helm-charts/paperless-ngx/templates/networkpolicy.yaml

{{- with .Values.networkPolicy }}
{{- if .enabled }}
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: {{ include "paperless-ngx.fullname" $ }}
  labels:
    {{- include "paperless-ngx.labels" $ | nindent 4 }}
spec:
  podSelector:
    matchLabels:
      {{- include "paperless-ngx.selectorLabels" $ | nindent 6 }}
  policyTypes:
    - Ingress
    {{- if .egress.enabled }}
    - Egress
    {{- end }}
  ingress:
    {{- with .ingress.http }}
    - ports:
        - port: 8000
          protocol: TCP
      from:
        {{- toYaml . | nindent 8 }}
    {{- end }}{{/* end-with .ingress.http */}}

    {{- with .ingress.metrics }}
    - ports:
        - port: 5555
          protocol: TCP
      from:
        {{- toYaml . | nindent 8 }}
    {{- end }}{{/* end-with .ingress.metrics */}}

  {{- with .egress }}
  {{- if .enabled }}
  egress:
    {{- with .dns }}
    - ports:
        - port: 53
          protocol: UDP
      to:
        {{- toYaml . | nindent 8 }}
    {{- end }}
    {{- with .database }}
    {{- toYaml . | nindent 4 }}
    {{- else }}
    - ports:
        - port: 5432
          protocol: TCP
      to:
        - podSelector:
            matchLabels:
              app.kubernetes.io/instance: {{ .Release.Name }}
              app.kubernetes.io/name: postgresql
    - ports:
        - port: 6379
          protocol: TCP
      to:
        - podSelector:
            matchLabels:
              app.kubernetes.io/instance: {{ .Release.Name }}
              app.kubernetes.io/name: redis
              app.kubernetes.io/component: master
    {{- end }}
    {{- with .extra }}
    {{- toYaml . | nindent 4 }}
    {{- end }}
  {{- end }}{{/* end-if egress.enabled */}}
  {{- end }}{{/* end-with .egress */}}
{{- end }}
{{- end }}
feat(paperless-ngx): add paperless-ngx 2025-02-23 13:11:44 +01:00			`{{- with .Values.networkPolicy }}`
			`{{- if .enabled }}`
			`---`
			`apiVersion: networking.k8s.io/v1`
			`kind: NetworkPolicy`
			`metadata:`
			`name: {{ include "paperless-ngx.fullname" $ }}`
			`labels:`
			`{{- include "paperless-ngx.labels" $ \| nindent 4 }}`
			`spec:`
			`podSelector:`
			`matchLabels:`
			`{{- include "paperless-ngx.selectorLabels" $ \| nindent 6 }}`
			`policyTypes:`
			`- Ingress`
			`{{- if .egress.enabled }}`
			`- Egress`
			`{{- end }}`
			`ingress:`
			`{{- with .ingress.http }}`
			`- ports:`
			`- port: 8000`
			`protocol: TCP`
			`from:`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}{{/* end-with .ingress.http */}}`

			`{{- with .ingress.metrics }}`
			`- ports:`
			`- port: 5555`
			`protocol: TCP`
			`from:`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}{{/* end-with .ingress.metrics */}}`

			`{{- with .egress }}`
			`{{- if .enabled }}`
			`egress:`
			`{{- with .dns }}`
			`- ports:`
			`- port: 53`
			`protocol: UDP`
			`to:`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}`
			`{{- with .database }}`
			`{{- toYaml . \| nindent 4 }}`
			`{{- else }}`
			`- ports:`
			`- port: 5432`
			`protocol: TCP`
			`to:`
			`- podSelector:`
			`matchLabels:`
			`app.kubernetes.io/instance: {{ .Release.Name }}`
			`app.kubernetes.io/name: postgresql`
			`- ports:`
			`- port: 6379`
			`protocol: TCP`
			`to:`
			`- podSelector:`
			`matchLabels:`
			`app.kubernetes.io/instance: {{ .Release.Name }}`
			`app.kubernetes.io/name: redis`
			`app.kubernetes.io/component: master`
			`{{- end }}`
			`{{- with .extra }}`
			`{{- toYaml . \| nindent 4 }}`
			`{{- end }}`
			`{{- end }}{{/* end-if egress.enabled */}}`
			`{{- end }}{{/* end-with .egress */}}`
			`{{- end }}`
			`{{- end }}`