# Odroid C2

## Firewall

## TV server

### [TVheadend](https://tvheadend.org/)

Instalace
```sh
curl -1sLf 'https://dl.cloudsmith.io/public/tvheadend/tvheadend/setup.deb.sh' | sudo -E bash
sudo apt install tvheadend
```

## DNS

### [Pi-hole](https://pi-hole.net/)

Instalace
```sh
curl -sSL https://install.pi-hole.net | bash
```

### Pi-hole sync - [Nebula-sync](https://github.com/lovelaze/nebula-sync)

Download binary from the [latest release](https://github.com/lovelaze/nebula-sync/releases/latest)
```sh
wget https://github.com/lovelaze/nebula-sync/releases/download/v0.11.1/nebula-sync_0.11.1_linux_arm64.tar.gz
```
Run binary
```sh
# run
nebula-sync run

# read envs from file
nebula-sync run --env-file .env
```

### Keepalive

Install
```sh
sudo apt install keepalived
```

Config
```sh
cd /etc/keepalived
sudo touch keepalived.conf
```
pihole1 - [keepalived.conf](pihole1-keepalived.conf)
```
vrrp_instance pihole {
  state MASTER
  interface eth0

  unicast_src_ip 192.168.88.101
  unicast_peer {
    192.168.88.15
  }

  virtual_router_id 1 
  priority 10 
  advert_int 1

  authentication {
    auth_type PASS
    auth_pass Ct7wV69c
  }

  virtual_ipaddress {
    192.168.88.5/24
  }
}
```

pihole2 - [keepalived.conf](pihole2-keepalived.conf)
```
vrrp_instance pihole {
  state BACKUP
  interface end0

  unicast_src_ip 192.168.88.15
  unicast_peer {
    192.168.88.101
  }

  virtual_router_id 1 
  priority 9 
  advert_int 1

  authentication {
    auth_type PASS
    auth_pass Ct7wV69c
  }

  virtual_ipaddress {
    192.168.88.5/24
  }
}
```
### Pi-hole Lists - [hagezi/dns-blocklists](https://github.com/hagezi/dns-blocklists)

**Používám**
* Multi PRO - Extended protection `https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/pro.txt`
* Fake - Protects against internet scams, traps & fakes! `https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/fake.txt`

[Threat Intelligence Feeds - Increases security significantly!](https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/tif.txt)

[DoH/VPN/TOR/Proxy Bypass - Prevent methods to bypass your DNS!](https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/doh-vpn-proxy-bypass.txt)

[Dynamic DNS blocking](https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/dyndns.txt)

**používal jsem dříve**
```
https://raw.githubusercontent.com/PolishFiltersTeam/KADhosts/master/KADhosts.txt
https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Spam/hosts
https://v.firebog.net/hosts/static/w3kbl.txt
https://adaway.org/hosts.txt
https://v.firebog.net/hosts/AdguardDNS.txt
https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://v.firebog.net/hosts/Easylist.txt
```