---
# https://docs.k3s.io/helm
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
  name: cilium
  namespace: kube-system
spec:
  # renovate: datasource=helm
  repo: https://helm.cilium.io/
  chart: cilium
  version: 1.14.5
  targetNamespace: kube-system
  bootstrap: true
  valuesContent: |-
    cluster:
      name: homelab
      id: 1
    containerRuntime:
      integration: containerd
      socketPath: /var/run/k3s/containerd/containerd.sock
    hubble:
      enabled: true
      relay:
        enabled: true
      ui:
        enabled: true
    ipam:
      mode: kubernetes
    ipv4NativeRoutingCIDR: "{{ k3s_server['cluster-cidr'] }}"
    k8sServiceHost: "{{ k3s_registration_address }}"
    k8sServicePort: 6443
    kubeProxyReplacement: true
    localRedirectPolicy: true
    operator:
      rollOutPods: true
    rollOutCiliumPods: true
    securityContext:
      privileged: true
    policyAuditMode: true
    hostFirewall:
      enabled: true
    extraConfig:
      allow-localhost: policy
    bgp:
      enabled: false
      announce:
        loadbalancerIP: true
        podCIDR: false
    bgpControlPlane:
      enabled: true