k-space
/
kube
10
1
Fork 1
Code Issues 17 Pull Requests Projects Activity

wildduck: Add network policies for ZoneMTA and webmail

This commit is contained in:
Lauri Võsandi 2023-09-17 11:52:52 +03:00
parent a0d48d4243
commit efc76d7a10
2 changed files with 39 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
wildduck/webmail.yaml
View File

@ -66,11 +66,11 @@ spec:
replicas: 2 replicas: 2
selector: selector:
matchLabels: matchLabels:
app: webmail app.kubernetes.io/name: webmail
template: template:
metadata: metadata:
labels: labels:
app: webmail app.kubernetes.io/name: webmail
spec: spec:
containers: containers:
- name: webmail - name: webmail
@ -112,7 +112,7 @@ metadata:
namespace: wildduck namespace: wildduck
spec: spec:
selector: selector:
app: webmail app.kubernetes.io/name: webmail
ports: ports:
- protocol: TCP - protocol: TCP
port: 80 port: 80
@ -154,3 +154,24 @@ spec:
regex: ^https://webmail.k-space.ee/$ regex: ^https://webmail.k-space.ee/$
replacement: https://webmail.k-space.ee/webmail/ replacement: https://webmail.k-space.ee/webmail/
permanent: false permanent: false
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: webmail
spec:
podSelector:
matchLabels:
app.kubernetes.io/name: webmail
policyTypes:
- Ingress
ingress:
- ports:
- port: 3000
from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: traefik
podSelector:
matchLabels:
app.kubernetes.io/name: traefik

15
wildduck/zonemta.yaml
View File

@ -140,3 +140,18 @@ spec:
- name: cert - name: cert
secret: secret:
secretName: wildduck-tls secretName: wildduck-tls
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: zonemta
spec:
podSelector:
matchLabels:
app.kubernetes.io/name: wildduck
app.kubernetes.io/component: zonemta
policyTypes:
- Ingress
ingress:
- ports:
- port: 9465