Your First Sync
With your configuration in place, it’s time to run your first sync and see NextDNS Blocker in action.
Understanding Sync
Section titled “Understanding Sync”The config push command:
- Reads your
config.jsonblocklist - Evaluates each domain against the current time and its schedule
- Adds/removes domains from your NextDNS denylist accordingly
- Processes any pending unblock actions
Run a Dry Run First
Section titled “Run a Dry Run First”Before making actual changes, preview what would happen:
nextdns-blocker config push --dry-runOutput example:
DRY RUN - No changes will be made
Evaluating domains at 2024-01-15 14:30:00 (America/New_York)...
reddit.com Schedule: Mon-Fri 12:00-13:00, 18:00-22:00 Current: Outside available hours Action: Would BLOCK
twitter.com Schedule: Always available on weekends Current: Within available hours Action: Would UNBLOCK
Summary: 1 would block, 1 would unblockRun the Actual Sync
Section titled “Run the Actual Sync”When you’re ready to apply changes:
nextdns-blocker config pushOutput:
Syncing domains... reddit.com: BLOCKED twitter.com: UNBLOCKEDSync complete: 1 blocked, 1 unblockedVerbose Mode
Section titled “Verbose Mode”For more detailed output:
nextdns-blocker config push --verboseOr use the shorthand:
nextdns-blocker config push -vThis shows:
- Current timezone and time
- Each domain’s schedule evaluation
- API calls made
- Cache hits/misses
Check Current Status
Section titled “Check Current Status”After syncing, verify the current state:
nextdns-blocker statusOutput:
NextDNS Blocker Status━━━━━━━━━━━━━━━━━━━━━━
Time: 2024-01-15 14:30:00 America/New_York
Blocklist (2 domains): ✗ reddit.com BLOCKED (until 18:00) ✓ twitter.com AVAILABLE (until 22:00)
Allowlist (1 domain): ✓ aws.amazon.com ALLOWED (always)
System: Watchdog: Active Panic Mode: Inactive Pending Actions: 0What Gets Synced
Section titled “What Gets Synced”Blocklist Behavior
Section titled “Blocklist Behavior”| Condition | Action | Result |
|---|---|---|
| Outside schedule | Block | Added to NextDNS denylist |
| Within schedule | Unblock | Removed from denylist |
No schedule (null) | Always block | Permanent denylist entry |
Allowlist Behavior
Section titled “Allowlist Behavior”| Condition | Action | Result |
|---|---|---|
| No schedule | Always allow | Permanent allowlist entry |
| Within schedule | Allow | Added to NextDNS allowlist |
| Outside schedule | Remove | Removed from allowlist |
Automatic Sync with Watchdog
Section titled “Automatic Sync with Watchdog”Manual syncing works, but the watchdog automates this:
# Install watchdog (runs config push every 2 minutes)nextdns-blocker watchdog install
# Check watchdog statusnextdns-blocker watchdog status
# View watchdog logstail -f ~/.local/share/nextdns-blocker/logs/cron.logThe watchdog:
- Runs
config pushevery 2 minutes - Restores itself if removed
- Logs all activity
- Can be temporarily disabled
Common Issues
Section titled “Common Issues””No domains configured”
Section titled “”No domains configured””Your blocklist is empty. Add domains:
nextdns-blocker config edit“API authentication failed”
Section titled ““API authentication failed””Your credentials are invalid. Re-run setup:
nextdns-blocker init“Domain already in denylist”
Section titled ““Domain already in denylist””The domain was manually added to NextDNS. NextDNS Blocker will manage it going forward, but you can verify in the NextDNS dashboard.
”Rate limit exceeded”
Section titled “”Rate limit exceeded””Too many API calls. Wait a minute and try again. The tool has built-in rate limiting, but rapid manual syncs can exceed limits.