From f0db5849c8fca899345367b2410f11cca33a8226 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= <lauri.vosandi@gmail.com>
Date: Wed, 20 Sep 2023 15:08:03 +0300
Subject: [PATCH] etherpad: Add network policy

---
 etherpad/application.yml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/etherpad/application.yml b/etherpad/application.yml
index 171b94f..848282e 100644
--- a/etherpad/application.yml
+++ b/etherpad/application.yml
@@ -107,3 +107,31 @@ spec:
   tls:
   - hosts:
     - "*.k-space.ee"
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: etherpad
+  namespace: etherpad
+spec:
+  podSelector:
+    matchLabels:
+      app: etherpad
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - from:
+        - namespaceSelector:
+            matchLabels:
+              kubernetes.io/metadata.name: traefik
+      ports:
+        - port: 9001
+          protocol: TCP
+  egress:
+    - ports:
+        - port: 3306
+          protocol: TCP
+      to:
+        - ipBlock:
+            cidr: 172.20.36.1/32