🟢 deploy/netpol.yaml
🛠️ README.md -> updated local mods 🛠️ deploy/kustomization.yaml -> added netpol
This commit is contained in:
@@ -2,7 +2,6 @@
|
|||||||
|
|
||||||
FORKED FROM https://github.com/hotheadhacker/no-as-a-service
|
FORKED FROM https://github.com/hotheadhacker/no-as-a-service
|
||||||
|
|
||||||
|
|
||||||
## local modifications
|
## local modifications
|
||||||
|
|
||||||
- answer on / instead of /no
|
- answer on / instead of /no
|
||||||
@@ -10,6 +9,8 @@ FORKED FROM https://github.com/hotheadhacker/no-as-a-service
|
|||||||
- add Dockerfile to build this sh*t
|
- add Dockerfile to build this sh*t
|
||||||
- kustomization in [deploy](deploy) directory (use your own registry)
|
- kustomization in [deploy](deploy) directory (use your own registry)
|
||||||
|
|
||||||
|
the deploy runs non root, no caps, read only file system, network policy and sh*t ftw
|
||||||
|
|
||||||
## intro
|
## intro
|
||||||
|
|
||||||
<p align="center">
|
<p align="center">
|
||||||
|
|||||||
@@ -6,6 +6,7 @@ resources:
|
|||||||
- deploy.yaml
|
- deploy.yaml
|
||||||
- service.yaml
|
- service.yaml
|
||||||
- ingress.yaml
|
- ingress.yaml
|
||||||
|
- netpol.yaml
|
||||||
images:
|
images:
|
||||||
- name: noaas
|
- name: noaas
|
||||||
newName: <my-harbor-url>/library/no-as-a-service
|
newName: <my-harbor-url>/library/no-as-a-service
|
||||||
|
|||||||
19
deploy/netpol.yaml
Normal file
19
deploy/netpol.yaml
Normal file
@@ -0,0 +1,19 @@
|
|||||||
|
apiVersion: networking.k8s.io/v1
|
||||||
|
kind: NetworkPolicy
|
||||||
|
metadata:
|
||||||
|
name: noaas
|
||||||
|
spec:
|
||||||
|
policyTypes:
|
||||||
|
- Ingress
|
||||||
|
- Egress
|
||||||
|
podSelector:
|
||||||
|
matchLabels:
|
||||||
|
app: noaas
|
||||||
|
ingress:
|
||||||
|
- from:
|
||||||
|
- namespaceSelector:
|
||||||
|
matchLabels:
|
||||||
|
kubernetes.io/metadata.name: ingress-nginx
|
||||||
|
ports:
|
||||||
|
- protocol: TCP
|
||||||
|
port: 3000
|
||||||
Reference in New Issue
Block a user