From fceed3fe8522897d0162a92cac2b60908960f23a Mon Sep 17 00:00:00 2001
From: JJGadgets <git@jjgadgets.tech>
Date: Sun, 25 Aug 2024 21:14:10 +0800
Subject: [PATCH] fix(victoria-logs): netpols

---
 .../core/monitoring/victoria/logs/hr.yaml     |  4 +++-
 .../core/monitoring/victoria/logs/netpol.yaml | 19 +++++++++++++++++++
 2 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 kube/deploy/core/monitoring/victoria/logs/netpol.yaml

diff --git a/kube/deploy/core/monitoring/victoria/logs/hr.yaml b/kube/deploy/core/monitoring/victoria/logs/hr.yaml
index b9588e40..5f711fe4 100644
--- a/kube/deploy/core/monitoring/victoria/logs/hr.yaml
+++ b/kube/deploy/core/monitoring/victoria/logs/hr.yaml
@@ -1,3 +1,4 @@
+---
 apiVersion: helm.toolkit.fluxcd.io/v2beta2
 kind: HelmRelease
 metadata:
@@ -16,7 +17,8 @@ spec:
   values:
     server:
       enabled: true
-      podLabels: {}
+      podLabels:
+        ingress.home.arpa/nginx-internal: allow
       image:
         repository: docker.io/victoriametrics/victoria-logs
         tag: "v0.28.0-victorialogs@sha256:dd1685ffb6ce0be3729b27e197e864be1bd9c274e097406d4005a83360846ff1"
diff --git a/kube/deploy/core/monitoring/victoria/logs/netpol.yaml b/kube/deploy/core/monitoring/victoria/logs/netpol.yaml
new file mode 100644
index 00000000..457c699b
--- /dev/null
+++ b/kube/deploy/core/monitoring/victoria/logs/netpol.yaml
@@ -0,0 +1,19 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: victoria-logs
+  namespace: monitoring
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: victoria-logs
+  policyTypes: [Ingress, Egress]
+  ingress:
+    - from:
+        - namespaceSelector:
+            matchLabels:
+              kubernetes.io/metadata.name: fluentbit
+          podSelector:
+            matchLabels:
+              app.kubernetes.io/name: fluentbit