Fix: ingress-external network policy

This commit is contained in:
nold 2022-01-06 11:48:28 +01:00
parent 05f57acc11
commit 1163261860
5 changed files with 33 additions and 1 deletions

View file

@ -8,6 +8,9 @@ config:
- allow-runner
- allow-minio
labels:
environment: external
apps:
- name: drone
repoURL: https://github.com/nold360/drone-charts.git

View file

@ -5,6 +5,10 @@ config:
- internet
rules:
- allow-ssh
labels:
environment: external
apps:
- name: gitea
repoURL: https://dl.gitea.io/charts/

View file

@ -3,6 +3,8 @@ config:
networkPolicy:
rules:
- allow-dns
- allow-ingress-traffic
- allow-external-services
apps:
- name: ingress-external

View file

@ -3,6 +3,10 @@ config:
networkPolicy:
groups:
- internet
labels:
environment: external
apps:
- name: nextcloud
repoURL: https://nextcloud.github.io/helm

View file

@ -68,7 +68,7 @@ networkPolicy:
- from:
- namespaceSelector:
matchLabels:
app.heqet.gnu.one/name: ingress-external
project.heqet.gnu.one/name: ingress-external
# Allow SSH for Gitea
allow-ssh:
@ -134,3 +134,22 @@ networkPolicy:
- namespaceSelector:
matchLabels:
name: minio
allow-ingress-traffic:
podSelector: {}
policyTypes:
- Ingress
ingress:
- {}
allow-external-services:
podSelector: {}
policyTypes:
- Egress
egress:
- to:
- namespaceSelector:
matchLabels:
environment: external