Package Details: adguardhome-bin 0.107.52-1

Git Clone URL: https://aur.archlinux.org/adguardhome-bin.git (read-only, click to copy)
Package Base: adguardhome-bin
Description: Network-wide ads and trackers blocking DNS server (binary version).
Upstream URL: https://github.com/AdguardTeam/AdGuardHome
Keywords: adblock adblocker adguard adguardhome ads antispam antitracker black blocker blocking dns hole internet-of-things iot network privacy re-router server tracker tracking
Licenses: GPL
Conflicts: adguardhome
Provides: adguardhome-bin
Submitter: mvidaldp
Maintainer: mvidaldp
Last Packager: mvidaldp
Votes: 7
Popularity: 0.74
First Submitted: 2021-03-12 18:26 (UTC)
Last Updated: 2024-07-30 15:28 (UTC)

Latest Comments

1 2 3 Next › Last »

handsomexdd1024 commented on 2024-09-26 01:13 (UTC)

It's not recommended to install ../adguardhome.service directly. Instead, use source=("adguardhome.service"), with install -Dm644 "adguardhome.service" "${pkgdir}/usr/lib/systemd/system/adguardhome.service".

Kimiblock commented on 2024-04-06 14:58 (UTC) (edited on 2024-04-06 15:21 (UTC) by Kimiblock)

Also, post_remove() is generally not recommended when packaging and this package should provide and conflict adguardhome

Kimiblock commented on 2024-04-06 14:55 (UTC) (edited on 2024-04-06 14:56 (UTC) by Kimiblock)

I have a service file with DynamicUser which is also hardened:

➜  serverOS git:(master) cat /usr/lib/systemd/system/serverOS-AdGuardHome.service
[Unit]
Description=serverOS DNS
PartOf=network-online.target
RequiresMountsFor=/var/lib/private/adguardhome
After=serverOS-clash-meta.service
Before=NetworkManager-wait-online.service

[Service]
Nice=-1
DynamicUser=yes
StartLimitInterval=5
StateDirectory=serverOS-AdGuardHome
WorkingDirectory=/var/lib/private/serverOS-AdGuardHome
ExecStartPre=cp /var/lib/adguardhome/AdGuardHome /var/lib/private/serverOS-AdGuardHome/aghexec
ExecStart=/var/lib/private/serverOS-AdGuardHome/aghexec "-s" "run"
Restart=always
RestartSec=5

OOMPolicy=stop
OOMScoreAdjust=-500

SyslogIdentifier=AdGuardHome
CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_RAW
AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_RAW

ProtectSystem=strict
ProtectHome=yes
PrivateTmp=yes
PrivateDevices=yes
ProtectHostname=yes
ProtectClock=yes
ProtectKernelTunables=yes
ProtectKernelModules=yes
ProtectKernelLogs=yes
ProtectControlGroups=yes
RestrictAddressFamilies=AF_PACKET AF_NETLINK AF_INET AF_INET6
RestrictNamespaces=yes
LockPersonality=yes
MemoryDenyWriteExecute=yes
RestrictRealtime=yes
RestrictSUIDSGID=yes
RemoveIPC=yes
SystemCallArchitectures=native

ProtectProc=invisible
ProcSubset=pid

SystemCallFilter=~@clock
SystemCallFilter=~@cpu-emulation
SystemCallFilter=~@debug
SystemCallFilter=~@module
SystemCallFilter=~@mount
SystemCallFilter=~@obsolete
SystemCallFilter=~@raw-io
SystemCallFilter=~@reboot
SystemCallFilter=~@swap

UMask=077

[Install]
WantedBy=multi-user.target

mvidaldp commented on 2023-09-16 10:46 (UTC)

@procobain yes it does :)

procobain commented on 2023-09-15 17:16 (UTC)

Does it run as root?

mvidaldp commented on 2023-01-04 13:14 (UTC)

@drrlvn thanks for the suggestion, it's fixed now.

drrlvn commented on 2023-01-03 19:47 (UTC) (edited on 2023-01-03 19:47 (UTC) by drrlvn)

The systemd service file should be installed in /usr/lib/systemd/system/ and not in /etc/systemd/system/ as it is now.

Also, the adguardhome package recently renamed the service from AdGuardHome.service to adguardhome.service, so you should perhaps consider doing the same.

mvidaldp commented on 2022-10-13 12:04 (UTC)

It's for setting up an internal AdGuard, for your local network. More info: https://github.com/AdguardTeam/AdGuardHome#readme https://adguard.com/en/adguard-home/overview.html

bkb commented on 2022-10-13 08:04 (UTC)

Wait, this package is for setting up rapidly AdGuard DNS for the computer to use it instead of default DNS? Or it's a copy of AdGuard internal DNS servers for us to run it locally in our WAN and become ourselves the filter?

Because I would prefer the first one, and if it's not possible, I want to be able to be client of my own server, because I want to filter my DNS requests

MattScherbatsky commented on 2022-01-02 12:57 (UTC) (edited on 2022-01-02 12:58 (UTC) by MattScherbatsky)

v0.107.2

sha256sums:

i686: 5a763a24111bb165175dac583da30f28a26eaa755647813ead22c6bd34ea447f

x86_64:396f610231143e88929c2e3500582e4913ff1d5e45f99564dbe1bce5db598752

aarch64: 633591149e4f93e8850d2beaae8c12a848f4059f2581ce2757afa4c4f0ac6fa3

armv5h: 370038ff08874ea6fa4abdf0cf9c1abaae1ee3f3b1711b28c08cc3f5842081b2

armv6h: c96d118995b866975900817b5a25b2f3586d70a6db94f15a0385d7bf9a5470c9

armv7h: ef02ea830465203c68fb20d3cb16b6889246e8a90f492e5f4455990c489efa4b