From 4bcb91109cad13b6716130fd8c2797896bf0e8bd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C3=A1rcio=20Fernandes?= <marcio.fernandes@outlook.pt>
Date: Sun, 29 Mar 2026 21:37:33 +0000
Subject: [PATCH] network policies simplification, fix certificate typo

---
 deploy/infra/certificate.yaml      |  2 +-
 deploy/infra/network-policies.yaml | 76 ++++--------------------------
 2 files changed, 11 insertions(+), 67 deletions(-)

diff --git a/deploy/infra/certificate.yaml b/deploy/infra/certificate.yaml
index c58b39b..17a6670 100644
--- a/deploy/infra/certificate.yaml
+++ b/deploy/infra/certificate.yaml
@@ -5,7 +5,7 @@ metadata:
 spec:
   secretName: limbosolutions-com-tls
   issuerRef:
-    name: leftencrypt-prod
+    name: letsencrypt-prod
     kind: ClusterIssuer
   dnsNames:
     - git.limbosolutions.com
\ No newline at end of file
diff --git a/deploy/infra/network-policies.yaml b/deploy/infra/network-policies.yaml
index f65cd29..0ef28ac 100644
--- a/deploy/infra/network-policies.yaml
+++ b/deploy/infra/network-policies.yaml
@@ -1,13 +1,18 @@
 apiVersion: cilium.io/v2
 kind: CiliumNetworkPolicy
 metadata:
-  name: deny-default
+  name: allow-same-namespace-ingress
 spec:
-  endpointSelector: {}
-  ingressDeny:
-    - fromEndpoints: []
----
+  endpointSelector: {}   # All pods in this namespace
+  ingress:
+    - fromEndpoints:
+        - matchExpressions:
+            - key: k8s:io.kubernetes.pod.namespace
+              operator: In
+              values:
+                - git-limbosolutions-com
 
+---
 
 apiVersion: cilium.io/v2
 kind: CiliumNetworkPolicy
@@ -45,64 +50,3 @@ spec:
             - port: "2222"
               protocol: TCP
 
-
----
-
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-postgresql-ingress
-  namespace: git-limbosolutions-com
-spec:
-  endpointSelector:
-    matchLabels:
-      app.kubernetes.io/name: postgresql
-
-  ingress:
-    - fromEndpoints:
-        - matchLabels:
-            app.kubernetes.io/name: gitea
-          matchExpressions:
-            - key: k8s:io.kubernetes.pod.namespace
-              operator: In
-              values:
-                - git-limbosolutions-com
-        - matchLabels:
-            dbAccess: "true"
-          matchExpressions:
-            - key: k8s:io.kubernetes.pod.namespace
-              operator: In
-              values:
-                - git-limbosolutions-com
-      toPorts:
-        - ports:
-            - port: "5432"
-              protocol: TCP
-
----
-
-apiVersion: cilium.io/v2
-kind: CiliumNetworkPolicy
-metadata:
-  name: allow-valkey-ingress
-  namespace: git-limbosolutions-com
-spec:
-  endpointSelector:
-    matchLabels:
-      app.kubernetes.io/name: valkey
-
-  ingress:
-    - fromEndpoints:
-        - matchLabels:
-            app.kubernetes.io/name: gitea
-          matchExpressions:
-            - key: k8s:io.kubernetes.pod.namespace
-              operator: In
-              values:
-                - git-limbosolutions-com
-      toPorts:
-        - ports:
-            - port: "6379"
-              protocol: TCP
-
-