feat: NetworkSecurity | add secure routes for longhorn+grafana

2025-11-23 00:20:36 +05:00
parent 5d87f6ae52
commit c4a94772d9
1 changed files with 19 additions and 0 deletions
--- a/network-security/index.ts
+++ b/network-security/index.ts
@@ -9,6 +9,7 @@ import {
  IpAllowListMiddlewareTCP,
 } from "./traefik";
 import { ValkeyCluster } from "./valkey";
+import { InternalIngressRoute } from "../utils";

 export class NetworkSecurity extends TerraformStack {
  constructor(scope: Construct, id: string) {
@@ -79,5 +80,23 @@ export class NetworkSecurity extends TerraformStack {
      name: "tcp-ip-allow-list",
      sourceRanges: ["192.168.18.0/24", "10.42.0.0/16"],
    });
+
+    new InternalIngressRoute(this, "longhorn-ui", {
+      provider: kubernetes,
+      namespace: "longhorn-system",
+      name: "longhorn-ui",
+      host: "longhorn.dogar.dev",
+      serviceName: "longhorn-frontend",
+      servicePort: 80,
+    });
+
+    new InternalIngressRoute(this, "grafana-ui", {
+      provider: kubernetes,
+      namespace: "monitoring",
+      name: "grafana-ui",
+      host: "grafana.dogar.dev",
+      serviceName: "prometheus-operator-grafana",
+      servicePort: 80,
+    });
  }
 }