Pull request 1991: AG-25392 confmigrate vol.2

Merge in DNS/adguard-home from AG-25392-confmigrate-vol.2 to master

Squashed commit of the following:

commit 7bcdf443135523022a7e5ed6b2da05fcd784a896
Merge: 4c25331b5 f84ff2bd0
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Mon Sep 4 20:33:08 2023 +0300

    Merge branch 'master' into AG-25392-confmigrate-vol.2

commit 4c25331b507078670e7f3505384b53179a210292
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Mon Sep 4 20:14:23 2023 +0300

    confmigrate: fix fmt

commit d7dbfc46a7f825d248cb028d50b60eede941bf67
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Mon Sep 4 20:07:25 2023 +0300

    confmigrate: imp code

commit cd29729a23d1782a0b5fbd1e9153fe61ff3dbc71
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Mon Sep 4 18:21:14 2023 +0300

    confmigrate: imp code, split files

commit f075a14c251c68a13152709e14a326ad17c2f889
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Mon Sep 4 17:19:47 2023 +0300

    confmigrate: imp code

commit 37335597e7870184528c1d868e2d5bd5525a74bb
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Mon Sep 4 16:54:13 2023 +0300

    confmigrate: imp code, docs

commit 1df0ddcad99e5056b4989d17490ca4b44ae17838
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Mon Sep 4 14:41:52 2023 +0300

    all: add testdata

commit e62690dbe8e458811bbd6b115b4449affa729560
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Thu Aug 31 16:13:14 2023 +0300

    all: imp code

commit 0934d5974b31a58b31b12412c3cd1a50810ffc4f
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Wed Aug 30 15:50:52 2023 +0300

    home: don't reread config

commit 7566ab6f330460bd608aae6dc0428a631e2fa4e3
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Wed Aug 30 15:43:57 2023 +0300

    all: imp code

commit 6f6aae6290f8d3101f3678ecc705eee7030ad8d5
Author: Eugene Burkov <E.Burkov@AdGuard.COM>
Date:   Wed Aug 30 15:25:46 2023 +0300

    all: introduce confmigrate

internal/confmigrate/confmigrate.go

@@ -1,143 +0,0 @@
-// Package confmigrate provides a way to upgrade the YAML configuration file.
-package confmigrate
-
-import (
-	"bytes"
-	"fmt"
-
-	"github.com/AdguardTeam/golibs/log"
-	yaml "gopkg.in/yaml.v3"
-)
-
-// CurrentSchemaVersion is the current schema version.
-const CurrentSchemaVersion = 26
-
-// These aliases are provided for convenience.
-type (
-	yarr = []any
-	yobj = map[string]any
-)
-
-// Config is a the configuration for initializing a [Migrator].
-type Config struct {
-	// WorkingDir is an absolute path to the working directory of AdGuardHome.
-	WorkingDir string
-}
-
-// Migrator performs the YAML configuration file migrations.
-type Migrator struct {
-	// workingDir is an absolute path to the working directory of AdGuardHome.
-	workingDir string
-}
-
-// New creates a new Migrator.
-func New(cfg *Config) (m *Migrator) {
-	return &Migrator{
-		workingDir: cfg.WorkingDir,
-	}
-}
-
-// Migrate does necessary upgrade operations if needed.  It returns the new
-// configuration file body, and a boolean indicating whether the configuration
-// file was actually upgraded.
-func (m *Migrator) Migrate(body []byte) (newBody []byte, upgraded bool, err error) {
-	// read a config file into an interface map, so we can manipulate values without losing any
-	diskConf := yobj{}
-	err = yaml.Unmarshal(body, &diskConf)
-	if err != nil {
-		log.Printf("parsing config file for upgrade: %s", err)
-
-		return nil, false, err
-	}
-
-	schemaVersionVal, ok := diskConf["schema_version"]
-	log.Tracef("got schema version %v", schemaVersionVal)
-	if !ok {
-		// no schema version, set it to 0
-		schemaVersionVal = 0
-	}
-
-	schemaVersion, ok := schemaVersionVal.(int)
-	if !ok {
-		err = fmt.Errorf("configuration file contains non-integer schema_version, abort")
-		log.Println(err)
-
-		return nil, false, err
-	}
-
-	if schemaVersion == CurrentSchemaVersion {
-		// do nothing
-		return body, false, nil
-	}
-
-	err = m.upgradeConfigSchema(schemaVersion, diskConf)
-	if err != nil {
-		log.Printf("upgrading configuration file: %s", err)
-
-		return nil, false, err
-	}
-
-	buf := &bytes.Buffer{}
-	enc := yaml.NewEncoder(buf)
-	enc.SetIndent(2)
-
-	err = enc.Encode(diskConf)
-	if err != nil {
-		return nil, false, fmt.Errorf("generating new config: %w", err)
-	}
-
-	return buf.Bytes(), true, nil
-}
-
-// upgradeFunc is a function that upgrades a config and returns an error.
-type upgradeFunc = func(diskConf yobj) (err error)
-
-// Upgrade from oldVersion to newVersion
-func (m *Migrator) upgradeConfigSchema(oldVersion int, diskConf yobj) (err error) {
-	upgrades := []upgradeFunc{
-		m.upgradeSchema0to1,
-		m.upgradeSchema1to2,
-		upgradeSchema2to3,
-		upgradeSchema3to4,
-		upgradeSchema4to5,
-		upgradeSchema5to6,
-		upgradeSchema6to7,
-		upgradeSchema7to8,
-		upgradeSchema8to9,
-		upgradeSchema9to10,
-		upgradeSchema10to11,
-		upgradeSchema11to12,
-		upgradeSchema12to13,
-		upgradeSchema13to14,
-		upgradeSchema14to15,
-		upgradeSchema15to16,
-		upgradeSchema16to17,
-		upgradeSchema17to18,
-		upgradeSchema18to19,
-		upgradeSchema19to20,
-		upgradeSchema20to21,
-		upgradeSchema21to22,
-		upgradeSchema22to23,
-		upgradeSchema23to24,
-		upgradeSchema24to25,
-		upgradeSchema25to26,
-	}
-
-	n := 0
-	for i, u := range upgrades {
-		if i >= oldVersion {
-			err = u(diskConf)
-			if err != nil {
-				return err
-			}
-
-			n++
-		}
-	}
-
-	if n == 0 {
-		return fmt.Errorf("unknown configuration schema version %d", oldVersion)
-	}
-
-	return nil
-}

internal/confmigrate/migrations_test.go

@@ -20,7 +20,7 @@ func TestUpgradeSchema1to2(t *testing.T) {
 		WorkingDir: "",
 	})
 
-	err := m.upgradeSchema1to2(diskConf)
+	err := m.migrateTo2(diskConf)
 	require.NoError(t, err)
 
 	require.Equal(t, diskConf["schema_version"], 2)
@@ -43,7 +43,7 @@ func TestUpgradeSchema1to2(t *testing.T) {
 func TestUpgradeSchema2to3(t *testing.T) {
 	diskConf := testDiskConf(2)
 
-	err := upgradeSchema2to3(diskConf)
+	err := migrateTo3(diskConf)
 	require.NoError(t, err)
 
 	require.Equal(t, diskConf["schema_version"], 3)
@@ -56,7 +56,7 @@ func TestUpgradeSchema2to3(t *testing.T) {
 
 	bootstrapDNS := newDNSConf["bootstrap_dns"]
 	switch v := bootstrapDNS.(type) {
-	case []string:
+	case yarr:
 		require.Len(t, v, 1)
 		require.Equal(t, "8.8.8.8:53", v[0])
 	default:
@@ -82,20 +82,20 @@ func TestUpgradeSchema5to6(t *testing.T) {
 		name    string
 	}{{
 		in: yobj{
-			"clients": []yobj{},
+			"clients": yarr{},
 		},
 		want: yobj{
-			"clients":        []yobj{},
+			"clients":        yarr{},
 			"schema_version": newSchemaVer,
 		},
 		wantErr: "",
 		name:    "no_clients",
 	}, {
 		in: yobj{
-			"clients": []yobj{{"ip": "127.0.0.1"}},
+			"clients": yarr{yobj{"ip": "127.0.0.1"}},
 		},
 		want: yobj{
-			"clients": []yobj{{
+			"clients": yarr{yobj{
 				"ids": []string{"127.0.0.1"},
 				"ip":  "127.0.0.1",
 			}},
@@ -105,10 +105,10 @@ func TestUpgradeSchema5to6(t *testing.T) {
 		name:    "client_ip",
 	}, {
 		in: yobj{
-			"clients": []yobj{{"mac": "mac"}},
+			"clients": yarr{yobj{"mac": "mac"}},
 		},
 		want: yobj{
-			"clients": []yobj{{
+			"clients": yarr{yobj{
 				"ids": []string{"mac"},
 				"mac": "mac",
 			}},
@@ -118,10 +118,10 @@ func TestUpgradeSchema5to6(t *testing.T) {
 		name:    "client_mac",
 	}, {
 		in: yobj{
-			"clients": []yobj{{"ip": "127.0.0.1", "mac": "mac"}},
+			"clients": yarr{yobj{"ip": "127.0.0.1", "mac": "mac"}},
 		},
 		want: yobj{
-			"clients": []yobj{{
+			"clients": yarr{yobj{
 				"ids": []string{"127.0.0.1", "mac"},
 				"ip":  "127.0.0.1",
 				"mac": "mac",
@@ -132,29 +132,29 @@ func TestUpgradeSchema5to6(t *testing.T) {
 		name:    "client_ip_mac",
 	}, {
 		in: yobj{
-			"clients": []yobj{{"ip": 1, "mac": "mac"}},
+			"clients": yarr{yobj{"ip": 1, "mac": "mac"}},
 		},
 		want: yobj{
-			"clients":        []yobj{{"ip": 1, "mac": "mac"}},
+			"clients":        yarr{yobj{"ip": 1, "mac": "mac"}},
 			"schema_version": newSchemaVer,
 		},
-		wantErr: "client.ip is not a string: 1",
+		wantErr: `client at index 0: unexpected type of "ip": int`,
 		name:    "inv_client_ip",
 	}, {
 		in: yobj{
-			"clients": []yobj{{"ip": "127.0.0.1", "mac": 1}},
+			"clients": yarr{yobj{"ip": "127.0.0.1", "mac": 1}},
 		},
 		want: yobj{
-			"clients":        []yobj{{"ip": "127.0.0.1", "mac": 1}},
+			"clients":        yarr{yobj{"ip": "127.0.0.1", "mac": 1}},
 			"schema_version": newSchemaVer,
 		},
-		wantErr: "client.mac is not a string: 1",
+		wantErr: `client at index 0: unexpected type of "mac": int`,
 		name:    "inv_client_mac",
 	}}
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema5to6(tc.in)
+			err := migrateTo6(tc.in)
 			testutil.AssertErrorMsg(t, tc.wantErr, err)
 			assert.Equal(t, tc.want, tc.in)
 		})
@@ -170,7 +170,7 @@ func TestUpgradeSchema7to8(t *testing.T) {
 		"schema_version": 7,
 	}
 
-	err := upgradeSchema7to8(oldConf)
+	err := migrateTo8(oldConf)
 	require.NoError(t, err)
 
 	require.Equal(t, oldConf["schema_version"], 8)
@@ -198,7 +198,7 @@ func TestUpgradeSchema8to9(t *testing.T) {
 			"schema_version": 8,
 		}
 
-		err := upgradeSchema8to9(oldConf)
+		err := migrateTo9(oldConf)
 		require.NoError(t, err)
 
 		require.Equal(t, oldConf["schema_version"], 9)
@@ -221,7 +221,7 @@ func TestUpgradeSchema8to9(t *testing.T) {
 			"schema_version": 8,
 		}
 
-		err := upgradeSchema8to9(oldConf)
+		err := migrateTo9(oldConf)
 		require.NoError(t, err)
 
 		require.Equal(t, oldConf["schema_version"], 9)
@@ -408,12 +408,12 @@ func TestUpgradeSchema9to10(t *testing.T) {
 	}, {
 		ups:     ultimateAns,
 		want:    nil,
-		wantErr: "unexpected type of dns.upstream_dns: int",
+		wantErr: `unexpected type of "upstream_dns": int`,
 		name:    "bad_yarr_type",
 	}, {
 		ups:     yarr{ultimateAns},
 		want:    nil,
-		wantErr: "unexpected type of upstream field: int",
+		wantErr: `unexpected type of upstream field: int`,
 		name:    "bad_upstream_type",
 	}}
 
@@ -425,7 +425,7 @@ func TestUpgradeSchema9to10(t *testing.T) {
 			"schema_version": 9,
 		}
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema9to10(conf)
+			err := migrateTo10(conf)
 
 			if tc.wantErr != "" {
 				testutil.AssertErrorMsg(t, tc.wantErr, err)
@@ -450,17 +450,17 @@ func TestUpgradeSchema9to10(t *testing.T) {
 	}
 
 	t.Run("no_dns", func(t *testing.T) {
-		err := upgradeSchema9to10(yobj{})
+		err := migrateTo10(yobj{})
 
 		assert.NoError(t, err)
 	})
 
 	t.Run("bad_dns", func(t *testing.T) {
-		err := upgradeSchema9to10(yobj{
+		err := migrateTo10(yobj{
 			"dns": ultimateAns,
 		})
 
-		testutil.AssertErrorMsg(t, "unexpected type of dns: int", err)
+		testutil.AssertErrorMsg(t, `unexpected type of "dns": int`, err)
 	})
 }
 
@@ -468,7 +468,7 @@ func TestUpgradeSchema10to11(t *testing.T) {
 	check := func(t *testing.T, conf yobj) {
 		rlimit, _ := conf["rlimit_nofile"].(int)
 
-		err := upgradeSchema10to11(conf)
+		err := migrateTo11(conf)
 		require.NoError(t, err)
 
 		require.Equal(t, conf["schema_version"], 11)
@@ -525,7 +525,7 @@ func TestUpgradeSchema11to12(t *testing.T) {
 	}, {
 		ivl:     0.25,
 		want:    0,
-		wantErr: "unexpected type of querylog_interval: float64",
+		wantErr: `unexpected type of "querylog_interval": float64`,
 		name:    "fail",
 	}}
 
@@ -537,7 +537,7 @@ func TestUpgradeSchema11to12(t *testing.T) {
 			"schema_version": 11,
 		}
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema11to12(conf)
+			err := migrateTo12(conf)
 
 			if tc.wantErr != "" {
 				require.Error(t, err)
@@ -566,17 +566,17 @@ func TestUpgradeSchema11to12(t *testing.T) {
 	}
 
 	t.Run("no_dns", func(t *testing.T) {
-		err := upgradeSchema11to12(yobj{})
+		err := migrateTo12(yobj{})
 
 		assert.NoError(t, err)
 	})
 
 	t.Run("bad_dns", func(t *testing.T) {
-		err := upgradeSchema11to12(yobj{
+		err := migrateTo12(yobj{
 			"dns": 0,
 		})
 
-		testutil.AssertErrorMsg(t, "unexpected type of dns: int", err)
+		testutil.AssertErrorMsg(t, `unexpected type of "dns": int`, err)
 	})
 
 	t.Run("no_field", func(t *testing.T) {
@@ -584,7 +584,7 @@ func TestUpgradeSchema11to12(t *testing.T) {
 			"dns": yobj{},
 		}
 
-		err := upgradeSchema11to12(conf)
+		err := migrateTo12(conf)
 		require.NoError(t, err)
 
 		dns, ok := conf["dns"]
@@ -644,7 +644,7 @@ func TestUpgradeSchema12to13(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema12to13(tc.in)
+			err := migrateTo13(tc.in)
 			require.NoError(t, err)
 
 			assert.Equal(t, tc.want, tc.in)
@@ -726,7 +726,7 @@ func TestUpgradeSchema13to14(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema13to14(tc.in)
+			err := migrateTo14(tc.in)
 			require.NoError(t, err)
 
 			assert.Equal(t, tc.want, tc.in)
@@ -774,7 +774,7 @@ func TestUpgradeSchema14to15(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema14to15(tc.in)
+			err := migrateTo15(tc.in)
 			require.NoError(t, err)
 
 			assert.Equal(t, tc.want, tc.in)
@@ -833,7 +833,7 @@ func TestUpgradeSchema15to16(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema15to16(tc.in)
+			err := migrateTo16(tc.in)
 			require.NoError(t, err)
 
 			assert.Equal(t, tc.want, tc.in)
@@ -894,7 +894,7 @@ func TestUpgradeSchema16to17(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema16to17(tc.in)
+			err := migrateTo17(tc.in)
 			require.NoError(t, err)
 
 			assert.Equal(t, tc.want, tc.in)
@@ -953,7 +953,7 @@ func TestUpgradeSchema17to18(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema17to18(tc.in)
+			err := migrateTo18(tc.in)
 			require.NoError(t, err)
 
 			assert.Equal(t, tc.want, tc.in)
@@ -966,7 +966,7 @@ func TestUpgradeSchema18to19(t *testing.T) {
 
 	defaultWantObj := yobj{
 		"clients": yobj{
-			"persistent": []yobj{{
+			"persistent": yarr{yobj{
 				"name": "localhost",
 				"safe_search": yobj{
 					"enabled":    true,
@@ -998,7 +998,7 @@ func TestUpgradeSchema18to19(t *testing.T) {
 	}, {
 		in: yobj{
 			"clients": yobj{
-				"persistent": []yobj{{"name": "localhost"}},
+				"persistent": yarr{yobj{"name": "localhost"}},
 			},
 		},
 		want: defaultWantObj,
@@ -1006,7 +1006,7 @@ func TestUpgradeSchema18to19(t *testing.T) {
 	}, {
 		in: yobj{
 			"clients": yobj{
-				"persistent": []yobj{{"name": "localhost", "safesearch_enabled": true}},
+				"persistent": yarr{yobj{"name": "localhost", "safesearch_enabled": true}},
 			},
 		},
 		want: defaultWantObj,
@@ -1014,11 +1014,11 @@ func TestUpgradeSchema18to19(t *testing.T) {
 	}, {
 		in: yobj{
 			"clients": yobj{
-				"persistent": []yobj{{"name": "localhost", "safesearch_enabled": false}},
+				"persistent": yarr{yobj{"name": "localhost", "safesearch_enabled": false}},
 			},
 		},
 		want: yobj{
-			"clients": yobj{"persistent": []yobj{{
+			"clients": yobj{"persistent": yarr{yobj{
 				"name": "localhost",
 				"safe_search": yobj{
 					"enabled":    false,
@@ -1037,7 +1037,7 @@ func TestUpgradeSchema18to19(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema18to19(tc.in)
+			err := migrateTo19(tc.in)
 			require.NoError(t, err)
 
 			assert.Equal(t, tc.want, tc.in)
@@ -1064,7 +1064,7 @@ func TestUpgradeSchema19to20(t *testing.T) {
 	}, {
 		ivl:     0.25,
 		want:    0,
-		wantErr: "unexpected type of interval: float64",
+		wantErr: `unexpected type of "interval": float64`,
 		name:    "fail",
 	}}
 
@@ -1076,7 +1076,7 @@ func TestUpgradeSchema19to20(t *testing.T) {
 			"schema_version": 19,
 		}
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema19to20(conf)
+			err := migrateTo20(conf)
 
 			if tc.wantErr != "" {
 				require.Error(t, err)
@@ -1105,17 +1105,17 @@ func TestUpgradeSchema19to20(t *testing.T) {
 	}
 
 	t.Run("no_stats", func(t *testing.T) {
-		err := upgradeSchema19to20(yobj{})
+		err := migrateTo20(yobj{})
 
 		assert.NoError(t, err)
 	})
 
 	t.Run("bad_stats", func(t *testing.T) {
-		err := upgradeSchema19to20(yobj{
+		err := migrateTo20(yobj{
 			"statistics": 0,
 		})
 
-		testutil.AssertErrorMsg(t, "unexpected type of stats: int", err)
+		testutil.AssertErrorMsg(t, `unexpected type of "statistics": int`, err)
 	})
 
 	t.Run("no_field", func(t *testing.T) {
@@ -1123,7 +1123,7 @@ func TestUpgradeSchema19to20(t *testing.T) {
 			"statistics": yobj{},
 		}
 
-		err := upgradeSchema19to20(conf)
+		err := migrateTo20(conf)
 		require.NoError(t, err)
 
 		statsVal, ok := conf["statistics"]
@@ -1180,7 +1180,7 @@ func TestUpgradeSchema20to21(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema20to21(tc.in)
+			err := migrateTo21(tc.in)
 			require.NoError(t, err)
 
 			assert.Equal(t, tc.want, tc.in)
@@ -1250,7 +1250,7 @@ func TestUpgradeSchema21to22(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema21to22(tc.in)
+			err := migrateTo22(tc.in)
 			require.NoError(t, err)
 
 			assert.Equal(t, tc.want, tc.in)
@@ -1303,7 +1303,7 @@ func TestUpgradeSchema22to23(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema22to23(tc.in)
+			err := migrateTo23(tc.in)
 			require.NoError(t, err)
 
 			assert.Equal(t, tc.want, tc.in)
@@ -1362,21 +1362,15 @@ func TestUpgradeSchema23to24(t *testing.T) {
 			"verbose":         true,
 		},
 		want: yobj{
-			"log_file":        "/test/path.log",
+			"log_compress":   "",
-			"log_max_backups": 1,
+			"schema_version": newSchemaVer,
-			"log_max_size":    2,
-			"log_max_age":     3,
-			"log_compress":    "",
-			"log_localtime":   true,
-			"verbose":         true,
-			"schema_version":  newSchemaVer,
 		},
-		wantErrMsg: "unexpected type of log_compress: string",
+		wantErrMsg: `unexpected type of "log_compress": string`,
 	}}
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema23to24(tc.in)
+			err := migrateTo24(tc.in)
 			testutil.AssertErrorMsg(t, tc.wantErrMsg, err)
 
 			assert.Equal(t, tc.want, tc.in)
@@ -1458,12 +1452,12 @@ func TestUpgradeSchema24to25(t *testing.T) {
 			"debug_pprof":    1,
 			"schema_version": newSchemaVer,
 		},
-		wantErrMsg: "unexpected type of debug_pprof: int",
+		wantErrMsg: `unexpected type of "debug_pprof": int`,
 	}}
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema24to25(tc.in)
+			err := migrateTo25(tc.in)
 			testutil.AssertErrorMsg(t, tc.wantErrMsg, err)
 
 			assert.Equal(t, tc.want, tc.in)
@@ -1562,7 +1556,7 @@ func TestUpgradeSchema25to26(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
-			err := upgradeSchema25to26(tc.in)
+			err := migrateTo26(tc.in)
 			require.NoError(t, err)
 
 			assert.Equal(t, tc.want, tc.in)

internal/confmigrate/migrator.go

@@ -0,0 +1,139 @@
+// Package confmigrate provides a way to upgrade the YAML configuration file.
+package confmigrate
+
+import (
+	"bytes"
+	"fmt"
+
+	"github.com/AdguardTeam/golibs/log"
+	yaml "gopkg.in/yaml.v3"
+)
+
+// LastSchemaVersion is the most recent schema version.
+const LastSchemaVersion uint = 26
+
+// Config is a the configuration for initializing a [Migrator].
+type Config struct {
+	// WorkingDir is an absolute path to the working directory of AdGuardHome.
+	WorkingDir string
+}
+
+// Migrator performs the YAML configuration file migrations.
+type Migrator struct {
+	// workingDir is an absolute path to the working directory of AdGuardHome.
+	workingDir string
+}
+
+// New creates a new Migrator.
+func New(cfg *Config) (m *Migrator) {
+	return &Migrator{
+		workingDir: cfg.WorkingDir,
+	}
+}
+
+// Migrate preforms necessary upgrade operations to upgrade file to target
+// schema version, if needed.  It returns the body of the upgraded config file,
+// whether the file was upgraded, and an error, if any.  If upgraded is false,
+// the body is the same as the input.
+func (m *Migrator) Migrate(body []byte, target uint) (newBody []byte, upgraded bool, err error) {
+	diskConf := yobj{}
+	err = yaml.Unmarshal(body, &diskConf)
+	if err != nil {
+		return body, false, fmt.Errorf("parsing config file for upgrade: %w", err)
+	}
+
+	currentInt, _, err := fieldVal[int](diskConf, "schema_version")
+	if err != nil {
+		// Don't wrap the error, since it's informative enough as is.
+		return body, false, err
+	}
+
+	current := uint(currentInt)
+	log.Debug("got schema version %v", current)
+
+	if err = validateVersion(current, target); err != nil {
+		// Don't wrap the error, since it's informative enough as is.
+		return body, false, err
+	} else if current == target {
+		return body, false, nil
+	}
+
+	if err = m.upgradeConfigSchema(current, target, diskConf); err != nil {
+		// Don't wrap the error, since it's informative enough as is.
+		return body, false, err
+	}
+
+	buf := bytes.NewBuffer(newBody)
+	enc := yaml.NewEncoder(buf)
+	enc.SetIndent(2)
+
+	if err = enc.Encode(diskConf); err != nil {
+		return body, false, fmt.Errorf("generating new config: %w", err)
+	}
+
+	return buf.Bytes(), true, nil
+}
+
+// validateVersion validates the current and desired schema versions.
+func validateVersion(current, target uint) (err error) {
+	switch {
+	case current > target:
+		return fmt.Errorf("unknown current schema version %d", current)
+	case target > LastSchemaVersion:
+		return fmt.Errorf("unknown target schema version %d", target)
+	case target < current:
+		return fmt.Errorf("target schema version %d lower than current %d", target, current)
+	default:
+		return nil
+	}
+}
+
+// migrateFunc is a function that upgrades a config and returns an error.
+type migrateFunc = func(diskConf yobj) (err error)
+
+// upgradeConfigSchema upgrades the configuration schema in diskConf from
+// current to target version.  current must be less than target, and both must
+// be non-negative and less or equal to [LastSchemaVersion].
+func (m *Migrator) upgradeConfigSchema(current, target uint, diskConf yobj) (err error) {
+	upgrades := [LastSchemaVersion]migrateFunc{
+		0:  m.migrateTo1,
+		1:  m.migrateTo2,
+		2:  migrateTo3,
+		3:  migrateTo4,
+		4:  migrateTo5,
+		5:  migrateTo6,
+		6:  migrateTo7,
+		7:  migrateTo8,
+		8:  migrateTo9,
+		9:  migrateTo10,
+		10: migrateTo11,
+		11: migrateTo12,
+		12: migrateTo13,
+		13: migrateTo14,
+		14: migrateTo15,
+		15: migrateTo16,
+		16: migrateTo17,
+		17: migrateTo18,
+		18: migrateTo19,
+		19: migrateTo20,
+		20: migrateTo21,
+		21: migrateTo22,
+		22: migrateTo23,
+		23: migrateTo24,
+		24: migrateTo25,
+		25: migrateTo26,
+	}
+
+	for i, migrate := range upgrades[current:target] {
+		cur := current + uint(i)
+		next := current + uint(i) + 1
+
+		log.Printf("Upgrade yaml: %d to %d", cur, next)
+
+		if err = migrate(diskConf); err != nil {
+			return fmt.Errorf("migrating schema %d to %d: %w", cur, next, err)
+		}
+	}
+
+	return nil
+}

internal/confmigrate/migrator_test.go

@@ -0,0 +1,204 @@
+package confmigrate_test
+
+import (
+	"io/fs"
+	"os"
+	"path/filepath"
+	"testing"
+
+	"github.com/AdguardTeam/AdGuardHome/internal/confmigrate"
+	"github.com/stretchr/testify/require"
+	"golang.org/x/crypto/bcrypt"
+	yaml "gopkg.in/yaml.v3"
+)
+
+// getField returns the value located at the given indexes in the given object.
+// It fails the test if the value is not found or of the expected type.  The
+// indexes can be either strings or integers, and are interpreted as map keys or
+// array indexes, respectively.
+func getField[T any](t require.TestingT, obj any, indexes ...any) (val T) {
+	for _, index := range indexes {
+		switch index := index.(type) {
+		case string:
+			require.IsType(t, map[string]any(nil), obj)
+			typedObj := obj.(map[string]any)
+
+			require.Contains(t, typedObj, index)
+			obj = typedObj[index]
+		case int:
+			require.IsType(t, []any(nil), obj)
+			typedObj := obj.([]any)
+
+			require.Less(t, index, len(typedObj))
+			obj = typedObj[index]
+		default:
+			t.Errorf("unexpected index type: %T", index)
+			t.FailNow()
+		}
+	}
+
+	require.IsType(t, val, obj)
+
+	return obj.(T)
+}
+
+// testdata is a virtual filesystem containing test data.
+var testdata = os.DirFS("testdata")
+
+func TestMigrateConfig_Migrate(t *testing.T) {
+	const (
+		inputFileName  = "input.yml"
+		outputFileName = "output.yml"
+	)
+
+	testCases := []struct {
+		yamlEqFunc    func(t require.TestingT, expected, actual string, msgAndArgs ...any)
+		name          string
+		targetVersion uint
+	}{{
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v1",
+		targetVersion: 1,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v2",
+		targetVersion: 2,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v3",
+		targetVersion: 3,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v4",
+		targetVersion: 4,
+	}, {
+		// Compare passwords separately because bcrypt hashes those with a
+		// different salt every time.
+		yamlEqFunc: func(t require.TestingT, expected, actual string, msgAndArgs ...any) {
+			if h, ok := t.(interface{ Helper() }); ok {
+				h.Helper()
+			}
+
+			var want, got map[string]any
+			err := yaml.Unmarshal([]byte(expected), &want)
+			require.NoError(t, err)
+
+			err = yaml.Unmarshal([]byte(actual), &got)
+			require.NoError(t, err)
+
+			gotPass := getField[string](t, got, "users", 0, "password")
+			wantPass := getField[string](t, want, "users", 0, "password")
+			require.NoError(t, bcrypt.CompareHashAndPassword([]byte(gotPass), []byte(wantPass)))
+
+			delete(getField[map[string]any](t, got, "users", 0), "password")
+			delete(getField[map[string]any](t, want, "users", 0), "password")
+
+			require.Equal(t, want, got, msgAndArgs...)
+		},
+		name:          "v5",
+		targetVersion: 5,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v6",
+		targetVersion: 6,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v7",
+		targetVersion: 7,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v8",
+		targetVersion: 8,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v9",
+		targetVersion: 9,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v10",
+		targetVersion: 10,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v11",
+		targetVersion: 11,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v12",
+		targetVersion: 12,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v13",
+		targetVersion: 13,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v14",
+		targetVersion: 14,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v15",
+		targetVersion: 15,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v16",
+		targetVersion: 16,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v17",
+		targetVersion: 17,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v18",
+		targetVersion: 18,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v19",
+		targetVersion: 19,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v20",
+		targetVersion: 20,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v21",
+		targetVersion: 21,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v22",
+		targetVersion: 22,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v23",
+		targetVersion: 23,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v24",
+		targetVersion: 24,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v25",
+		targetVersion: 25,
+	}, {
+		yamlEqFunc:    require.YAMLEq,
+		name:          "v26",
+		targetVersion: 26,
+	}}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			body, err := fs.ReadFile(testdata, filepath.Join(t.Name(), inputFileName))
+			require.NoError(t, err)
+
+			wantBody, err := fs.ReadFile(testdata, filepath.Join(t.Name(), outputFileName))
+			require.NoError(t, err)
+
+			migrator := confmigrate.New(&confmigrate.Config{
+				WorkingDir: t.Name(),
+			})
+			newBody, upgraded, err := migrator.Migrate(body, tc.targetVersion)
+			require.NoError(t, err)
+			require.True(t, upgraded)
+
+			tc.yamlEqFunc(t, string(wantBody), string(newBody))
+		})
+	}
+}

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v1/input.yml

@@ -0,0 +1,31 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+auth_name: testuser
+auth_pass: testpassword
+coredns:
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v1/output.yml

@@ -0,0 +1,32 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+auth_name: testuser
+auth_pass: testpassword
+coredns:
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+schema_version: 1
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v10/input.yml

@@ -0,0 +1,60 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  local_domain_name: local
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 9
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v10/output.yml

@@ -0,0 +1,60 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  local_domain_name: local
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 10
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v11/input.yml

@@ -0,0 +1,61 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  local_domain_name: local
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 10
+user_rules: []
+rlimit_nofile: 123

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v11/output.yml

@@ -0,0 +1,64 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  local_domain_name: local
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 11
+user_rules: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v12/input.yml

@@ -0,0 +1,65 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  local_domain_name: local
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  querylog_interval: 30
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 11
+user_rules: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v12/output.yml

@@ -0,0 +1,65 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  local_domain_name: local
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  querylog_interval: 720h
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 12
+user_rules: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v13/input.yml

@@ -0,0 +1,65 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  local_domain_name: local
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  querylog_interval: 720h
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 12
+user_rules: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v13/output.yml

@@ -0,0 +1,65 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  querylog_interval: 720h
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 13
+user_rules: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v14/input.yml

@@ -0,0 +1,66 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  querylog_interval: 720h
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  resolve_clients: true
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 13
+user_rules: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v14/output.yml

@@ -0,0 +1,72 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  querylog_interval: 720h
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safesearch_enabled: false
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 14
+user_rules: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v15/input.yml

@@ -0,0 +1,74 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  querylog_file_enabled: true
+  querylog_interval: 720h
+  querylog_size_memory: 1000
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safesearch_enabled: false
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 14
+user_rules: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v15/output.yml

@@ -0,0 +1,76 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safesearch_enabled: false
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 15
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v16/input.yml

@@ -0,0 +1,77 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  statistics_interval: 10
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safesearch_enabled: false
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 15
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v16/output.yml

@@ -0,0 +1,80 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safesearch_enabled: false
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 16
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 10
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v17/input.yml

@@ -0,0 +1,81 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet: true
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safesearch_enabled: false
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 16
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 10
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v17/output.yml

@@ -0,0 +1,84 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safesearch_enabled: false
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 17
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 10
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v18/input.yml

@@ -0,0 +1,84 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safesearch_enabled: false
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 17
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 10
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v18/output.yml

@@ -0,0 +1,91 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safesearch_enabled: false
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 18
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 10
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v19/input.yml

@@ -0,0 +1,91 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safesearch_enabled: true
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 18
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 10
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v19/output.yml

@@ -0,0 +1,98 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 19
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 10
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v2/input.yml

@@ -0,0 +1,34 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+auth_name: testuser
+auth_pass: testpassword
+coredns:
+  bind_host: 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns: 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+schema_version: 1
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v2/output.yml

@@ -0,0 +1,34 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+auth_name: testuser
+auth_pass: testpassword
+dns:
+  bind_host: 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns: 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+schema_version: 2
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v20/input.yml

@@ -0,0 +1,98 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 19
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 10
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v20/output.yml

@@ -0,0 +1,98 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 20
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v21/input.yml

@@ -0,0 +1,100 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+  blocked_services:
+  - 500px
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 20
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v21/output.yml

@@ -0,0 +1,103 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+  blocked_services:
+    schedule:
+      time_zone: Local
+    ids:
+    - 500px
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 21
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v22/input.yml

@@ -0,0 +1,105 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+  blocked_services:
+    schedule:
+      time_zone: Local
+    ids:
+    - 500px
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+    blocked_services:
+    - 500px
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 21
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v22/output.yml

@@ -0,0 +1,108 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+  blocked_services:
+    schedule:
+      time_zone: Local
+    ids:
+    - 500px
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+    blocked_services:
+      schedule:
+        time_zone: Local
+      ids:
+      - 500px
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 22
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v23/input.yml

@@ -0,0 +1,109 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+web_session_ttl: 3
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+  blocked_services:
+    schedule:
+      time_zone: Local
+    ids:
+    - 500px
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+    blocked_services:
+      schedule:
+        time_zone: Local
+      ids:
+      - 500px
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 22
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v23/output.yml

@@ -0,0 +1,109 @@
+http:
+  address: 127.0.0.1:3000
+  session_ttl: 3h
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+  blocked_services:
+    schedule:
+      time_zone: Local
+    ids:
+    - 500px
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+    blocked_services:
+      schedule:
+        time_zone: Local
+      ids:
+      - 500px
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 23
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v24/input.yml

@@ -0,0 +1,116 @@
+http:
+  address: 127.0.0.1:3000
+  session_ttl: 3h
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+  blocked_services:
+    schedule:
+      time_zone: Local
+    ids:
+    - 500px
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+    blocked_services:
+      schedule:
+        time_zone: Local
+      ids:
+      - 500px
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 23
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ""
+  rlimit_nofile: 123
+  user: ""
+log_file: ""
+log_max_backups: 0
+log_max_size: 100
+log_max_age: 3
+log_compress: true
+log_localtime: false
+verbose: true

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v24/output.yml

@@ -0,0 +1,117 @@
+http:
+  address: 127.0.0.1:3000
+  session_ttl: 3h
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+  blocked_services:
+    schedule:
+      time_zone: Local
+    ids:
+    - 500px
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+    blocked_services:
+      schedule:
+        time_zone: Local
+      ids:
+      - 500px
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 24
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''
+log:
+  file: ""
+  max_backups: 0
+  max_size: 100
+  max_age: 3
+  compress: true
+  local_time: false
+  verbose: true

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v25/input.yml

@@ -0,0 +1,118 @@
+http:
+  address: 127.0.0.1:3000
+  session_ttl: 3h
+debug_pprof: true
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+  blocked_services:
+    schedule:
+      time_zone: Local
+    ids:
+    - 500px
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+    blocked_services:
+      schedule:
+        time_zone: Local
+      ids:
+      - 500px
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 24
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''
+log:
+  file: ""
+  max_backups: 0
+  max_size: 100
+  max_age: 3
+  compress: true
+  local_time: false
+  verbose: true

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v25/output.yml

@@ -0,0 +1,120 @@
+http:
+  address: 127.0.0.1:3000
+  session_ttl: 3h
+  pprof:
+    enabled: true
+    port: 6060
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+  blocked_services:
+    schedule:
+      time_zone: Local
+    ids:
+    - 500px
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+    blocked_services:
+      schedule:
+        time_zone: Local
+      ids:
+      - 500px
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 25
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''
+log:
+  file: ""
+  max_backups: 0
+  max_size: 100
+  max_age: 3
+  compress: true
+  local_time: false
+  verbose: true

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v26/input.yml

@@ -0,0 +1,120 @@
+http:
+  address: 127.0.0.1:3000
+  session_ttl: 3h
+  pprof:
+    enabled: true
+    port: 6060
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+  blocked_services:
+    schedule:
+      time_zone: Local
+    ids:
+    - 500px
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+    blocked_services:
+      schedule:
+        time_zone: Local
+      ids:
+      - 500px
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 25
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''
+log:
+  file: ""
+  max_backups: 0
+  max_size: 100
+  max_age: 3
+  compress: true
+  local_time: false
+  verbose: true

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v26/output.yml

@@ -0,0 +1,121 @@
+http:
+  address: 127.0.0.1:3000
+  session_ttl: 3h
+  pprof:
+    enabled: true
+    port: 6060
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  parental_sensitivity: 0
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  - quic://8.8.8.8:784
+  bootstrap_dns:
+  - 8.8.8.8:53
+  edns_client_subnet:
+    enabled:    true
+    use_custom: false
+    custom_ip:  ""
+filtering:
+  filtering_enabled: true
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safe_search:
+    enabled:    false
+    bing:       true
+    duckduckgo: true
+    google:     true
+    pixabay:    true
+    yandex:     true
+    youtube:    true
+  protection_enabled: true
+  blocked_services:
+    schedule:
+      time_zone: Local
+    ids:
+    - 500px
+  blocked_response_ttl: 10
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+  persistent:
+  - name: localhost
+    ids:
+    - 127.0.0.1
+    - aa:aa:aa:aa:aa:aa
+    use_global_settings: true
+    use_global_blocked_services: true
+    filtering_enabled: false
+    parental_enabled: false
+    safebrowsing_enabled: false
+    safe_search:
+      enabled:    true
+      bing:       true
+      duckduckgo: true
+      google:     true
+      pixabay:    true
+      yandex:     true
+      youtube:    true
+    blocked_services:
+      schedule:
+        time_zone: Local
+      ids:
+      - 500px
+  runtime_sources:
+    whois: true
+    arp:   true
+    rdns:  true
+    dhcp:  true
+    hosts: true
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  local_domain_name: local
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 26
+user_rules: []
+querylog:
+  enabled: true
+  file_enabled: true
+  interval: 720h
+  size_memory: 1000
+  ignored: []
+statistics:
+  enabled: true
+  interval: 240h
+  ignored: []
+os:
+  group: ''
+  rlimit_nofile: 123
+  user: ''
+log:
+  file: ""
+  max_backups: 0
+  max_size: 100
+  max_age: 3
+  compress: true
+  local_time: false
+  verbose: true

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v3/input.yml

@@ -0,0 +1,33 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+auth_name: testuser
+auth_pass: testpassword
+dns:
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns: 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+schema_version: 2
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v3/output.yml

@@ -0,0 +1,34 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+auth_name: testuser
+auth_pass: testpassword
+dns:
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+schema_version: 3
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v4/input.yml

@@ -0,0 +1,43 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+auth_name: testuser
+auth_pass: testpassword
+dns:
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ip: 127.0.0.1
+  mac: ""
+  use_global_settings: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+schema_version: 3
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v4/output.yml

@@ -0,0 +1,44 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+auth_name: testuser
+auth_pass: testpassword
+dns:
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ip: 127.0.0.1
+  mac: ""
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+schema_version: 4
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v5/input.yml

@@ -0,0 +1,44 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+auth_name: testuser
+auth_pass: testpassword
+dns:
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ip: 127.0.0.1
+  mac: ""
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+schema_version: 4
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v5/output.yml

@@ -0,0 +1,45 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ip: 127.0.0.1
+  mac: ""
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+schema_version: 5
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v6/input.yml

@@ -0,0 +1,45 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ip: 127.0.0.1
+  mac: aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+schema_version: 5
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v6/output.yml

@@ -0,0 +1,48 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  ip: 127.0.0.1
+  mac: aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+schema_version: 6
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v7/input.yml

@@ -0,0 +1,53 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  gateway_ip: 192.168.0.1
+  subnet_mask: 255.255.255.0
+  range_start: 192.168.0.10
+  range_end: 192.168.0.250
+  lease_duration: 1234
+  icmp_timeout_msec: 10
+schema_version: 6
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v7/output.yml

@@ -0,0 +1,54 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 7
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v8/input.yml

@@ -0,0 +1,57 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_host: 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 7
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v8/output.yml

@@ -0,0 +1,58 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 8
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v9/input.yml

@@ -0,0 +1,59 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  autohost_tld: local
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 8
+user_rules: []

internal/confmigrate/testdata/TestMigrateConfig_Migrate/v9/output.yml

@@ -0,0 +1,59 @@
+bind_host: 127.0.0.1
+bind_port: 3000
+users:
+- name: testuser
+  password: testpassword
+dns:
+  bind_hosts:
+  - 127.0.0.1
+  port: 53
+  local_domain_name: local
+  protection_enabled: true
+  filtering_enabled: true
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+  parental_enabled: false
+  parental_sensitivity: 0
+  blocked_response_ttl: 10
+  querylog_enabled: true
+  upstream_dns:
+  - tls://1.1.1.1
+  - tls://1.0.0.1
+  bootstrap_dns:
+  - 8.8.8.8:53
+filters:
+- url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
+  name: ""
+  enabled: true
+- url: https://adaway.org/hosts.txt
+  name: AdAway
+  enabled: false
+- url: https://hosts-file.net/ad_servers.txt
+  name: hpHosts - Ad and Tracking servers only
+  enabled: false
+- url: http://www.malwaredomainlist.com/hostslist/hosts.txt
+  name: MalwareDomainList.com Hosts List
+  enabled: false
+clients:
+- name: localhost
+  ids:
+  - 127.0.0.1
+  - aa:aa:aa:aa:aa:aa
+  use_global_settings: true
+  use_global_blocked_services: true
+  filtering_enabled: false
+  parental_enabled: false
+  safebrowsing_enabled: false
+  safesearch_enabled: false
+dhcp:
+  enabled: false
+  interface_name: vboxnet0
+  dhcpv4:
+    gateway_ip: 192.168.0.1
+    subnet_mask: 255.255.255.0
+    range_start: 192.168.0.10
+    range_end: 192.168.0.250
+    lease_duration: 1234
+    icmp_timeout_msec: 10
+schema_version: 9
+user_rules: []

internal/confmigrate/v1.go

@@ -0,0 +1,35 @@
+package confmigrate
+
+import (
+	"os"
+	"path/filepath"
+
+	"github.com/AdguardTeam/golibs/errors"
+	"github.com/AdguardTeam/golibs/log"
+)
+
+// migrateTo1 performs the following changes:
+//
+//	# BEFORE:
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 1
+//	# …
+//
+// It also deletes the unused dnsfilter.txt file, since the following versions
+// store filters in data/filters/.
+func (m *Migrator) migrateTo1(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 1
+
+	dnsFilterPath := filepath.Join(m.workingDir, "dnsfilter.txt")
+	log.Printf("deleting %s as we don't need it anymore", dnsFilterPath)
+	err = os.Remove(dnsFilterPath)
+	if err != nil && !errors.Is(err, os.ErrNotExist) {
+		log.Info("warning: %s", err)
+
+		// Go on.
+	}
+
+	return nil
+}

internal/confmigrate/v10.go

@@ -0,0 +1,107 @@
+package confmigrate
+
+import (
+	"fmt"
+	"net/url"
+	"strconv"
+	"strings"
+
+	"github.com/AdguardTeam/golibs/netutil"
+)
+
+// migrateTo10 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 9
+//	'dns':
+//	  'upstream_dns':
+//	   - 'quic://some-upstream.com'
+//	  'local_ptr_upstreams':
+//	   - 'quic://some-upstream.com'
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 10
+//	'dns':
+//	  'upstream_dns':
+//	   - 'quic://some-upstream.com:784'
+//	  'local_ptr_upstreams':
+//	   - 'quic://some-upstream.com:784'
+//	  # …
+//	# …
+func migrateTo10(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 10
+
+	dns, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	const quicPort = 784
+
+	for _, upsField := range []string{
+		"upstream_dns",
+		"local_ptr_upstreams",
+	} {
+		var ups yarr
+		ups, ok, err = fieldVal[yarr](dns, upsField)
+		if err != nil {
+			return err
+		} else if !ok {
+			continue
+		}
+
+		var u string
+		for i, uVal := range ups {
+			u, ok = uVal.(string)
+			if !ok {
+				return fmt.Errorf("unexpected type of upstream field: %T", uVal)
+			}
+
+			ups[i] = addQUICPort(u, quicPort)
+		}
+		dns[upsField] = ups
+	}
+
+	return nil
+}
+
+// addQUICPort inserts a port into QUIC upstream's hostname if it is missing.
+func addQUICPort(ups string, port int) (withPort string) {
+	if ups == "" || ups[0] == '#' {
+		return ups
+	}
+
+	var doms string
+	withPort = ups
+	if strings.HasPrefix(ups, "[/") {
+		domsAndUps := strings.Split(strings.TrimPrefix(ups, "[/"), "/]")
+		if len(domsAndUps) != 2 {
+			return ups
+		}
+
+		doms, withPort = "[/"+domsAndUps[0]+"/]", domsAndUps[1]
+	}
+
+	if !strings.Contains(withPort, "://") {
+		return ups
+	}
+
+	upsURL, err := url.Parse(withPort)
+	if err != nil || upsURL.Scheme != "quic" {
+		return ups
+	}
+
+	var host string
+	host, err = netutil.SplitHost(upsURL.Host)
+	if err != nil || host != upsURL.Host {
+		return ups
+	}
+
+	upsURL.Host = strings.Join([]string{host, strconv.Itoa(port)}, ":")
+
+	return doms + upsURL.String()
+}

internal/confmigrate/v11.go

@@ -0,0 +1,33 @@
+package confmigrate
+
+// migrateTo11 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 10
+//	'rlimit_nofile': 42
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 11
+//	'os':
+//	  'group': ''
+//	  'rlimit_nofile': 42
+//	  'user': ''
+//	# …
+func migrateTo11(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 11
+
+	rlimit, _, err := fieldVal[int](diskConf, "rlimit_nofile")
+	if err != nil {
+		return err
+	}
+
+	delete(diskConf, "rlimit_nofile")
+	diskConf["os"] = yobj{
+		"group":         "",
+		"rlimit_nofile": rlimit,
+		"user":          "",
+	}
+
+	return nil
+}

internal/confmigrate/v12.go

@@ -0,0 +1,43 @@
+package confmigrate
+
+import (
+	"time"
+
+	"github.com/AdguardTeam/golibs/timeutil"
+)
+
+// migrateTo12 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 11
+//	'querylog_interval': 90
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 12
+//	'querylog_interval': '2160h'
+//	# …
+func migrateTo12(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 12
+
+	dns, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	const field = "querylog_interval"
+
+	qlogIvl, ok, err := fieldVal[int](dns, field)
+	if err != nil {
+		return err
+	} else if !ok {
+		// Set the initial value from home.initConfig function.
+		qlogIvl = 90
+	}
+
+	dns[field] = timeutil.Duration{Duration: time.Duration(qlogIvl) * timeutil.Day}
+
+	return nil
+}

internal/confmigrate/v13.go

@@ -0,0 +1,36 @@
+package confmigrate
+
+// migrateTo13 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 12
+//	'dns':
+//	  'local_domain_name': 'lan'
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 13
+//	'dhcp':
+//	  'local_domain_name': 'lan'
+//	  # …
+//	# …
+func migrateTo13(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 13
+
+	dns, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	dhcp, ok, err := fieldVal[yobj](diskConf, "dhcp")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	return moveSameVal[string](dns, dhcp, "local_domain_name")
+}

internal/confmigrate/v14.go

@@ -0,0 +1,65 @@
+package confmigrate
+
+// migrateTo14 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 13
+//	'dns':
+//	  'resolve_clients': true
+//	  # …
+//	'clients':
+//	- 'name': 'client-name'
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 14
+//	'dns':
+//	  # …
+//	'clients':
+//	  'persistent':
+//	  - 'name': 'client-name'
+//	    # …
+//	  'runtime_sources':
+//	    'whois': true
+//	    'arp': true
+//	    'rdns': true
+//	    'dhcp': true
+//	    'hosts': true
+//	# …
+func migrateTo14(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 14
+
+	persistent, ok, err := fieldVal[yarr](diskConf, "clients")
+	if err != nil {
+		return err
+	} else if !ok {
+		persistent = yarr{}
+	}
+
+	var rdnsSrc bool
+	dns, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if ok {
+		rdnsSrc, ok, err = fieldVal[bool](dns, "resolve_clients")
+		if err != nil {
+			return err
+		} else if ok {
+			delete(dns, "resolve_clients")
+		}
+	}
+
+	diskConf["clients"] = yobj{
+		"persistent": persistent,
+		"runtime_sources": yobj{
+			"whois": true,
+			"arp":   true,
+			"rdns":  rdnsSrc,
+			"dhcp":  true,
+			"hosts": true,
+		},
+	}
+
+	return nil
+}

internal/confmigrate/v15.go

@@ -0,0 +1,59 @@
+package confmigrate
+
+// migrateTo15 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 14
+//	'dns':
+//	  # …
+//	  'querylog_enabled': true
+//	  'querylog_file_enabled': true
+//	  'querylog_interval': '2160h'
+//	  'querylog_size_memory': 1000
+//	'querylog':
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 15
+//	'dns':
+//	  # …
+//	'querylog':
+//	  'enabled': true
+//	  'file_enabled': true
+//	  'interval': '2160h'
+//	  'size_memory': 1000
+//	  'ignored': []
+//	  # …
+//	# …
+func migrateTo15(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 15
+
+	dns, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	qlog := map[string]any{
+		"ignored":      yarr{},
+		"enabled":      true,
+		"file_enabled": true,
+		"interval":     "2160h",
+		"size_memory":  1000,
+	}
+	err = coalesceError(
+		moveVal[bool](dns, qlog, "querylog_enabled", "enabled"),
+		moveVal[bool](dns, qlog, "querylog_file_enabled", "file_enabled"),
+		moveVal[string](dns, qlog, "querylog_interval", "interval"),
+		moveVal[int](dns, qlog, "querylog_size_memory", "size_memory"),
+	)
+	if err != nil {
+		return err
+	}
+
+	diskConf["querylog"] = qlog
+
+	return nil
+}

internal/confmigrate/v16.go

@@ -0,0 +1,81 @@
+package confmigrate
+
+// migrateTo16 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 15
+//	'dns':
+//	  # …
+//	  'statistics_interval': 1
+//	'statistics':
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 16
+//	'dns':
+//	  # …
+//	'statistics':
+//	  'enabled': true
+//	  'interval': 1
+//	  'ignored': []
+//	  # …
+//	# …
+//
+// If statistics were disabled:
+//
+//	# BEFORE:
+//	'schema_version': 15
+//	'dns':
+//	  # …
+//	  'statistics_interval': 0
+//	'statistics':
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 16
+//	'dns':
+//	  # …
+//	'statistics':
+//	  'enabled': false
+//	  'interval': 1
+//	  'ignored': []
+//	  # …
+//	# …
+func migrateTo16(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 16
+
+	dns, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	stats := yobj{
+		"enabled":  true,
+		"interval": 1,
+		"ignored":  yarr{},
+	}
+
+	const field = "statistics_interval"
+
+	statsIvl, ok, err := fieldVal[int](dns, field)
+	if err != nil {
+		return err
+	} else if ok {
+		if statsIvl == 0 {
+			// Set the interval to the default value of one day to make sure
+			// that it passes the validations.
+			stats["enabled"] = false
+		} else {
+			stats["interval"] = statsIvl
+		}
+		delete(dns, field)
+	}
+
+	diskConf["statistics"] = stats
+
+	return nil
+}

internal/confmigrate/v17.go

@@ -0,0 +1,41 @@
+package confmigrate
+
+// migrateTo17 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 16
+//	'dns':
+//	  'edns_client_subnet': false
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 17
+//	'dns':
+//	  'edns_client_subnet':
+//	    'enabled': false
+//	    'use_custom': false
+//	    'custom_ip': ""
+//	  # …
+//	# …
+func migrateTo17(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 17
+
+	dns, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	const field = "edns_client_subnet"
+
+	enabled, _, _ := fieldVal[bool](dns, field)
+	dns[field] = yobj{
+		"enabled":    enabled,
+		"use_custom": false,
+		"custom_ip":  "",
+	}
+
+	return nil
+}

internal/confmigrate/v18.go

@@ -0,0 +1,48 @@
+package confmigrate
+
+// migrateTo18 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 17
+//	'dns':
+//	  'safesearch_enabled': true
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 18
+//	'dns':
+//	  'safe_search':
+//	    'enabled': true
+//	    'bing': true
+//	    'duckduckgo': true
+//	    'google': true
+//	    'pixabay': true
+//	    'yandex': true
+//	    'youtube': true
+//	  # …
+//	# …
+func migrateTo18(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 18
+
+	dns, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	safeSearch := yobj{
+		"enabled":    true,
+		"bing":       true,
+		"duckduckgo": true,
+		"google":     true,
+		"pixabay":    true,
+		"yandex":     true,
+		"youtube":    true,
+	}
+
+	dns["safe_search"] = safeSearch
+
+	return moveVal[bool](dns, safeSearch, "safesearch_enabled", "enabled")
+}

internal/confmigrate/v19.go

@@ -0,0 +1,74 @@
+package confmigrate
+
+import "github.com/AdguardTeam/golibs/log"
+
+// migrateTo19 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 18
+//	'clients':
+//	  'persistent':
+//	  - 'name': 'client-name'
+//	    'safesearch_enabled': true
+//	    # …
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 19
+//	'clients':
+//	  'persistent':
+//	  - 'name': 'client-name'
+//	    'safe_search':
+//	      'enabled': true
+//		  'bing': true
+//		  'duckduckgo': true
+//		  'google': true
+//		  'pixabay': true
+//		  'yandex': true
+//		  'youtube': true
+//	    # …
+//	  # …
+//	# …
+func migrateTo19(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 19
+
+	clients, ok, err := fieldVal[yobj](diskConf, "clients")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	persistent, ok, _ := fieldVal[yarr](clients, "persistent")
+	if !ok {
+		return nil
+	}
+
+	for _, p := range persistent {
+		var c yobj
+		c, ok = p.(yobj)
+		if !ok {
+			continue
+		}
+
+		safeSearch := yobj{
+			"enabled":    true,
+			"bing":       true,
+			"duckduckgo": true,
+			"google":     true,
+			"pixabay":    true,
+			"yandex":     true,
+			"youtube":    true,
+		}
+
+		err = moveVal[bool](c, safeSearch, "safesearch_enabled", "enabled")
+		if err != nil {
+			log.Debug("migrating to version 19: %s", err)
+		}
+
+		c["safe_search"] = safeSearch
+	}
+
+	return nil
+}

internal/confmigrate/v2.go

@@ -0,0 +1,37 @@
+package confmigrate
+
+import (
+	"os"
+	"path/filepath"
+
+	"github.com/AdguardTeam/golibs/errors"
+	"github.com/AdguardTeam/golibs/log"
+)
+
+// migrateTo2 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 1
+//	'coredns':
+//	  # …
+//
+//	# AFTER:
+//	'schema_version': 2
+//	'dns':
+//	  # …
+//
+// It also deletes the Corefile file, since it isn't used anymore.
+func (m *Migrator) migrateTo2(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 2
+
+	coreFilePath := filepath.Join(m.workingDir, "Corefile")
+	log.Printf("deleting %s as we don't need it anymore", coreFilePath)
+	err = os.Remove(coreFilePath)
+	if err != nil && !errors.Is(err, os.ErrNotExist) {
+		log.Info("warning: %s", err)
+
+		// Go on.
+	}
+
+	return moveVal[any](diskConf, diskConf, "coredns", "dns")
+}

internal/confmigrate/v20.go

@@ -0,0 +1,46 @@
+package confmigrate
+
+import (
+	"time"
+
+	"github.com/AdguardTeam/golibs/timeutil"
+)
+
+// migrateTo20 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 19
+//	'statistics':
+//	  'interval': 1
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 20
+//	'statistics':
+//	  'interval': 24h
+//	  # …
+//	# …
+func migrateTo20(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 20
+
+	stats, ok, err := fieldVal[yobj](diskConf, "statistics")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	const field = "interval"
+
+	ivl, ok, err := fieldVal[int](stats, field)
+	if err != nil {
+		return err
+	} else if !ok || ivl == 0 {
+		ivl = 1
+	}
+
+	stats[field] = timeutil.Duration{Duration: time.Duration(ivl) * timeutil.Day}
+
+	return nil
+}

internal/confmigrate/v21.go

@@ -0,0 +1,51 @@
+package confmigrate
+
+// migrateTo21 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 20
+//	'dns':
+//	  'blocked_services':
+//	  - 'svc_name'
+//	  - # …
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 21
+//	'dns':
+//	  'blocked_services':
+//	    'ids':
+//	    - 'svc_name'
+//	    - # …
+//	    'schedule':
+//	      'time_zone': 'Local'
+//	  # …
+//	# …
+func migrateTo21(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 21
+
+	const field = "blocked_services"
+
+	dns, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	svcs := yobj{
+		"schedule": yobj{
+			"time_zone": "Local",
+		},
+	}
+
+	err = moveVal[yarr](dns, svcs, field, "ids")
+	if err != nil {
+		return err
+	}
+
+	dns[field] = svcs
+
+	return nil
+}

internal/confmigrate/v22.go

@@ -0,0 +1,76 @@
+package confmigrate
+
+import (
+	"fmt"
+)
+
+// migrateTo22 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 21
+//	'persistent':
+//	  - 'name': 'client_name'
+//	    'blocked_services':
+//	    - 'svc_name'
+//	    - # …
+//	    # …
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 22
+//	'persistent':
+//	  - 'name': 'client_name'
+//	    'blocked_services':
+//	      'ids':
+//	      - 'svc_name'
+//	      - # …
+//	      'schedule':
+//	        'time_zone': 'Local'
+//	    # …
+//	  # …
+//	# …
+func migrateTo22(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 22
+
+	const field = "blocked_services"
+
+	clients, ok, err := fieldVal[yobj](diskConf, "clients")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	persistent, ok, err := fieldVal[yarr](clients, "persistent")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	for i, p := range persistent {
+		var c yobj
+		c, ok = p.(yobj)
+		if !ok {
+			return fmt.Errorf("persistent client at index %d: unexpected type %T", i, p)
+		}
+
+		var services yarr
+		services, ok, err = fieldVal[yarr](c, field)
+		if err != nil {
+			return fmt.Errorf("persistent client at index %d: %w", i, err)
+		} else if !ok {
+			continue
+		}
+
+		c[field] = yobj{
+			"ids": services,
+			"schedule": yobj{
+				"time_zone": "Local",
+			},
+		}
+	}
+
+	return nil
+}

internal/confmigrate/v23.go

@@ -0,0 +1,61 @@
+package confmigrate
+
+import (
+	"fmt"
+	"net/netip"
+	"time"
+
+	"github.com/AdguardTeam/golibs/timeutil"
+)
+
+// migrateTo23 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 22
+//	'bind_host': '1.2.3.4'
+//	'bind_port': 8080
+//	'web_session_ttl': 720
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 23
+//	'http':
+//	  'address': '1.2.3.4:8080'
+//	  'session_ttl': '720h'
+//	# …
+func migrateTo23(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 23
+
+	bindHost, ok, err := fieldVal[string](diskConf, "bind_host")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	bindHostAddr, err := netip.ParseAddr(bindHost)
+	if err != nil {
+		return fmt.Errorf("invalid bind_host value: %s", bindHost)
+	}
+
+	bindPort, _, err := fieldVal[int](diskConf, "bind_port")
+	if err != nil {
+		return err
+	}
+
+	sessionTTL, _, err := fieldVal[int](diskConf, "web_session_ttl")
+	if err != nil {
+		return err
+	}
+
+	diskConf["http"] = yobj{
+		"address":     netip.AddrPortFrom(bindHostAddr, uint16(bindPort)).String(),
+		"session_ttl": timeutil.Duration{Duration: time.Duration(sessionTTL) * time.Hour}.String(),
+	}
+
+	delete(diskConf, "bind_host")
+	delete(diskConf, "bind_port")
+	delete(diskConf, "web_session_ttl")
+
+	return nil
+}

internal/confmigrate/v24.go

@@ -0,0 +1,50 @@
+package confmigrate
+
+// migrateTo24 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 23
+//	'log_file': ""
+//	'log_max_backups': 0
+//	'log_max_size': 100
+//	'log_max_age': 3
+//	'log_compress': false
+//	'log_localtime': false
+//	'verbose': false
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 24
+//	'log':
+//	  'file': ""
+//	  'max_backups': 0
+//	  'max_size': 100
+//	  'max_age': 3
+//	  'compress': false
+//	  'local_time': false
+//	  'verbose': false
+//	# …
+func migrateTo24(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 24
+
+	logObj := yobj{}
+	err = coalesceError(
+		moveVal[string](diskConf, logObj, "log_file", "file"),
+		moveVal[int](diskConf, logObj, "log_max_backups", "max_backups"),
+		moveVal[int](diskConf, logObj, "log_max_size", "max_size"),
+		moveVal[int](diskConf, logObj, "log_max_age", "max_age"),
+		moveVal[bool](diskConf, logObj, "log_compress", "compress"),
+		moveVal[bool](diskConf, logObj, "log_localtime", "local_time"),
+		moveVal[bool](diskConf, logObj, "verbose", "verbose"),
+	)
+	if err != nil {
+		// Don't wrap the error, because it's informative enough as is.
+		return err
+	}
+
+	if len(logObj) != 0 {
+		diskConf["log"] = logObj
+	}
+
+	return nil
+}

internal/confmigrate/v25.go

@@ -0,0 +1,39 @@
+package confmigrate
+
+// migrateTo25 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 24
+//	'debug_pprof': true
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 25
+//	'http':
+//	  'pprof':
+//	    'enabled': true
+//	    'port': 6060
+//	# …
+func migrateTo25(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 25
+
+	httpObj, ok, err := fieldVal[yobj](diskConf, "http")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	pprofObj := yobj{
+		"port": 6060,
+	}
+
+	err = moveVal[bool](diskConf, pprofObj, "debug_pprof", "enabled")
+	if err != nil {
+		return err
+	}
+
+	httpObj["pprof"] = pprofObj
+
+	return nil
+}

internal/confmigrate/v26.go

@@ -0,0 +1,113 @@
+package confmigrate
+
+// migrateTo26 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 25
+//	'dns':
+//	  'filtering_enabled': true
+//	  'filters_update_interval': 24
+//	  'parental_enabled': false
+//	  'safebrowsing_enabled': false
+//	  'safebrowsing_cache_size': 1048576
+//	  'safesearch_cache_size': 1048576
+//	  'parental_cache_size': 1048576
+//	  'safe_search':
+//	    'enabled': false
+//	    'bing': true
+//	    'duckduckgo': true
+//	    'google': true
+//	    'pixabay': true
+//	    'yandex': true
+//	    'youtube': true
+//	  'rewrites': []
+//	  'blocked_services':
+//	    'schedule':
+//	      'time_zone': 'Local'
+//	    'ids': []
+//	  'protection_enabled':        true,
+//	  'blocking_mode':             'custom_ip',
+//	  'blocking_ipv4':             '1.2.3.4',
+//	  'blocking_ipv6':             '1:2:3::4',
+//	  'blocked_response_ttl':      10,
+//	  'protection_disabled_until': 'null',
+//	  'parental_block_host':       'p.dns.adguard.com',
+//	  'safebrowsing_block_host':   's.dns.adguard.com',
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 26
+//	'filtering':
+//	  'filtering_enabled': true
+//	  'filters_update_interval': 24
+//	  'parental_enabled': false
+//	  'safebrowsing_enabled': false
+//	  'safebrowsing_cache_size': 1048576
+//	  'safesearch_cache_size': 1048576
+//	  'parental_cache_size': 1048576
+//	  'safe_search':
+//	    'enabled': false
+//	    'bing': true
+//	    'duckduckgo': true
+//	    'google': true
+//	    'pixabay': true
+//	    'yandex': true
+//	    'youtube': true
+//	  'rewrites': []
+//	  'blocked_services':
+//	    'schedule':
+//	      'time_zone': 'Local'
+//	    'ids': []
+//	  'protection_enabled':        true,
+//	  'blocking_mode':             'custom_ip',
+//	  'blocking_ipv4':             '1.2.3.4',
+//	  'blocking_ipv6':             '1:2:3::4',
+//	  'blocked_response_ttl':      10,
+//	  'protection_disabled_until': 'null',
+//	  'parental_block_host':       'p.dns.adguard.com',
+//	  'safebrowsing_block_host':   's.dns.adguard.com',
+//	'dns'
+//	  # …
+//	# …
+func migrateTo26(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 26
+
+	dns, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	filteringObj := yobj{}
+	err = coalesceError(
+		moveSameVal[bool](dns, filteringObj, "filtering_enabled"),
+		moveSameVal[int](dns, filteringObj, "filters_update_interval"),
+		moveSameVal[bool](dns, filteringObj, "parental_enabled"),
+		moveSameVal[bool](dns, filteringObj, "safebrowsing_enabled"),
+		moveSameVal[int](dns, filteringObj, "safebrowsing_cache_size"),
+		moveSameVal[int](dns, filteringObj, "safesearch_cache_size"),
+		moveSameVal[int](dns, filteringObj, "parental_cache_size"),
+		moveSameVal[yobj](dns, filteringObj, "safe_search"),
+		moveSameVal[yarr](dns, filteringObj, "rewrites"),
+		moveSameVal[yobj](dns, filteringObj, "blocked_services"),
+		moveSameVal[bool](dns, filteringObj, "protection_enabled"),
+		moveSameVal[string](dns, filteringObj, "blocking_mode"),
+		moveSameVal[string](dns, filteringObj, "blocking_ipv4"),
+		moveSameVal[string](dns, filteringObj, "blocking_ipv6"),
+		moveSameVal[int](dns, filteringObj, "blocked_response_ttl"),
+		moveSameVal[any](dns, filteringObj, "protection_disabled_until"),
+		moveSameVal[string](dns, filteringObj, "parental_block_host"),
+		moveSameVal[string](dns, filteringObj, "safebrowsing_block_host"),
+	)
+	if err != nil {
+		// Don't wrap the error, because it's informative enough as is.
+		return err
+	}
+
+	if len(filteringObj) != 0 {
+		diskConf["filtering"] = filteringObj
+	}
+
+	return nil
+}

internal/confmigrate/v3.go

@@ -0,0 +1,37 @@
+package confmigrate
+
+// migrateTo3 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 2
+//	'dns':
+//	  'bootstrap_dns': '1.1.1.1'
+//	  # …
+//
+//	# AFTER:
+//	'schema_version': 3
+//	'dns':
+//	  'bootstrap_dns':
+//	  - '1.1.1.1'
+//	  # …
+func migrateTo3(diskConf yobj) error {
+	diskConf["schema_version"] = 3
+
+	dnsConfig, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	bootstrapDNS, ok, err := fieldVal[any](dnsConfig, "bootstrap_dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	dnsConfig["bootstrap_dns"] = yarr{bootstrapDNS}
+
+	return nil
+}

internal/confmigrate/v4.go

@@ -0,0 +1,29 @@
+package confmigrate
+
+// migrateTo4 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 3
+//	'clients':
+//	- # …
+//
+//	# AFTER:
+//	'schema_version': 4
+//	'clients':
+//	- 'use_global_blocked_services': true
+//	  # …
+func migrateTo4(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 4
+
+	clients, ok, _ := fieldVal[yarr](diskConf, "clients")
+	if ok {
+		for i := range clients {
+			var c yobj
+			if c, ok = clients[i].(yobj); ok {
+				c["use_global_blocked_services"] = true
+			}
+		}
+	}
+
+	return nil
+}

internal/confmigrate/v5.go

@@ -0,0 +1,49 @@
+package confmigrate
+
+import (
+	"fmt"
+
+	"golang.org/x/crypto/bcrypt"
+)
+
+// migrateTo5 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 4
+//	'auth_name': …
+//	'auth_pass': …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 5
+//	'users':
+//	- 'name': …
+//	  'password': <hashed>
+//	# …
+func migrateTo5(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 5
+
+	user := yobj{}
+
+	if err = moveVal[string](diskConf, user, "auth_name", "name"); err != nil {
+		return err
+	}
+
+	pass, ok, err := fieldVal[string](diskConf, "auth_pass")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+	delete(diskConf, "auth_pass")
+
+	hash, err := bcrypt.GenerateFromPassword([]byte(pass), bcrypt.DefaultCost)
+	if err != nil {
+		return fmt.Errorf("generating password hash: %w", err)
+	}
+
+	user["password"] = string(hash)
+	diskConf["users"] = yarr{user}
+
+	return nil
+}

internal/confmigrate/v6.go

@@ -0,0 +1,62 @@
+package confmigrate
+
+import "fmt"
+
+// migrateTo6 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 5
+//	'clients':
+//	 - # …
+//	   'ip': '127.0.0.1'
+//	   'mac': 'AA:AA:AA:AA:AA:AA'
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 6
+//	'clients':
+//	 - # …
+//	   'ids':
+//	   - '127.0.0.1'
+//	   - 'AA:AA:AA:AA:AA:AA'
+//	# …
+func migrateTo6(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 6
+
+	clients, ok, err := fieldVal[yarr](diskConf, "clients")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	for i, client := range clients {
+		var c yobj
+		c, ok = client.(yobj)
+		if !ok {
+			return fmt.Errorf("unexpected type of client at index %d: %T", i, client)
+		}
+
+		var ids []string
+
+		var ip string
+		ip, _, err = fieldVal[string](c, "ip")
+		if err != nil {
+			return fmt.Errorf("client at index %d: %w", i, err)
+		} else if ip != "" {
+			ids = append(ids, ip)
+		}
+
+		var mac string
+		mac, _, err = fieldVal[string](c, "mac")
+		if err != nil {
+			return fmt.Errorf("client at index %d: %w", i, err)
+		} else if mac != "" {
+			ids = append(ids, mac)
+		}
+
+		c["ids"] = ids
+	}
+
+	return nil
+}

internal/confmigrate/v7.go

@@ -0,0 +1,55 @@
+package confmigrate
+
+// migrateTo7 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 6
+//	'dhcp':
+//	  'enabled': false
+//	  'interface_name': vboxnet0
+//	  'gateway_ip': '192.168.56.1'
+//	  'subnet_mask': '255.255.255.0'
+//	  'range_start': '192.168.56.10'
+//	  'range_end': '192.168.56.240'
+//	  'lease_duration': 86400
+//	  'icmp_timeout_msec': 1000
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 7
+//	'dhcp':
+//	  'enabled': false
+//	  'interface_name': vboxnet0
+//	  'dhcpv4':
+//	    'gateway_ip': '192.168.56.1'
+//	    'subnet_mask': '255.255.255.0'
+//	    'range_start': '192.168.56.10'
+//	    'range_end': '192.168.56.240'
+//	    'lease_duration': 86400
+//	    'icmp_timeout_msec': 1000
+//	# …
+func migrateTo7(diskConf yobj) error {
+	diskConf["schema_version"] = 7
+
+	dhcp, ok, err := fieldVal[yobj](diskConf, "dhcp")
+	if err != nil || !ok {
+		return nil
+	}
+
+	dhcpv4 := yobj{}
+	err = coalesceError(
+		moveSameVal[string](dhcp, dhcpv4, "gateway_ip"),
+		moveSameVal[string](dhcp, dhcpv4, "subnet_mask"),
+		moveSameVal[string](dhcp, dhcpv4, "range_start"),
+		moveSameVal[string](dhcp, dhcpv4, "range_end"),
+		moveSameVal[int](dhcp, dhcpv4, "lease_duration"),
+		moveSameVal[int](dhcp, dhcpv4, "icmp_timeout_msec"),
+	)
+	if err != nil {
+		return err
+	}
+
+	dhcp["dhcpv4"] = dhcpv4
+
+	return nil
+}

internal/confmigrate/v8.go

@@ -0,0 +1,40 @@
+package confmigrate
+
+// migrateTo8 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 7
+//	'dns':
+//	  'bind_host': '127.0.0.1'
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 8
+//	'dns':
+//	  'bind_hosts':
+//	  - '127.0.0.1'
+//	  # …
+//	# …
+func migrateTo8(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 8
+
+	dns, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	bindHost, ok, err := fieldVal[string](dns, "bind_host")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	delete(dns, "bind_host")
+	dns["bind_hosts"] = yarr{bindHost}
+
+	return nil
+}

internal/confmigrate/v9.go

@@ -0,0 +1,29 @@
+package confmigrate
+
+// migrateTo9 performs the following changes:
+//
+//	# BEFORE:
+//	'schema_version': 8
+//	'dns':
+//	  'autohost_tld': 'lan'
+//	  # …
+//	# …
+//
+//	# AFTER:
+//	'schema_version': 9
+//	'dns':
+//	  'local_domain_name': 'lan'
+//	  # …
+//	# …
+func migrateTo9(diskConf yobj) (err error) {
+	diskConf["schema_version"] = 9
+
+	dns, ok, err := fieldVal[yobj](diskConf, "dns")
+	if err != nil {
+		return err
+	} else if !ok {
+		return nil
+	}
+
+	return moveVal[string](dns, dns, "autohost_tld", "local_domain_name")
+}

internal/confmigrate/yaml.go

@@ -0,0 +1,66 @@
+package confmigrate
+
+import "fmt"
+
+type (
+	// yarr is the convenience alias for YAML array.
+	yarr = []any
+
+	// yobj is the convenience alias for YAML key-value object.
+	yobj = map[string]any
+)
+
+// fieldVal returns the value of type T for key from obj.  Use [any] if the
+// field's type doesn't matter.
+func fieldVal[T any](obj yobj, key string) (v T, ok bool, err error) {
+	val, ok := obj[key]
+	if !ok {
+		return v, false, nil
+	}
+
+	if val == nil {
+		return v, true, nil
+	}
+
+	v, ok = val.(T)
+	if !ok {
+		return v, false, fmt.Errorf("unexpected type of %q: %T", key, val)
+	}
+
+	return v, true, nil
+}
+
+// moveVal copies the value for srcKey from src into dst for dstKey and deletes
+// it from src.
+func moveVal[T any](src, dst yobj, srcKey, dstKey string) (err error) {
+	newVal, ok, err := fieldVal[T](src, srcKey)
+	if !ok {
+		return err
+	}
+
+	dst[dstKey] = newVal
+	delete(src, srcKey)
+
+	return nil
+}
+
+// moveSameVal moves the value for key from src into dst.
+func moveSameVal[T any](src, dst yobj, key string) (err error) {
+	return moveVal[T](src, dst, key, key)
+}
+
+// coalesceError returns the first non-nil error.  It is named after function
+// COALESCE in SQL.  If all errors are nil, it returns nil.
+//
+// TODO(e.burkov): Replace with [errors.Join].
+//
+// TODO(a.garipov): Think of ways to merge with [aghalg.Coalesce].
+func coalesceError(errors ...error) (res error) {
+	for _, err := range errors {
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}

internal/home/config.go

@@ -147,7 +147,9 @@ type configuration struct {
 
 	sync.RWMutex `yaml:"-"`
 
-	SchemaVersion int `yaml:"schema_version"` // keeping last so that users will be less tempted to change it -- used when upgrading between versions
+	// SchemaVersion is the version of the configuration schema.  See
+	// [confmigrate.LastSchemaVersion].
+	SchemaVersion uint `yaml:"schema_version"`
 }
 
 // httpConfig is a block with HTTP configuration params.
@@ -416,7 +418,7 @@ var config = &configuration{
 		MaxAge:     3,
 	},
 	OSConfig:      &osConfig{},
-	SchemaVersion: confmigrate.CurrentSchemaVersion,
+	SchemaVersion: confmigrate.LastSchemaVersion,
 	Theme:         ThemeAuto,
 }
 
@@ -466,7 +468,10 @@ func parseConfig() (err error) {
 	})
 
 	var upgraded bool
-	config.fileData, upgraded, err = migrator.Migrate(config.fileData)
+	config.fileData, upgraded, err = migrator.Migrate(
+		config.fileData,
+		confmigrate.LastSchemaVersion,
+	)
 	if err != nil {
 		// Don't wrap the error, because it's informative enough as is.
 		return err