Ad Blacklist for Unbound

Description: A simple script to generate an ad blackhole for the unbound dns server intended to be run as a cronjob. To use just add "include: /etc/unbound/ad-blacklist.conf" to your unbound.conf. Original idea based off of calomel's script here.
Requirements: Curl, Unbound, Zsh
Download: hosts-update.sh
Source Code [ZSH]:
#!/bin/zsh

## Clean up any stale tempfile
[[ -f /tmp/hosts.working ]] && rm -f /tmp/hosts.working

## Awk regex to be inverse-matched as whitelist
# - Project Wonderful does unobtrusive ads on a lot of webcomics
# - SolveMedia is needed for captchas on some websites
whitelist='/(projectwonderful.com|api.solvemedia.com)/'

## URLs of Ad Blacklists to Use
blacklist=('http://winhelp2002.mvps.org/hosts.txt' \
           'http://pgl.yoyo.org/as/serverlist.php?hostformat=hosts&showintro=0&mimetype=plaintext' \
           'https://adaway.org/hosts.txt')

## Fetch all Blacklist Files
for url in $blacklist; do
    curl --silent $url >> "/tmp/hosts.working"
done

## Process Blacklist, Eliminiating Duplicates, Integrating Whitelist, and Converting to unbound format
awk -v whitelist="$whitelist" '$1 ~ /^127\.|^0\./ && $2 !~ whitelist {gsub("\r",""); print tolower($2)}' /tmp/hosts.working | sort | uniq | \
awk '{printf "local-zone: \"%s\" redirect\n", $1; printf "local-data: \"%s. A 0.0.0.0\"\n", $1}' > /etc/unbound/ad-blacklist.conf

# Make unbound reload config to activate the new blacklist
exec /etc/init.d/unbound reload

# Clean up tempfile
rm -f '/tmp/hosts.working'