From 86a0dee00071a04f338e22da8bbd0d3b8db67b8d Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Tue, 3 Mar 2026 10:00:05 -0800 Subject: [PATCH] Remove ollama LAN NodePort service The sanctioned ingress is ollama.ops.eblu.me via tailnet. Co-Authored-By: Claude Opus 4.6 --- argocd/manifests/ollama/kustomization.yaml | 1 - argocd/manifests/ollama/service-nodeport.yaml | 16 ---------------- nixos/ringtail/configuration.nix | 2 -- 3 files changed, 19 deletions(-) delete mode 100644 argocd/manifests/ollama/service-nodeport.yaml diff --git a/argocd/manifests/ollama/kustomization.yaml b/argocd/manifests/ollama/kustomization.yaml index 78500d4..75add74 100644 --- a/argocd/manifests/ollama/kustomization.yaml +++ b/argocd/manifests/ollama/kustomization.yaml @@ -7,7 +7,6 @@ resources: - pvc.yaml - deployment.yaml - service.yaml - - service-nodeport.yaml - ingress-tailscale.yaml images: diff --git a/argocd/manifests/ollama/service-nodeport.yaml b/argocd/manifests/ollama/service-nodeport.yaml deleted file mode 100644 index 849c74a..0000000 --- a/argocd/manifests/ollama/service-nodeport.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -# Local subnet access for non-tailnet devices -apiVersion: v1 -kind: Service -metadata: - name: ollama-nodeport - namespace: ollama -spec: - type: NodePort - selector: - app: ollama - ports: - - name: http - port: 11434 - targetPort: 11434 - nodePort: 80 diff --git a/nixos/ringtail/configuration.nix b/nixos/ringtail/configuration.nix index 2d16381..562cfdb 100644 --- a/nixos/ringtail/configuration.nix +++ b/nixos/ringtail/configuration.nix @@ -130,8 +130,6 @@ in "--disable=metrics-server" "--write-kubeconfig-mode=644" "--tls-san=ringtail.tail8d86e.ts.net" - # Allow ollama NodePort on port 80 for non-tailnet LAN devices - "--service-node-port-range=80-32767" ]; containerdConfigTemplate = '' {{ template "base" . }}