core/installer/values-tmpl/ingress-private.yaml - pcloud - Gitiles

 apiVersion: helm.toolkit.fluxcd.io/v2beta1
 kind: HelmRelease
 metadata:
   name: ingress-private
   namespace: {{ .Global.NamespacePrefix }}ingress-private
 spec:
   chart:
     spec:
       chart: charts/ingress-nginx
       sourceRef:
         kind: GitRepository
         name: pcloud
         namespace: {{ .Global.Id }}
   interval: 1m0s
   values:
     fullnameOverride: {{ .Global.Id }}-nginx-private
     controller:
       service:
         enabled: true
         type: ClusterIP
       ingressClassByName: true
       ingressClassResource:
         name: {{ .Global.Id }}-ingress-private
         enabled: true
         default: false
         controllerValue: k8s.io/{{ .Global.Id }}-ingress-private
       extraArgs:
         default-ssl-certificate: "{{ .Global.Id }}-ingress-private/cert-wildcard.p.{{ .Global.Domain }}"
       extraContainers:
       - name: tailscale
         image: tailscale/tailscale:v1.42.0
         imagePullPolicy: IfNotPresent
         securityContext:
           privileged: true
           capabilities:
             add:
             - NET_ADMIN
         env:
         - name: TS_EXTRA_ARGS
           value: --hostname={{ .Global.PCloudEnvName }}-ingress --login-server=headscale.{{ .Global.Domain }} # TODO(gio): take headscale subdomain from configuration
	apiVersion: helm.toolkit.fluxcd.io/v2beta1
	kind: HelmRelease
	metadata:
	name: ingress-private
	namespace: {{ .Global.NamespacePrefix }}ingress-private
	spec:
	chart:
	spec:
	chart: charts/ingress-nginx
	sourceRef:
	kind: GitRepository
	name: pcloud
	namespace: {{ .Global.Id }}
	interval: 1m0s
	values:
	fullnameOverride: {{ .Global.Id }}-nginx-private
	controller:
	service:
	enabled: true
	type: ClusterIP
	ingressClassByName: true
	ingressClassResource:
	name: {{ .Global.Id }}-ingress-private
	enabled: true
	default: false
	controllerValue: k8s.io/{{ .Global.Id }}-ingress-private
	extraArgs:
	default-ssl-certificate: "{{ .Global.Id }}-ingress-private/cert-wildcard.p.{{ .Global.Domain }}"
	extraContainers:
	- name: tailscale
	image: tailscale/tailscale:v1.42.0
	imagePullPolicy: IfNotPresent
	securityContext:
	privileged: true
	capabilities:
	add:
	- NET_ADMIN
	env:
	- name: TS_EXTRA_ARGS
	value: --hostname={{ .Global.PCloudEnvName }}-ingress --login-server=headscale.{{ .Global.Domain }} # TODO(gio): take headscale subdomain from configuration