fix: dispatcher use internal Vikunja URL + allow port 3456 egress
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
This commit is contained in:
Zoë
parent
ea15680df4
commit
33e360cd30
2 changed files with 17 additions and 2 deletions
|
|
@ -41,7 +41,7 @@ spec:
|
|||
name: dispatcher-approle
|
||||
key: secret_id
|
||||
- name: VIKUNJA_BASE_URL
|
||||
value: "https://tasks.ctz.fyi"
|
||||
value: "http://vikunja.vikunja.svc.cluster.local:3456"
|
||||
- name: VIKUNJA_PROJECT_ID
|
||||
value: "78"
|
||||
- name: VIKUNJA_TODO_BUCKET_ID
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ spec:
|
|||
- port: 6443
|
||||
protocol: TCP
|
||||
---
|
||||
# Allow dispatcher egress to k8s API and OpenBao only
|
||||
# Allow dispatcher egress to k8s API, OpenBao, and Vikunja
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: NetworkPolicy
|
||||
metadata:
|
||||
|
|
@ -78,3 +78,18 @@ spec:
|
|||
ports:
|
||||
- port: 8200
|
||||
protocol: TCP
|
||||
# Vikunja in-cluster
|
||||
- to:
|
||||
- namespaceSelector:
|
||||
matchLabels:
|
||||
kubernetes.io/metadata.name: vikunja
|
||||
ports:
|
||||
- port: 3456
|
||||
protocol: TCP
|
||||
# k8s API server
|
||||
- to:
|
||||
- ipBlock:
|
||||
cidr: 0.0.0.0/0
|
||||
ports:
|
||||
- port: 6443
|
||||
protocol: TCP
|
||||
|
|
|
|||
Loading…
Reference in a new issue