---
# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta2.json
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
  name: cilium
  namespace: kube-system
spec:
  interval: 30m
  chart:
    spec:
      chart: cilium
      version: 1.15.3
      sourceRef:
        kind: HelmRepository
        name: cilium
        namespace: flux-system
  maxHistory: 2
  install:
    remediation:
      retries: 3
  upgrade:
    cleanupOnFail: true
    remediation:
      retries: 3
  uninstall:
    keepHistory: false
  values:
    cluster:
      name: homelab
      id: 1
    hubble:
      relay:
        enabled: true
      ui:
        enabled: true
      metrics:
        enableOpenMetrics: true
    prometheus:
      enabled: true
    operator:
      prometheus:
        enabled: true
    ipam:
      mode: kubernetes
    kubeProxyReplacement: true
    k8sServiceHost: 127.0.0.1
    k8sServicePort: 7445
    rollOutCiliumPods: true
    cgroup:
      automount:
        enabled: false
      hostRoot: /sys/fs/cgroup
    bgp:
      enabled: false
      announce:
        loadbalancerIP: true
        podCIDR: false
    bgpControlPlane:
      enabled: true
    securityContext:
      capabilities:
        ciliumAgent:
          - CHOWN
          - KILL
          - NET_ADMIN
          - NET_RAW
          - IPC_LOCK
          - SYS_ADMIN
          - SYS_RESOURCE
          - DAC_OVERRIDE
          - FOWNER
          - SETGID
          - SETUID
        cleanCiliumState:
          - NET_ADMIN
          - SYS_ADMIN
          - SYS_RESOURCE