shahab/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: NetworkSecurity | add secure routes for longhorn+grafana

Browse Source
This commit is contained in:
Shahab Dogar
2025-11-23 00:20:36 +05:00
parent 5d87f6ae52
commit c4a94772d9
1 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
network-security/index.ts
View File

@@ -9,6 +9,7 @@ import {
IpAllowListMiddlewareTCP, IpAllowListMiddlewareTCP,
} from "./traefik"; } from "./traefik";
import { ValkeyCluster } from "./valkey"; import { ValkeyCluster } from "./valkey";
import { InternalIngressRoute } from "../utils";
export class NetworkSecurity extends TerraformStack { export class NetworkSecurity extends TerraformStack {
constructor(scope: Construct, id: string) { constructor(scope: Construct, id: string) {
@@ -79,5 +80,23 @@ export class NetworkSecurity extends TerraformStack {
name: "tcp-ip-allow-list", name: "tcp-ip-allow-list",
sourceRanges: ["192.168.18.0/24", "10.42.0.0/16"], sourceRanges: ["192.168.18.0/24", "10.42.0.0/16"],
}); });
new InternalIngressRoute(this, "longhorn-ui", {
provider: kubernetes,
namespace: "longhorn-system",
name: "longhorn-ui",
host: "longhorn.dogar.dev",
serviceName: "longhorn-frontend",
servicePort: 80,
});
new InternalIngressRoute(this, "grafana-ui", {
provider: kubernetes,
namespace: "monitoring",
name: "grafana-ui",
host: "grafana.dogar.dev",
serviceName: "prometheus-operator-grafana",
servicePort: 80,
});
} }
} }