security(monitoring): remove public SNMP exporter ingress

snmp-exporter-external.viktorbarzin.me exposed UPS metrics to the public internet with no authentication. Removed the external ingress and Cloudflare DNS record. ha-sofia now accesses the SNMP exporter via the existing .lan ingress (allow_local_access_only=true) using direct IP 10.0.20.200 with Host header.
2026-04-06 15:23:56 +03:00 · 2026-04-06 15:23:56 +03:00 · 6abc0b9742
commit 6abc0b9742
parent 7f141faa8c
2 changed files with 0 additions and 12 deletions
--- a/config.tfvars
+++ b/config.tfvars
--- a/stacks/monitoring/modules/monitoring/snmp_exporter.tf
+++ b/stacks/monitoring/modules/monitoring/snmp_exporter.tf
@ -128,15 +128,3 @@ module "snmp-exporter-ingress" {
  ssl_redirect            = false
  port                    = 9116
 }
-module "snmp-exporter-ingress-external" {
-  source                  = "../../../../modules/kubernetes/ingress_factory"
-  namespace               = kubernetes_namespace.monitoring.metadata[0].name
-  name                    = "snmp-exporter-external"
-  service_name            = "snmp-exporter"
-  root_domain             = "viktorbarzin.me"
-  tls_secret_name         = var.tls_secret_name
-  allow_local_access_only = false
-  ssl_redirect            = false
-  port                    = 9116
-  protected               = false
-}