English | Việt Nam

For Devs, Ops, and everyone who hates Ads.

Create your ad blocklist using Cloudflare Gateway.

Thanks a lot to @nhubaotruong for his contributions.

Readme by @minlaxz.

Added dynamic domain filter (whitelist and blacklist) idea (please check ini files, as you may also need to modify those).

Added dynamic domain filter (whitelist and blacklist) to Actions variables (please check dynamic_blacklist.txt and dynamic_whitelist.txt. to know examples to add Value*).Use DYNAMIC_BLACKLIST and DYNAMIC_WHITELIST for Name* in Actions variables

• Two kinds of lists in ini files: white list whitelist.ini and block list adlist.ini.

https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt

or

[Ad-Urls]
Adguard = https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt

• Add to file:

  White list whitelist.ini and block list adlist.ini.

• Add to GitHub Action variables:

  Name*

  ADLIST_URLS or WHITELIST_URLS.

  Value* URLs list

  Example:

  https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
  https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/light-onlydomains.txt
  

• You should add your ad list and whitelist to Action variables. If you update your fork, your custom list will not be lost.

1. Fork this repository to your account.

2. Grab your Cloudflare Account ID (found after https://dash.cloudflare.com/) from ➞ https://dash.cloudflare.com/?to=/:account/workers.

3. Create your API Token from ➞ https://dash.cloudflare.com/profile/api-tokens with 3 permissions:

   1. Account.Zero Trust : Edit
   2. Account.Account Firewall Access Rules : Edit
   3. Account.Access: Apps and Policies : Edit

4. Add Repository Secrets to your forked repository: ➞ https://github.com/<username>/<forked-repository>/settings/secrets/actions

   1. Set Cloudflare Account ID to CF_IDENTIFIER.
   2. Set API Token to CF_API_TOKEN.

Due to a limited 2-month commitment from GitHub Actions, you can create and paste this code to run on Cloudflare Workers. Remember, GitHub Tokens generate with no expiration and all permissions.

addEventListener('scheduled', event => {
  event.waitUntil(handleScheduledEvent());
});

async function handleScheduledEvent() {
  const GITHUB_TOKEN = 'YOUR_GITHUB_TOKEN_HERE';
  try {
    const dispatchResponse = await fetch('https://api.github.com/repos/YOUR_USER_NAME/YOUR_REPO_NAME/actions/workflows/main.yml/dispatches', {
      method: 'POST',
      headers: {
        'Authorization': `Bearer ${GITHUB_TOKEN}`,
        'Content-Type': 'application/json',
        'User-Agent': 'Mozilla/5.0',
      },
      body: JSON.stringify({
        ref: 'main'
      }),
    });

    if (!dispatchResponse.ok) throw new Error('Failed to dispatch workflow');
  } catch (error) {
    console.error('Error handling scheduled event:', error);
  }
}

Remember to set up Cloudflare Workers triggers.

• Download the GOAT Termux.

• Here are the commands that need to be run one after another to set up Python.

If you know how to do this, you can skip this step.

yes | pkg upgrade
yes | pkg install python-pip
yes | pkg install git
# Clone your forked repo. #

• Enter folder:

cd <your forked name>

• Edit .env (required):

nano .env

CTRL + X + Y + ENTER to save it.

• Install Dependencies:

pip install -r requirements.txt

• Command to upload (update) your DNS list:

python -m src

You may also check this out termux-change-repo in case you run into trouble setting things up.

• The limit of Cloudflare Gateway Zero Trust free is 300k domains, so remember to pay attention to the workflow logs. If it is exceeded, the script will stop.

• If you have uploaded lists using another script, you should delete them using the delete feature of the uploaded script or delete them manually.

• I have updated the feature to delete lists when you no longer need to use the script. Go to main.py as follows:

if __name__ == "__main__":
    cloudflare_manager = CloudflareManager(PREFIX, MAX_LISTS, MAX_LIST_SIZE)
    # cloudflare_manager.run()
    cloudflare_manager.leave() # Leave script 

Note from @minlaxz:

1. Domain list style: I personally preferred the second one in blacklist styles, which is more readable and concise.
2. Dynamic domain list: You can also update your dynamic (fluid) whitelist and blacklist using dynamic_blacklist.txt and dynamic_whitelist.txt.
3. Deprecated using .env: Setting sensitive information inside a public repository is considered too dangerous, since any unwanted person could easily steal your Cloudflare credentials from that .env file.