fix: re-enable policy, disable traffic block

2026-01-28 02:19:04 +00:00 · 2021-06-03 21:55:02 -05:00
parent 1cc90ed146
commit ecc337b5be
1 changed files with 14 additions and 2 deletions
--- a/cluster/apps/ext-gateway/helm-release.yaml
+++ b/cluster/apps/ext-gateway/helm-release.yaml
@@ -51,7 +51,19 @@ spec:
        #  periodSeconds: 60
        #  failureThreshold: 1
        networkPolicy:
-          enabled: false
+          enabled: true
+
+          egress:
+          - to:
+            - ipBlock:
+                cidr: 0.0.0.0/0
+            ports:
+            # VPN traffic
+            - port: 62441
+              protocol: UDP
+          - to:
+            - ipBlock:
+                cidr: 172.16.0.0/12

    configmap:
      # -- configmap contains clients and gateway PODs setting
@@ -87,7 +99,7 @@ spec:
          # If using a VPN, interface name created by it
          VPN_INTERFACE=wg0
          # Prevent non VPN traffic to leave the gateway
-          VPN_BLOCK_OTHER_TRAFFIC=true
+          VPN_BLOCK_OTHER_TRAFFIC=false
          # Traffic to these IPs will be send through the K8S gateway
          VPN_LOCAL_CIDRS="10.0.0.0/8 172.16.0.0/12"