fix(rook-ceph): RGW hostNetwork netpols

.rtx.toml

@@ -15,6 +15,7 @@ talhelper = ["1.16.2"]
 cilium-cli= ["0.15.14"]
 1password-cli = ["2.24.0"]
 restic = ["0.16.4"]
+k9s = ["0.32.4"]
 
 #pulumi = ["3.95.0"]
 

kube/deploy/core/storage/rook-ceph/app/netpol.yaml

@@ -52,6 +52,17 @@ spec:
             io.kubernetes.pod.namespace: rook-ceph
     - toFQDNs:
         - matchName: "rgw-biohazard.${DNS_TS}"
+    - toCIDRSet:
+        - cidr: "${IP_VLAN_CEPH_CIDR}"
+      toPorts:
+        - ports:
+            - port: "6953"
+    - toEntities:
+        - "host"
+        - "remote-node"
+      toPorts:
+        - ports:
+            - port: "6953"
 ---
 # yaml-language-server: $schema=https://raw.githubusercontent.com/datreeio/CRDs-catalog/main/cilium.io/ciliumnetworkpolicy_v2.json
 apiVersion: cilium.io/v2
@@ -86,4 +97,4 @@ spec:
             s3.home.arpa/store: rgw-${CLUSTER_NAME}
         - matchExpressions:
             - key: io.kubernetes.pod.namespace
-              operator: Exists
+              operator: Exists