bind-internal: allow admin workstation + router to query authoritative
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful

Adds two /32 host entries to auth-acl-main so the operator's workstation
(10.10.12.200, over wireguard) and router (198.18.21.160) can query the
bind-authoritative servers. The router's /24 (198.18.21.0/24) is not in the
ACL, so an explicit host entry is required.
This commit is contained in:
2026-07-16 22:51:12 +10:00
parent b1b2112c66
commit 3a840b2d04
@@ -24,3 +24,6 @@ spec:
- 198.18.27.0/24
- 198.18.28.0/24
- 198.18.29.0/24
# Admin/management access (individual hosts, not whole subnets)
- 10.10.12.200/32 # benvin workstation (wireguard)
- 198.18.21.160/32 # benvin router