add soulsync

Signed-off-by: gwg313 <gwg313@pm.me>
This commit is contained in:
gwg313 2026-06-18 14:01:20 -04:00
parent 2671abc98c
commit 67a2318a96
Signed by: gwg313
GPG key ID: 60FF63B4826B7400
13 changed files with 467 additions and 0 deletions

View file

@ -0,0 +1,45 @@
# ----------------------------------------------------
# Ingress only from Gateway API
# ----------------------------------------------------
apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy
metadata:
name: allow-ingress
namespace: slskd
spec:
endpointSelector:
matchLabels:
app: slskd
ingress:
- fromEntities:
- ingress
toPorts:
- ports:
- port: "5030"
protocol: TCP
- port: "8080"
protocol: TCP
---
# ----------------------------------------------------
# VPN killswitch — only allow egress to ProtonVPN endpoint
# All other internet traffic is blocked, forcing it through the tunnel
# ----------------------------------------------------
apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy
metadata:
name: vpn-killswitch
namespace: slskd
spec:
endpointSelector:
matchLabels:
app: slskd
egress:
- toCIDR:
- "149.50.216.205/32"
toPorts:
- ports:
- port: "51820"
protocol: UDP