// the find
chadgeary/cloudblock
Cloudblock deploys secure ad-blocking and VPN for all devices. Text and video guides included! 6 supported cloud providers, plus Ubuntu and Raspberry Pi. Cloudblock deploys Wireguard VPN, Pi-Hole DNS Ad-blocking, and DNS over HTTPS in a cloud provider - or locally - using Terraform and Ansible.
Cloudblock automates spinning up a personal privacy stack — Wireguard VPN, Pi-hole ad-blocking, and cloudflared DNS-over-HTTPS — on six cloud providers or on bare metal, using Terraform and Ansible. It's aimed at developers and power users who want network-level ad-blocking across all their devices without paying for a commercial VPN. The guides and videos lower the barrier considerably, but you're still managing a server.
The multi-provider coverage is genuinely useful — AWS, GCP, Azure, OCI, Digital Ocean, Scaleway, and Raspberry Pi are all first-class targets with separate Terraform and Ansible codebooks, not afterthoughts. The architecture diagram is honest about what each container does and how traffic flows between them. OCI's always-free tier makes this essentially free to run indefinitely, and the repo includes a variant specifically for that. The KMS-encrypted storage options on AWS and GCP show the author thought about secrets-at-rest, not just the traffic path.
Last commit was July 2024, with the changelog stopping in 2022 — Docker image versions are almost certainly stale, and Pi-hole and cloudflared have both had significant releases since then. The Ansible playbooks duplicate a lot of setup logic across providers instead of sharing roles, so a bug fix in one provider's playbook doesn't automatically apply to others. Single-instance deployments mean if the VM goes down, all your devices lose DNS and VPN simultaneously — there's an `etc/aws-two-instances` variant but it's in an extras folder, not the default path. The videos reference Ubuntu 18.04 with a README note to mentally substitute 22.04, which is the kind of documentation debt that bites people mid-setup.