fix(kubernetes): disable network policy for things

By default these don't filter for in-cluster IPs, and our Pod IPs are
globally routable, so we don't want them to override the default Cilium
one that we deploy

kubernetes/core/rabbitmq-operator.nix

@@ -10,6 +10,11 @@
         sha256 = "8QwU58eWyWPIU2Xy4Z1Vx6TOf+CQRtjIOTx22EI4Nik=";
       };
 
+      values = {
+        clusterOperator.networkPolicy.enabled = false;
+        msgTopologyOperator.networkPolicy.enabled = false;
+      };
+
       includeCRDs = true;
     };
   };

kubernetes/guiduck/redis.nix

@@ -21,6 +21,7 @@
           };
         };
         metrics.enabled = true;
+        networkPolicy.enabled = false;
       };
     };
   };

kubernetes/outline/outline.nix

@@ -41,6 +41,7 @@ in
         architecture = "standalone";
         master.persistence.size = "1Gi";
         metrics.enabled = true;
+        networkPolicy.enabled = false;
       };
     };
 

kubernetes/poketwo/keycloak.nix

@@ -1,7 +1,7 @@
 { transpire, ... }:
 
 let
-  downloadResources = ''  
+  downloadResources = ''
     mkdir -p /keycloak/providers /keycloak/themes/keywind \
     && wget -nc -O /keycloak/providers/keycloak-discord-0.4.0.jar \
       https://github.com/wadahiro/keycloak-discord/releases/download/v0.4.1/keycloak-discord-0.4.1.jar \
@@ -130,6 +130,7 @@ in
         replicaCount = 1;
         metrics.enabled = true;
         postgresql.enabled = false;
+        networkPolicy.enabled = false;
 
         initContainers = [{
           name = "download-resources";
@@ -203,5 +204,3 @@ in
     };
   };
 }
-
-

kubernetes/poketwo/redis.nix

@@ -21,6 +21,7 @@
           };
         };
         metrics.enabled = true;
+        networkPolicy.enabled = false;
       };
     };
   };