From c0524510b89b2f7a2049c1f7d8470376c3c2d60f Mon Sep 17 00:00:00 2001
From: Lumpiasty <arek.dzski@gmail.com>
Date: Sun, 3 Aug 2025 17:34:17 +0200
Subject: [PATCH] add nginx-ingress

---
 infra/controllers/nginx-ingress.yaml | 61 ++++++++++++++++++++++++++++
 infra/kustomization.yaml             |  1 +
 2 files changed, 62 insertions(+)
 create mode 100644 infra/controllers/nginx-ingress.yaml

diff --git a/infra/controllers/nginx-ingress.yaml b/infra/controllers/nginx-ingress.yaml
new file mode 100644
index 0000000..44f899d
--- /dev/null
+++ b/infra/controllers/nginx-ingress.yaml
@@ -0,0 +1,61 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: nginx-ingress
+---
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+  name: ingress-nginx
+  namespace: nginx-ingress
+spec:
+  interval: 24h
+  url: https://kubernetes.github.io/ingress-nginx
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: nginx-ingress
+  namespace: nginx-ingress
+spec:
+  interval: 30m
+  chart:
+    spec:
+      chart: ingress-nginx
+      version: 4.13.0
+      sourceRef:
+        kind: HelmRepository
+        name: ingress-nginx
+        namespace: nginx-ingress
+      interval: 12h
+  values:
+    controller:
+      resources:
+        requests:
+          cpu: 0
+          memory: 128Mi
+        limits:
+          cpu: 100m
+          memory: 128Mi
+
+      ingressClass: "nginx-ingress"
+      ingressClassResource:
+        name: "nginx-ingress"
+        enabled: true
+        default: false
+
+      service:
+        create: true
+        type: LoadBalancer
+        # Requirement for sharing ip with other service
+        externalTrafficPolicy: Cluster
+        ipFamilyPolicy: RequireDualStack
+        # annotations:
+        #   # Share IP with gitea ssh so we can have the same domain for both port
+        #   lbipam.cilium.io/sharing-key: gitea
+        #   lbipam.cilium.io/sharing-cross-namespace: gitea
+        #   lbipam.cilium.io/ips: 10.44.0.0,2001:470:61a3:400::1
+      # config:
+      #   entries:
+      #     proxy-buffering: "false"
diff --git a/infra/kustomization.yaml b/infra/kustomization.yaml
index 0a870e8..6e20638 100644
--- a/infra/kustomization.yaml
+++ b/infra/kustomization.yaml
@@ -4,6 +4,7 @@ resources:
   - controllers/k8up-crd-4.8.3.yaml
   - controllers/cilium.yaml
   - controllers/nginx.yaml
+  - controllers/nginx-ingress.yaml
   - controllers/dns-public.yaml
   - controllers/cert-manager.yaml
   - controllers/cert-manager-webhook-ovh.yaml