#:schema https://raw.githubusercontent.com/YunoHost/apps/master/schemas/manifest.v2.schema.json packaging_format = 2 description.en = "Network-wide ads & trackers blocking DNS server" description.fr = "Serveur DNS, bloqueur de publicités et trackers" id = "adguardhome" name = "AdGuard Home" version = "0.107.51~ynh1" maintainers = [ "ddataa", "OniriCorpe" ] [upstream] admindoc = "https://github.com/AdguardTeam/AdGuardHome/wiki" code = "https://github.com/AdguardTeam/AdGuardHome" license = "GPL-3.0" userdoc = "https://kb.adguard.com/en" website = "https://adguard.com/adguard-home.html" [integration] architectures = "all" disk = "50M" ldap = false multi_instance = false ram.build = "200M" ram.runtime = "200M" sso = false yunohost = ">= 11.2" [install] [install.domain] type = "domain" [install.path] default = "/adguard" type = "path" [install.init_main_permission] default = "all_users" type = "group" help.en = "Even by restricting access to users only, the AdGuard Home API will be available (ex. for a mobile app use)." help.fr = "Même en limitant l'accès aux seuls utilisateurs, l'API AdGuard Home sera disponible (par ex. pour utiliser une application mobile)." [install.admin] type = "user" [install.password] type = "password" [install.expose_port_53] ask.en = "Bind to public IP addresses?" ask.fr = "Liaison avec les adresses IP publiques ?" help.en = "If so, anyone who knows your server's IP can make a DNS request to it. It may be used to perform amplification attacks: https://en.wikipedia.org/wiki/Denial-of-service_attack#Amplification Please read the admin doc to understand that setting and to secure your server using allowlist." help.fr = "Si activé, quiconque connaissant l'adresse IP de votre serveur pourra lui faire des requêtes DNS. Il pourrait être utilisé afin de réaliser des attaques par amplification DNS : https://www.malekal.com/attaque-dos-amplification Veuillez lire le guide d'administration pour comprendre ce paramètre et comment sécuriser votre serveur en utilisant la liste blanche." default = false type = "boolean" [install.dns_over_https] ask.en = "Enable DNS-over-HTTPS/TLS/QUIC?" ask.fr = "Activer le DNS-sur-HTTPS/TLS/QUIC ?" help.en = "If so, anyone who knows your adguard address can make a DoH request to https://adguardomain.tld/dns-query or using DoT or DoQ. It also may be used to perform amplification attacks. Read the admin doc to secure your server using allowlist." help.fr = "Si activé, quiconque connaissant l'adresse de votre serveur pourra lui faire des requêtes DoH sur https://adguardomain.tld/dns-query ou en utilisant le DoT ou DoQ. Il pourrait aussi être utilisé afin de réaliser des attaques par amplification DNS. Veuillez lire le guide d'administration pour comprendre ce paramètre et comment sécuriser votre serveur en utilisant la liste blanche." default = false type = "boolean" [resources] [resources.sources.main] amd64.sha256 = "6eb61c7a6714c04922077c82876cbb9f6222e83ec67ca30aaa6dc55423d957b2" amd64.url = "https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.107.51/AdGuardHome_linux_amd64.tar.gz" arm64.sha256 = "402921e73c94c9fd423a4d9c6fcb0674fb52cc16138f0a47dc549a2378c6e6fd" arm64.url = "https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.107.51/AdGuardHome_linux_arm64.tar.gz" armhf.sha256 = "383a47b855386310de4003b20e9b45417bcb3dc4c3270069e22ac4939b2bcb95" armhf.url = "https://github.com/AdguardTeam/AdGuardHome/releases/download/v0.107.51/AdGuardHome_linux_armv7.tar.gz" in_subdir = 2 autoupdate.asset.amd64 = "^AdGuardHome_linux_amd64.tar.gz$" autoupdate.asset.arm64 = "^AdGuardHome_linux_arm64.tar.gz$" autoupdate.asset.armhf = "^AdGuardHome_linux_armv7.tar.gz$" autoupdate.strategy = "latest_github_release" [resources.ports] dns_over_tls.default = 853 dns_over_tls.exposed = "Both" dns_over_tls.fixed = true dns_over_quic.default = 784 dns_over_quic.exposed = "UDP" dns_over_quic.fixed = true # AGH also uses port 53 but we can't put it here as dnsmasq uses it by default # and the ynh core would assign us another port, however, on installation we # edit dnsmasq's configuration to allow AGH to use port 53 on non-localhost IPs [resources.system_user] allow_email = true [resources.install_dir] [resources.permissions] api.allowed = "visitors" api.auth_header = true api.protected = true api.show_tile = false api.url = "re:__DOMAIN__/control" doh.allowed = "visitors" doh.auth_header = false doh.protected = true doh.show_tile = false doh.url = "re:__DOMAIN__/dns-query" main.url = "/" [resources.apt] packages = "python3-bcrypt, python3-yaml"