{{- if .Values.commons.networkpolicies.enabled }} --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ .Release.Name }} spec: podSelector: matchLabels: app.kubernetes.io/component: app app.kubernetes.io/instance: {{ .Release.Name }}-hr app.kubernetes.io/name: nextcloud policyTypes: - Ingress ingress: - ports: - port: 80 protocol: TCP from: - podSelector: matchLabels: app.kubernetes.io/component: metrics app.kubernetes.io/instance: {{ .Release.Name }}-hr app.kubernetes.io/name: nextcloud - podSelector: matchLabels: app.kubernetes.io/component: notify-push app.kubernetes.io/instance: {{ .Release.Name }}-hr app.kubernetes.io/name: nextcloud {{- with .Values.commons.networkpolicies.from.ingress }} {{- toYaml . | nindent 8 }} {{- end }} {{- if .Values.imaginary.enabled }} --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ .Release.Name }}-imaginary spec: podSelector: matchLabels: app.kubernetes.io/component: imaginary app.kubernetes.io/instance: {{ .Release.Name }}-hr app.kubernetes.io/name: nextcloud policyTypes: - Ingress - Egress ingress: - ports: - port: 9000 protocol: TCP from: - podSelector: matchLabels: app.kubernetes.io/component: app app.kubernetes.io/instance: {{ .Release.Name }}-hr app.kubernetes.io/name: nextcloud {{- end }} --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ .Release.Name }}-metrics spec: podSelector: matchLabels: app.kubernetes.io/component: metrics app.kubernetes.io/instance: {{ .Release.Name }}-hr app.kubernetes.io/name: nextcloud policyTypes: - Ingress - Egress ingress: - ports: - port: 9205 protocol: TCP from: {{- toYaml .Values.commons.networkpolicies.from.metrics | nindent 8 }} egress: - ports: - port: 80 protocol: TCP to: - podSelector: matchLabels: app.kubernetes.io/component: app app.kubernetes.io/instance: {{ .Release.Name }}-hr app.kubernetes.io/name: nextcloud - ports: - port: 53 protocol: UDP to: {{- toYaml .Values.commons.networkpolicies.to.dns | nindent 8 }} {{- end }}