From 23949f6a51570d1c8730a2d01556722ee291f2d9 Mon Sep 17 00:00:00 2001
From: Opnxng <opnxng@tuta.io>
Date: Wed, 13 Dec 2023 07:36:19 +0800
Subject: [PATCH] Added Priviblur

---
 config-tasks/priviblur.yaml         |  7 +++++
 templates/compose/priviblur.yaml.j2 | 24 +++++++++++++++
 templates/conf/Caddyfile.j2         | 24 +++++++++++++--
 templates/conf/config.toml.j2       | 47 +++++++++++++++++++++++++++++
 templates/conf/settings.yml.j2      |  4 ++-
 5 files changed, 103 insertions(+), 3 deletions(-)
 create mode 100644 config-tasks/priviblur.yaml
 create mode 100644 templates/compose/priviblur.yaml.j2
 create mode 100644 templates/conf/config.toml.j2

diff --git a/config-tasks/priviblur.yaml b/config-tasks/priviblur.yaml
new file mode 100644
index 0000000..5dd489c
--- /dev/null
+++ b/config-tasks/priviblur.yaml
@@ -0,0 +1,7 @@
+    - name: Set up config.toml
+      template:
+        src: "conf/config.toml.j2"
+        dest: "{{ docker_dir }}/priviblur/config.toml"
+        owner: 1000
+        group: 1000
+        mode: 0755
diff --git a/templates/compose/priviblur.yaml.j2 b/templates/compose/priviblur.yaml.j2
new file mode 100644
index 0000000..7d9f40c
--- /dev/null
+++ b/templates/compose/priviblur.yaml.j2
@@ -0,0 +1,24 @@
+# {{ ansible_managed }}
+version: '3.7'
+services:
+  priviblur:
+    container_name: priviblur
+    image: git.opnxng.com/opnxng/priviblur:latest
+    security_opt:
+      - no-new-privileges
+    environment:
+      - TZ=Asia/Singapore
+#      - PRIVIBLUR_FORWARDED_SECRET =
+      - PRIVIBLUR_PROXIES_COUNT=1
+      - PRIVIBLUR_REAL_IP_HEADER="x-real-ip"
+    restart: unless-stopped
+    ports:
+      - 8907:8000
+    volumes:
+      - {{ docker_dir }}/priviblur/config.toml:/priviblur/config.toml:Z,ro
+    networks:
+      - priviblur
+
+networks:
+  priviblur:
+    name: priviblur
diff --git a/templates/conf/Caddyfile.j2 b/templates/conf/Caddyfile.j2
index 8ca6a52..15ed663 100755
--- a/templates/conf/Caddyfile.j2
+++ b/templates/conf/Caddyfile.j2
@@ -570,6 +570,26 @@
 #		}
 #	}
 
+	@tb host tb.{$HOSTNAME}
+	handle @tb {
+		encode zstd gzip
+		reverse_proxy {
+			to {{ oracle1_private_ip }}:8907
+			to {{ oracle2_private_ip }}:8907
+			to {{ oracle3_private_ip }}:8907
+			to {{ oracle4_private_ip }}:8907
+			lb_policy ip_hash
+			lb_try_duration 5s
+			lb_try_interval 1s
+			fail_duration 30s
+			max_fails 3
+			header_up X-Real-IP {remote_host}
+		}
+		header {
+			X-Robots-Tag "noindex, noimageindex, nosnippet, notranslate, noarchive, nofollow"
+		}
+	}
+
 	@ig host ig.{$HOSTNAME}
 	handle @ig {
 		encode zstd gzip
@@ -608,8 +628,8 @@
 		}
 	}
 
-	@tb host tb.{$HOSTNAME}
-	handle @tb {
+	@ti host ti.{$HOSTNAME}
+	handle @ti {
 		encode zstd gzip
 		reverse_proxy {{ vultr_private_ip }}:8910
 		header {
diff --git a/templates/conf/config.toml.j2 b/templates/conf/config.toml.j2
new file mode 100644
index 0000000..08f1979
--- /dev/null
+++ b/templates/conf/config.toml.j2
@@ -0,0 +1,47 @@
+# Controls deployment options
+[deployment]
+#    host = "127.0.0.1"
+    host = "0.0.0.0"
+    port = 8000
+
+    # Amount of worker Priviblur instances to spawn. Increases speed significantly.
+    # workers = 1
+
+    # # If you're running Priviblur behind a remote proxy, one or more of the following must be set
+    # # can also be set via env variables by captialzing and prefixing with PRIVIBLUR_
+    # #
+    # # For more information see
+    # # https://sanic.dev/en/guide/advanced/proxy-headers.html
+    # #
+    # # Default: None
+    # #
+    # forwarded_secret =
+    # real_ip_header =
+    # proxies_count =
+
+# Controls behaviors pertaining to the way Priviblur requests Tumblr
+[priviblur_backend]
+    # # Timeout for requests to Tumblr's API
+    # main_response_timeout = 10
+
+    # # Timeout for fetching image responses from Tumblr
+    # image_response_timeout = 30
+
+
+# Controls logging behavior
+#
+# Use Python's numerical logging levels
+# https://docs.python.org/3/howto/logging.html#logging-levels
+[logging]
+    # # Sanic (Server)'s logging level'
+    # sanic_logging_level = 30
+
+    # # Priviblur's logging level
+    # priviblur_logging_level = 30
+
+    # # Priviblur extractor's logging level
+    # priviblur_extractor_logging_level = 20
+
+[misc]
+    # # Enable sanic's dev mode
+    # dev_mode = false
diff --git a/templates/conf/settings.yml.j2 b/templates/conf/settings.yml.j2
index e4b519d..e3e424a 100755
--- a/templates/conf/settings.yml.j2
+++ b/templates/conf/settings.yml.j2
@@ -224,6 +224,8 @@ hostname_replace:
   '(.*\.)?redd\.it$':               'old.reddit.com'
   '(.*\.)?medium\.com$':            'm.opnxng.com'
   'fandom\.com$':          'z.opnxng.com'
+  'dic\.academic\.ru$':          'akademik.bloat.cat'
+  '(.*\.)?tumblr\.com$':    'tb.opnxng.com'
   '(.*\.)?imgur\.com$':    'r.opnxng.com'
   '(.*\.)?stackoverflow\.com$':    'a.opnxng.com'
   '(.*\.)?mobile.twitter\.com$':    'n.opnxng.com'
@@ -232,7 +234,7 @@ hostname_replace:
   '(.*\.)?imdb\.com$':            'd.opnxng.com'
   '(.*\.)?instagram\.com$':            'ig.opnxng.com'
 #  '(.*\.)?tiktok\.com$':            'tt.opnxng.com'
-  '(.*\.)?tieba.baidu\.com$':       'tb.opnxng.com'
+  '(.*\.)?tieba.baidu\.com$':       'ti.opnxng.com'
   '(.*\.)?wolframalpha\.com$':            'wf.opnxng.com'
 
   # block bload domains