farhoodliquor/irc
Archived
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: farhoodliquor/irc:fix/httproute-gateway-namespace
Branches Tags
farhoodliquor/irc:main farhoodliquor/irc:chore/remove-network-policies farhoodliquor/irc:fix/httproute-gateway-namespace farhoodliquor/irc:fix/znc-container-crash farhoodliquor/irc:feat/gitea-actions-standardization
..
pull from: farhoodliquor/irc:chore/remove-network-policies
Branches Tags
farhoodliquor/irc:main farhoodliquor/irc:chore/remove-network-policies farhoodliquor/irc:fix/httproute-gateway-namespace farhoodliquor/irc:fix/znc-container-crash farhoodliquor/irc:feat/gitea-actions-standardization

2 Commits
fix/httproute-gateway-namespace .. chore/remove-network-policies

Author SHA1 Message Date
Chris Farhood a0df6cd978 chore: remove NetworkPolicy resources for IRC apps 2026-02-10 12:48:09 -05:00
Chris Farhood 0f4cf77ec3 Merge pull request 'fix: correct HTTPRoute gateway namespace to gateway-system' (#5) from fix/httproute-gateway-namespace into main 
Reviewed-on: #5
Reviewed-by: polaris <no-reply.polaris@farh.net>
 2026-02-10 12:41:48 -05:00
4 changed files with 0 additions and 94 deletions
Expand all files Collapse all files
thelounge/kustomization.yaml
-1
View File
@@ -1,7 +1,6 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- networkpolicy.yaml
- statefulset.yaml
- service.yaml
- httproute.yaml
thelounge/networkpolicy.yaml
-46
View File
@@ -1,46 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: thelounge
spec:
podSelector:
matchLabels:
app.kubernetes.io/name: thelounge
policyTypes:
- Ingress
- Egress
ingress:
### Allow all ingress traffic (web app needs external access via gateway)
- {}
###
egress:
### Allow DNS resolution
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-system
podSelector:
matchLabels:
k8s-app: kube-dns
ports:
- protocol: UDP
port: 53
- protocol: TCP
port: 53
###
### Allow intra-namespace communication
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: irc
###
### Allow outbound to the world
- to:
- ipBlock:
cidr: 0.0.0.0/0
except:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
###
znc/kustomization.yaml
-1
View File
@@ -1,6 +1,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- networkpolicy.yaml
- statefulset.yaml
- service.yaml
znc/networkpolicy.yaml
-46
View File
@@ -1,46 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: znc
spec:
podSelector:
matchLabels:
app.kubernetes.io/name: znc
policyTypes:
- Ingress
- Egress
ingress:
### Allow all ingress traffic (IRC bouncer needs external connections)
- {}
###
egress:
### Allow DNS resolution
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: kube-system
podSelector:
matchLabels:
k8s-app: kube-dns
ports:
- protocol: UDP
port: 53
- protocol: TCP
port: 53
###
### Allow intra-namespace communication
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: irc
###
### Allow outbound to the world
- to:
- ipBlock:
cidr: 0.0.0.0/0
except:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
###