nold/hive-apps
1
0
Fork 0
mirror of https://github.com/nold360/hive-apps synced 2025-01-03 04:01:14 +00:00
Code Issues Projects Releases Packages Wiki Activity

fix(nextcloud): cnpg networkpolicy for imprt

Browse source
This commit is contained in:
nold 2022-12-11 10:53:44 +01:00
parent fa0c074bfa
commit 6f0fff0ca0
2 changed files with 18 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
projects/nextcloud/project.yaml
View file

@ -3,6 +3,8 @@ config:
networkPolicy: networkPolicy:
groups: groups:
- internet - internet
rules:
- allow-cnpg-nextcloud
labels: labels:
environment: external environment: external

31
resources/networkpolicy.yml
View file

@ -43,6 +43,22 @@ networkPolicy:
matchLabels: matchLabels:
name: kube-system name: kube-system
# Cloudnative PG
allow-cnpg-nextcloud:
podSelector:
matchLabels:
cnpg.io/cluster: nextcloud
policyTypes:
- Egress
egress:
- ports:
- port: 443
protocol: TCP
to:
- namespaceSelector:
matchLabels:
name: kube-system
# Allow access to internet proxy # Allow access to internet proxy
allow-proxy: allow-proxy:
podSelector: {} podSelector: {}
@ -50,8 +66,6 @@ networkPolicy:
- Egress - Egress
egress: egress:
- ports: - ports:
- port: 80
protocol: TCP
- port: 3128 - port: 3128
protocol: TCP protocol: TCP
to: to:
@ -100,17 +114,6 @@ networkPolicy:
- port: 2222 - port: 2222
protocol: TCP protocol: TCP
# Allow Drone-Runner to access Drone
allow-runner:
podSelector: {}
policyTypes:
- Ingress
ingress:
- from:
- namespaceSelector:
matchLabels:
app.heqet.gnu.one/name: drone-runner
# Allow Woodpacker-Agent to access Woodpacker Server # Allow Woodpacker-Agent to access Woodpacker Server
allow-agent: allow-agent:
podSelector: {} podSelector: {}
@ -151,5 +154,3 @@ networkPolicy:
- namespaceSelector: - namespaceSelector:
matchLabels: matchLabels:
environment: external environment: external