Update pontifex configuration: modify external controller settings, adjust DNS nameservers, and add Crypto Stuff rule set

config-clash/pontifex/pontifex.current.yaml

@@ -1,4 +1,4 @@
-# ————————————————————————————————————————————————————— LOCAL PROXY —————————————————————————————————————————————————————
+# ————————————————————————————————————————————————————— LOCAL PROXY —————————————————————————————————————————————————————vs
 port: 7890
 socks-port: 7891
 redir-port: 7892
@@ -11,7 +11,8 @@ bind-address: "*"
 #  - "user1:pass1"
 
 # ————————————————————————————————————————————————— EXTERNAL CONTROLLER —————————————————————————————————————————————————
-external-controller: 127.0.0.1:9090
+external-controller: 0.0.0.0:9090
+external-controller-tls: 0.0.0.0:9443
 secret: '314159271828'
 external-ui: "/usr/share/openclash/ui"
 
@@ -30,16 +31,19 @@ lgbm-url: "https://github.com/vernesong/mihomo/releases/download/LightGBM-Model/
 
 # ———————————————————————————————————————————————————————— HOSTS ————————————————————————————————————————————————————————
 hosts:
-  'ponitifex.shamanlanding.org':  192.168.10.1
-  
-  'gatekeeper.shamanlanding.org': 192.168.10.4
-  'gitea.shamanlanding.org':      192.168.10.4
-  'ruler.shamanlanding.org':      192.168.10.4
-  'webway.shamanlanding.org':     192.168.10.4
-  
-  '+.scarus.shamanlanding.org':   192.168.10.4
-  '+.retreat.shamanlanding.org':  192.168.10.4
-
+#   DISABLED DUE TO TECHNITIUM DNS MANAGEMENT
+#  'ponitifex.shamanlanding.org':  192.168.10.1
+#  
+#  'gatekeeper.shamanlanding.org': 192.168.10.4
+#  'gitea.shamanlanding.org':      192.168.10.4
+#  'aither.shamanlanding.org':     192.168.10.4
+#  'ruler.shamanlanding.org':      192.168.10.4
+#  'webway.shamanlanding.org':     192.168.10.4
+#  'zashboard.shamanlanding.org':  192.168.10.4
+#  
+#  '+.scarus.shamanlanding.org':   192.168.10.4
+#  '+.retreat.shamanlanding.org':  192.168.10.4
+#
 # ——————————————————————————————————————————————————————— PROFILE ———————————————————————————————————————————————————————
 profile:
   store-selected: true
@@ -83,8 +87,10 @@ dns:
   ipv6: false
   listen: 0.0.0.0:53
   default-nameserver:
-  - 114.114.114.114
-  - 8.8.8.8
+    - 192.168.25.8
+    - 1.1.1.1
+    - 8.8.8.8
+    - 9.9.9.9
   enhanced-mode: fake-ip
   use-hosts: true
   fake-ip-range: 198.18.0.1/16
@@ -96,19 +102,22 @@ dns:
     - '+.webway.dts'
     - '+.netbird.selfhosted'
     - '+.shamanlanding.org'
+    # ————————————————————————— ru domains ———————————————————————
+    - '+.ru'
+    - '+.рф'
+    - '+.su'
   nameserver:
-    - https://d.adguard-dns.com/dns-query/5ffb7de2
+    - 192.168.25.8                # KAVANAH/TECHNITIUM DNS
   fallback:
-    - https://dns.google/dns-query
+    - https://dns.comss.one/dns-query
     - https://cloudflare-dns.com/dns-query
-    - 208.67.222.222
-    - 208.67.220.220
-    - 9.9.9.9
-    - 149.112.112.112
-    - 8.26.56.26
-    - 8.20.247.20
-    - 185.228.168.9
-    - 185.228.169.9
+    - 1.1.1.1
+    - 1.0.0.1
+    - 8.8.8.8
+    - 8.8.4.4
+    - 1.1.1.1
+    - 77.88.8.8
+    - 77.88.8.1
   # If IP addresses resolved with servers in `nameservers` are in the specified
   # subnets below, they are considered invalid and results from `fallback`
   # servers are used instead.
@@ -372,7 +381,7 @@ proxy-providers:
     type: http
     url: "https://sub.d-vpn.in/5577509"
     interval: 3600
-    proxy: ▣ Personal
+    proxy: DIRECT
     path: "./proxy_provider/d-vpn.txt"
     exclude-filter: "(?i)Наш TG|Истекает|@FizzVPN|UNAVAILABLE|EXPIRE|TELEGRAM|USERNAME:|Купить|🔜"
     override:
@@ -385,7 +394,7 @@ proxy-providers:
     type: http
     url: "https://sub-001.dns-on-fire.net/api/sub/Jfo_eg3X0NchfJ3_"
     interval: 3600
-    proxy: ▣ Personal
+    proxy: DIRECT
     path: "./proxy_provider/vezdehod.txt"
     exclude-filter: "(?i)Наш TG|Истекает|@FizzVPN|UNAVAILABLE|EXPIRE|TELEGRAM|USERNAME:|Купить|🔜"
     override:
@@ -398,7 +407,7 @@ proxy-providers:
     type: http
     url: "https://xfizz.cc/sublink/XzU0rRmBeOZtIPprW46f2ieNFcF8PJw9?name=1Y:2213"
     interval: 3600
-    proxy: ▣ Personal
+    proxy: DIRECT
     path: "./proxy_provider/fizz-vpn.txt"
     exclude-filter: "(?i)Наш TG|Истекает|@FizzVPN|UNAVAILABLE|EXPIRE|TELEGRAM|USERNAME:|Купить|🔜"
     override:
@@ -411,7 +420,7 @@ proxy-providers:
     type: http
     url: "https://arza.top/sub/dGZjNHVlLDE3MzIzMDQ2MTYowA-efEYOh"
     interval: 3600
-    proxy: ▣ Personal
+    proxy: DIRECT
     path: "./proxy_provider/arza.txt"
     exclude-filter: "(?i)Наш TG|Истекает|@FizzVPN|UNAVAILABLE|EXPIRE|TELEGRAM|USERNAME:|Купить|🔜"
     override:
@@ -884,14 +893,42 @@ proxy-groups:
   - name: AI Stuff
     type: select
     proxies:
+      - DIRECT
+      - PASS
+      - REJECT
+      - REJECT-DROP
+      - Route Alpha
+      - Route Bravo
+      - Route Charlie
+      - Route Delta
+      - Personal 1️⃣
+      - Personal 2️⃣
+      - Non-personal 1️⃣
+      - Non-personal 2️⃣
+      - Non-personal 3️⃣
+      - Non-personal 4️⃣
+      - Europe 🇪🇺
+      - Turkey 🇹🇷
+      - Asia & ME 🇳🇵 
+      - USA 🇺🇸
+      - Europe 🇪🇺 🄪
+      - Turkey 🇹🇷 🄪
+      - Asia & ME 🇳🇵 🄪
+      - USA 🇺🇸 🄪
+    <<: *health_check_for_selectors
+  - name: Crypto Stuff
+    type: select
+    proxies:
+      - DIRECT
+      - PASS
+      - REJECT
+      - REJECT-DROP
       - Route Alpha
       - Route Bravo
       - Route Charlie
       - Route Delta
-      - ▣ Personal
       - Personal 1️⃣
       - Personal 2️⃣
-      - ▣ Non-personal
       - Non-personal 1️⃣
       - Non-personal 2️⃣
       - Non-personal 3️⃣
@@ -1016,6 +1053,9 @@ proxy-groups:
   - name: Cloudflare
     proxies:
       - DIRECT
+      - PASS
+      - REJECT
+      - REJECT-DROP
       - Route Alpha
       - Route Bravo
       - Route Charlie
@@ -1508,6 +1548,10 @@ rule-providers:
     url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-services/ai-stuff-western.yaml
     path: "./rule_provider/consolidated-services/ai-stuff-western.yaml"                                                                                 
     <<: *default_rule_provider_config
+  📦 Crypto Stuff:
+    url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-services/crypto.yaml
+    path: "./rule_provider/consolidated-services/crypto.yaml"                                                                                 
+    <<: *default_rule_provider_config
   📦 Hentai:               
     url: https://gitea.shamanlanding.org/DaTekShaman/clash-rules/raw/branch/main/rule-provider/consolidated-services/hentai.yaml                
     path: "./rule_provider/services/hentai.yaml"
@@ -1741,6 +1785,7 @@ rules:
 
 # ————————————————————— by service group ———————————————————— #
 - RULE-SET,📦 AI Stuff,AI Stuff
+- RULE-SET,📦 Crypto Stuff,Crypto Stuff
 - RULE-SET,📦 RU Intracountry VPN,RU Intracountry VPN
 - RULE-SET,📦 Hentai,Hentai
 - RULE-SET,📦 Games,Games