viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add ollama-api ingress accessible only locally to allow claude code [ci skip]

Browse source
This commit is contained in:
Viktor Barzin 2026-01-19 20:15:43 +00:00
parent d8eab79593
commit 6e4cfb4c3a
No known key found for this signature in database
GPG key ID: 4056458DBDBF8863
3 changed files with 15 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

16
modules/kubernetes/ollama/main.tf
View file

@ -145,7 +145,7 @@ resource "kubernetes_service" "ollama" {
}
}
# Allow ollama to be connected to from external apps
# Allow ollama to be connected to from external apps (internal LAN only)
module "ollama-ingress" {
source = "../ingress_factory"
namespace = kubernetes_namespace.ollama.metadata[0].name
@ -158,6 +158,20 @@ module "ollama-ingress" {
port = 11434
}
# Ollama API ingress for Claude Code access (restricted to LAN/VPN)
module "ollama-api-ingress" {
source = "../ingress_factory"
namespace = kubernetes_namespace.ollama.metadata[0].name
name = "ollama-api"
service_name = "ollama"
root_domain = "viktorbarzin.lan"
tls_secret_name = var.tls_secret_name
allow_local_access_only = true # Restricts to 10.0.0.0/8, 192.168.1.0/24
ssl_redirect = false
port = 11434
proxy_timeout = 300 # Longer timeout for model inference
}
# Web UI
resource "kubernetes_deployment" "ollama-ui" {
metadata {

BIN
terraform.tfstate
View file

Binary file not shown.

BIN
terraform.tfvars
View file

Binary file not shown.