For Devs, Ops, and everyone who hates Ads.
Create your ad blocklist using Cloudflare Gateway.
Thanks a lot to @nhubaotruong for his contributions.
Readme by @minlaxz.
Added dynamic domain filter (whitelist and blacklist) idea (please check
ini
files, as you may also need to modify those).Added dynamic domain filter (whitelist and blacklist) to Actions variables (please check dynamic_blacklist.txt and dynamic_whitelist.txt. to know examples to add
Value*
).UseDYNAMIC_BLACKLIST
andDYNAMIC_WHITELIST
forName*
in Actions variables
https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
or
[Ad-Urls]
Adguard = https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
Add to file:
White list whitelist.ini and block list adlist.ini.
Add to GitHub Action variables:
Name*
ADLIST_URLS
orWHITELIST_URLS
.
Value*
URLs list
Example:
https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/light-onlydomains.txt
You should add your ad list and whitelist to Action variables. If you update your fork, your custom list will not be lost.
Fork this repository to your account.
Grab your Cloudflare Account ID (found after https://dash.cloudflare.com/
) from ➞ https://dash.cloudflare.com/?to=/:account/workers.
Create your API Token from ➞ https://dash.cloudflare.com/profile/api-tokens with 3 permissions:
Account.Zero Trust : Edit
Account.Account Firewall Access Rules : Edit
Account.Access: Apps and Policies : Edit
Add Repository Secrets to your forked repository:
➞ https://github.com/<username>/<forked-repository>/settings/secrets/actions
CF_IDENTIFIER
.CF_API_TOKEN
.Due to a limited 2-month commitment from GitHub Actions, you can create and paste this code to run on Cloudflare Workers. Remember, GitHub Tokens generate with no expiration and all permissions.
addEventListener('scheduled', event => {
event.waitUntil(handleScheduledEvent());
});
async function handleScheduledEvent() {
const GITHUB_TOKEN = 'YOUR_GITHUB_TOKEN_HERE';
try {
const dispatchResponse = await fetch('https://api.github.com/repos/YOUR_USER_NAME/YOUR_REPO_NAME/actions/workflows/main.yml/dispatches', {
method: 'POST',
headers: {
'Authorization': `Bearer ${GITHUB_TOKEN}`,
'Content-Type': 'application/json',
'User-Agent': 'Mozilla/5.0',
},
body: JSON.stringify({
ref: 'main'
}),
});
if (!dispatchResponse.ok) throw new Error('Failed to dispatch workflow');
} catch (error) {
console.error('Error handling scheduled event:', error);
}
}
Remember to set up Cloudflare Workers triggers.
To use this tool on the GOAT Termux, follow the steps below. If you are already familiar with setting up Python and the basics, you can skip this section.
yes | pkg upgrade
yes | pkg install python-pip
yes | pkg install git
# Clone your forked repo #
git clone https://github.com/<username>/<repo-name>.git
cd <repo-name>
.env
file (required):nano .env
After editing, press CTRL + X
, then Y
, and ENTER
to save the file.
python -m src run
python -m src leave
Download the ZIP file of the repository from the 'Code' button on the GitHub page and select 'Download ZIP'.
Unzip the downloaded file.
Edit the values in .env
and adlist.ini
etc...
Open Termux and enter the following commands to set up Python and necessary tools:
yes | pkg upgrade
yes | pkg install python-pip
termux-setup-storage
Allow Termux to access storage.
Navigate to the folder containing the unzipped source code:
cd storage/downloads/Cloudflare-Gateway-Pihole-main
python -m src run
python -m src leave
If you encounter issues during setup, you can refer to termux-change-repo for changing Termux repositories.
The limit of Cloudflare Gateway Zero Trust
free is 300k domains, so remember to pay attention to the workflow logs. If it is exceeded, the script will stop.
If you have uploaded lists using another script, you should delete them using the delete feature of the uploaded script or delete them manually.
I have updated the feature to delete lists when you no longer need to use the script. Go to main.yml as follows:
- name: Cloudflare Gateway Zero Trust
run: python -m src leave
Note from @minlaxz:
.env
: Setting sensitive information inside a public repository is considered too dangerous, since any unwanted person could easily steal your Cloudflare credentials from that .env
file.