From 491bb3e407a9fd074cf67c6555d4ad6ef3a4d69e Mon Sep 17 00:00:00 2001 From: Earl Warren Date: Wed, 23 Oct 2024 14:46:42 +0200 Subject: [PATCH] flux-system: tweak network --- flux/clusters/flux-system/receiver.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/flux/clusters/flux-system/receiver.yaml b/flux/clusters/flux-system/receiver.yaml index be14bac..7e5b212 100644 --- a/flux/clusters/flux-system/receiver.yaml +++ b/flux/clusters/flux-system/receiver.yaml @@ -47,3 +47,21 @@ spec: kind: GitRepository # matching the GitRepository in gotk-sync.yaml name: flux-system +--- +# +# The discussion that led to adding the following is +# https://matrix.to/#/!NdTYAXrlSgIkGNiPgQ:matrix.org/$fUvRAhXEnubBTxbads0unHm7UWUGfciX_3TcoIv7xKc?via=schinas.net&via=matrix.org&via=mozilla.org +# +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: cert-manager-acme-http-solver + namespace: flux-system +spec: + podSelector: + matchLabels: + acme.cert-manager.io/http01-solver: 'true' + ingress: + - {} + policyTypes: + - Ingress