# ZeroBlock Configuration
# UCI config file for OpenWrt

# =============================================================================
# GLOBAL SETTINGS
# =============================================================================
config settings 'settings'
	option log_level 'warn'
	option dont_touch_dhcp '0'

	# DNS settings (global)
	option dns_type 'doh'
	option dns_server '8.8.8.8'
	option bootstrap_dns_server '77.88.8.8'
	option dns_rewrite_ttl '60'
	option dns_strategy 'ipv4_only'

	# Clash API and YACD
	option clash_api_enabled '1'
	option clash_api_port '9090'
	option enable_yacd '0'
	option yacd_secret_key ''

	# TPROXY settings (port is fixed at 1602)
	option tproxy_mark '1'

	# Exclusions
	option block_quic '1'
	option disable_quic '0'
	option exclude_ntp '1'
	option exclude_local_subnets '1'
	option dns_hijack '1'
	option desync_mark '0x40000000'

	# Network interfaces (global - for output)
	option enable_badwan_interface_monitoring '0'
	option enable_output_network_interface '0'
	option proxy_router_traffic '0'

	# List updates
	option download_lists_via_proxy '0'
	option update_interval '1d'

# =============================================================================
# AUTO CONFIGURATION
# =============================================================================
config auto_config 'auto_config'
	# AmneziaWG WARP автонастройка
	option awg_auto_config '0'

	# Opera Proxy автонастройка
	option opera_auto_config '0'

	# Zapret (DPI bypass) автонастройка
	option zapret_auto_config '0'

	# Routing Sections автозагрузка
	option sections_auto_load '0'

	# Мониторинг и автовосстановление
	option enable_monitoring '1'
	option monitor_time '03:00'
	option monitor_interval 'daily'

# =============================================================================
# DNS SERVERS
# =============================================================================
config dns_server 'dns_main'
	option enabled '1'
	option type 'udp'
	option tag 'dns-main'
	option server '8.8.8.8'
	option server_port '53'
	option detour 'direct-out'

config dns_server 'dns_fakeip'
	option enabled '1'
	option type 'fakeip'
	option tag 'dns-fakeip'

# =============================================================================
# UI SECTIONS (for LuCI tabs)
# =============================================================================
config dashboard 'dashboard'

config diagnostic 'diagnostic'

# =============================================================================
# ROUTING SECTIONS
# =============================================================================
# Each 'section' defines a routing rule with proxy/vpn/block mode
# Section name (e.g., 'youtube_proxy') is used as identifier
#
# Common fields:
#   enabled              - '0' or '1'
#   connection_type      - 'vpn', 'proxy', or 'block'
#
# DNS settings (per section):
#   dns_type             - 'udp', 'doh', or 'dot'
#   dns_server           - DNS server address (e.g., '8.8.8.8')
#   bootstrap_dns_server - Bootstrap DNS for DoH/DoT
#   dns_rewrite_ttl      - DNS cache TTL in seconds
#   disable_fakeip       - '0' or '1' - disable FakeIP for this section
#
# Network (per section):
#   source_interface     - List of source interfaces (e.g., 'br-lan')
#
# For VPN (connection_type = 'vpn'):
#   interface            - Network interface name (e.g., 'awg0', 'wg0', 'tun0')
#
# For proxy (connection_type = 'proxy'):
#   proxy_config_type    - 'url', 'outbound', or 'urltest'
#   proxy_string         - Proxy URL (vless://, ss://, trojan://, socks5://)
#   outbound_json        - Full sing-box outbound JSON config
#   urltest_proxy_links  - List of proxy URLs for URLTest
#   urltest_check_interval - Check interval (30s, 1m, 3m, 5m)
#   urltest_tolerance    - Latency tolerance in ms (50-1000)
#   urltest_testing_url  - URL for latency testing
#   enable_udp_over_tcp  - '0' or '1'
#
# Routing lists:
#   community_lists      - List of community list keys (youtube, discord, etc.)
#   user_domain_list_type - 'disabled', 'dynamic', or 'text'
#   user_domains         - List of custom domains
#   user_domains_text    - Text block with domains
#   user_subnet_list_type - 'disabled', 'dynamic', or 'text'
#   user_subnets         - List of custom subnets/IPs
#   user_subnets_text    - Text block with subnets
#   local_domain_lists   - List of local file paths
#   local_subnet_lists   - List of local file paths
#   remote_domain_lists  - List of remote URLs
#   remote_subnet_lists  - List of remote URLs
#
# Advanced:
#   fully_routed_ips     - List of local IPs to fully route

# Opera Proxy for geo-blocked content
config section 'opera'
	option enabled '1'
	option connection_type 'proxy'
	option proxy_config_type 'outbound'
	option outbound_json '{"type":"http","server":"127.0.0.1","server_port":18080}'
	option user_domain_list_type 'disabled'
	option user_subnet_list_type 'disabled'
	list community_lists 'geoblock'
	list community_lists 'block'
	list community_lists 'meta'
	list community_lists 'tiktok'

# AmneziaWG WARP for Cloudflare
config section 'awg10'
	option enabled '1'
	option connection_type 'vpn'
	option interface 'awg10'
	option dns_type 'doh'
	option dns_server '8.8.8.8'
	option dns_bootstrap '77.88.8.8'
	option disable_fakeip '1'
	option user_domain_list_type 'disabled'
	option user_subnet_list_type 'disabled'
	list community_lists 'cloudflare'
