From a4842104c70022b65ee3fb0d3a336e2623e4df1a Mon Sep 17 00:00:00 2001
From: WrenIX <dev@wrenix.eu>
Date: Thu, 20 Jun 2024 11:19:15 +0200
Subject: [PATCH] fix(infra-ingress): support hostNetwork

---
 infra-ingress/templates/traefik/release.yaml | 19 +++++++++++++++++++
 infra-ingress/values.yaml                    |  1 +
 2 files changed, 20 insertions(+)

diff --git a/infra-ingress/templates/traefik/release.yaml b/infra-ingress/templates/traefik/release.yaml
index a01b618..0fde13a 100644
--- a/infra-ingress/templates/traefik/release.yaml
+++ b/infra-ingress/templates/traefik/release.yaml
@@ -21,9 +21,13 @@ spec:
     {{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }}
   interval: 10m
   values:
+    globalArguments:
+      - "--global.checknewversion=false"
+      - "--global.sendanonymoususage=false"
     deployment:
       enabled: {{ toYaml (not .Values.external) }}
       kind: DaemonSet
+    hostNetwork: {{ .Values.hostNetwork }}
     updateStrategy:
       rollingUpdate:
         maxUnavailable: 1
@@ -54,17 +58,32 @@ spec:
     priorityClassName: "system-cluster-critical"
 
     ports:
+      metrics:
+        port: 9111
       web:
         hostPort: 80
+        {{- if .Values.hostNetwork }}
+        port: 80
+        {{- end }}
         asDefault: true
       websecure:
         hostPort: 443
+        {{- if .Values.hostNetwork }}
+        port: 443
+        {{- end }}
         asDefault: true
         http3:
           enabled: true
       {{- with .Values.traefik.ports }}
       {{- toYaml . | nindent 6 }}
       {{- end }}
+    {{- if .Values.hostNetwork }}
+    podSecurityContext: null
+    securityContext:
+      capabilities:
+        add:
+          - "NET_BIND_SERVICE"
+    {{- end }}
 
     providers:
       kubernetesIngress:
diff --git a/infra-ingress/values.yaml b/infra-ingress/values.yaml
index 7d4ef48..a8d72c4 100644
--- a/infra-ingress/values.yaml
+++ b/infra-ingress/values.yaml
@@ -30,6 +30,7 @@ commons:
       labels: {}
 
 controller: "traefik"
+hostNetwork: true
 external: true
 traefik:
   ports: {}