61 lines
No EOL
1.3 KiB
YAML
61 lines
No EOL
1.3 KiB
YAML
---
|
|
# NetworkPolicies for forgejo-db CNPG cluster on railiance01.
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: allow-egress-kube-api-forgejo-db
|
|
namespace: databases
|
|
spec:
|
|
podSelector:
|
|
matchLabels:
|
|
cnpg.io/cluster: forgejo-db
|
|
policyTypes:
|
|
- Egress
|
|
egress:
|
|
- ports:
|
|
- port: 6443
|
|
protocol: TCP
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: allow-ingress-from-cnpg-operator-forgejo-db
|
|
namespace: databases
|
|
spec:
|
|
podSelector:
|
|
matchLabels:
|
|
cnpg.io/cluster: forgejo-db
|
|
policyTypes:
|
|
- Ingress
|
|
ingress:
|
|
- from:
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
kubernetes.io/metadata.name: cnpg-system
|
|
ports:
|
|
- port: 5432
|
|
protocol: TCP
|
|
- port: 8000
|
|
protocol: TCP
|
|
- port: 9187
|
|
protocol: TCP
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: NetworkPolicy
|
|
metadata:
|
|
name: allow-ingress-from-forgejo-forgejo-db
|
|
namespace: databases
|
|
spec:
|
|
podSelector:
|
|
matchLabels:
|
|
cnpg.io/cluster: forgejo-db
|
|
policyTypes:
|
|
- Ingress
|
|
ingress:
|
|
- from:
|
|
- namespaceSelector:
|
|
matchLabels:
|
|
kubernetes.io/metadata.name: forgejo
|
|
ports:
|
|
- port: 5432
|
|
protocol: TCP |