railiance-platform/helm/forgejo-db-networkpolicies.yaml
tegwick 37d9b0e271
All checks were successful
CI Smoke / host-smoke (push) Successful in 0s
CI Smoke / container-smoke (push) Successful in 1s
Added forgejo deployment
2026-07-04 13:26:07 +02:00

61 lines
No EOL
1.3 KiB
YAML

---
# NetworkPolicies for forgejo-db CNPG cluster on railiance01.
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-egress-kube-api-forgejo-db
namespace: databases
spec:
podSelector:
matchLabels:
cnpg.io/cluster: forgejo-db
policyTypes:
- Egress
egress:
- ports:
- port: 6443
protocol: TCP
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-ingress-from-cnpg-operator-forgejo-db
namespace: databases
spec:
podSelector:
matchLabels:
cnpg.io/cluster: forgejo-db
policyTypes:
- Ingress
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: cnpg-system
ports:
- port: 5432
protocol: TCP
- port: 8000
protocol: TCP
- port: 9187
protocol: TCP
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: allow-ingress-from-forgejo-forgejo-db
namespace: databases
spec:
podSelector:
matchLabels:
cnpg.io/cluster: forgejo-db
policyTypes:
- Ingress
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: forgejo
ports:
- port: 5432
protocol: TCP