caching_prefetch_expires }}
+  prefetchThreshold: {{ blocky__caching_prefetch_threshold }}
+  prefetchMaxItemsCount: {{ blocky__caching_prefetch_max_items_count }}
+  cacheTimeNegative: {{ blocky__caching_cache_time_negative }}
+{% endblock %}
diff --git a/templates/config_base.j2 b/templates/config_base.j2
@@ -44,9 +44,18 @@ log:
 
 {% block caching -%}
 caching:
-  minTime: 5m
-  maxTime: 60m
-  prefetching: true
+  minTime: {{ blocky__caching_min_time }}
+  maxTime: {{ blocky__caching_max_time }}
+  maxItemsCount: {{ blocky__caching_max_items_count }}
+  prefetching: {{ blocky__caching_prefetching }}
+  prefetchExpires: {{ blocky__caching_prefetch_expires }}
+  prefetchThreshold: {{ blocky__caching_prefetch_threshold }}
+  prefetchMaxItemsCount: {{ blocky__caching_prefetch_max_items_count }}
+  cacheTimeNegative: {{ blocky__caching_cache_time_negative }}
+{% if blocky__caching_exclude | length > 0 %}
+  exclude:
+    {{ blocky__caching_exclude | to_nice_yaml(indent=2) | trim | indent(4) }}
+{% endif %}
 {% endblock %}
 
 {% block custom_dns -%}
@@ -71,8 +80,10 @@ customDNS:
 {% endblock %}
 
 {% block bootstrap_dns -%}
+{% if blocky__bootstrap_dns | length > 0 %}
 bootstrapDns:
   {{ blocky__bootstrap_dns | to_nice_yaml(indent=2) | trim | indent(2) }}
+{% endif %}
 {% endblock %}
 
 {% block conditional -%}

diff --git a/vars/main.yml b/vars/main.yml
@@ -5,5 +5,6 @@ blocky__base: "blocky-{{ blocky__version }}"
 # Must be maintained as blocky evolves. min_version and max_version may be defined for the same template.
 blocky__config_template_versions: [
   {'max_version': '0.23', 'template': 'config.yaml.up_to_0.23.j2'},
-  {'min_version': '0.24', 'template': 'config.yaml.from_0.24.j2'},
+  {'min_version': '0.24', 'max_version': '0.25', 'template': 'config.yaml.0.24_to_0.25.j2'},
+  {'min_version': '0.26', 'template': 'config.yaml.from_0.26.j2'},
 ]
-Original file line number
+Diff line change
@@ Expand Up / @@ -46,6 +46,8 @@ jobs: @@
               # Temporarily disabled due to "sudo: A password is required" error, see https://github.com/geerlingguy/docker-rockylinux9-ansible/issues/6
               #- rockylinux9
             blocky_version:
+              - v0.26
+              - v0.25
               - v0.24
               - v0.23
               - v0.22
@@ Expand Down @@