diff --git a/network-security/index.ts b/network-security/index.ts index f6ed544..b39ee12 100644 --- a/network-security/index.ts +++ b/network-security/index.ts @@ -7,7 +7,6 @@ import { RateLimitMiddleware, IpAllowListMiddleware, IpAllowListMiddlewareTCP, - TLSOptions, } from "./traefik"; import { ValkeyCluster } from "./valkey"; import { InternalIngressRoute, PrivateCertificate } from "../utils"; @@ -68,11 +67,6 @@ export class NetworkSecurity extends TerraformStack { name: "rate-limit", }); - new TLSOptions(this, "tls-options", { - provider: kubernetes, - namespace, - }); - new IpAllowListMiddleware(this, "internal-ip-allow-list", { provider: kubernetes, namespace, diff --git a/network-security/traefik/index.ts b/network-security/traefik/index.ts index 3e84db1..0c29d72 100644 --- a/network-security/traefik/index.ts +++ b/network-security/traefik/index.ts @@ -1,3 +1,2 @@ export { RateLimitMiddleware } from "./rateLimit"; export { IpAllowListMiddleware, IpAllowListMiddlewareTCP } from "./ipAllowList"; -export { TLSOptions } from "./tlsOpts"; diff --git a/network-security/traefik/tlsOpts.ts b/network-security/traefik/tlsOpts.ts deleted file mode 100644 index 3dbc6e8..0000000 --- a/network-security/traefik/tlsOpts.ts +++ /dev/null @@ -1,31 +0,0 @@ -import { Construct } from "constructs"; -import { Manifest } from "@cdktf/provider-kubernetes/lib/manifest"; -import { KubernetesProvider } from "@cdktf/provider-kubernetes/lib/provider"; - -export class TLSOptions extends Construct { - constructor( - scope: Construct, - id: string, - opts: { provider: KubernetesProvider; namespace: string }, - ) { - super(scope, id); - - const { provider, namespace } = opts; - - new Manifest(this, "traefik-tls-options", { - provider, - manifest: { - apiVersion: "traefik.io/v1alpha1", - kind: "TLSOption", - metadata: { - namespace, - name: "tls-options", - }, - spec: { - minVersion: "VersionTLS13", - sniStrict: true, - }, - }, - }); - } -}