From 1215f19147b92db6f95916f1f9ed76ae01de3aa8 Mon Sep 17 00:00:00 2001
From: Nat Allan <19149206+Truxnell@users.noreply.github.com>
Date: Sun, 10 Mar 2024 13:32:50 +1100
Subject: [PATCH] fix

---
 infrastructure/talos/hegira/talconfig.yaml             | 10 ++++++++++
 .../apps/kube-system/cilium/app/helmrelease.yaml       |  4 ++--
 kubernetes/hegira/apps/scripts/kustomization.yaml      |  2 +-
 kubernetes/hegira/apps/security/kustomization.yaml     |  4 ++--
 .../hegira/apps/system-controllers/kustomization.yaml  |  6 +++---
 5 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/infrastructure/talos/hegira/talconfig.yaml b/infrastructure/talos/hegira/talconfig.yaml
index 982652e7e7..add459cbe0 100644
--- a/infrastructure/talos/hegira/talconfig.yaml
+++ b/infrastructure/talos/hegira/talconfig.yaml
@@ -81,3 +81,13 @@ controlPlane:
         path: /cluster/proxy/extraArgs
         value:
           bind-address: 0.0.0.0
+    - |-
+      machine:
+        files:
+          - op: create
+            path: /etc/cri/conf.d/20-customization.part
+            content: |
+              [plugins]
+                [plugins."io.containerd.grpc.v1.cri"]
+                  enable_unprivileged_ports = true
+                  enable_unprivileged_icmp = true
diff --git a/kubernetes/hegira/apps/kube-system/cilium/app/helmrelease.yaml b/kubernetes/hegira/apps/kube-system/cilium/app/helmrelease.yaml
index 5617272483..adb0a0bfdb 100644
--- a/kubernetes/hegira/apps/kube-system/cilium/app/helmrelease.yaml
+++ b/kubernetes/hegira/apps/kube-system/cilium/app/helmrelease.yaml
@@ -38,8 +38,8 @@ spec:
       id: "${CLUSTER_ID}"
     rollOutCiliumPods: true
     localRedirectPolicy: true
-    kubeProxyReplacement: "strict"
-    kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256
+    # kubeProxyReplacement: "strict"
+    # kubeProxyReplacementHealthzBindAddr: 0.0.0.0:10256
     ipv4NativeRoutingCIDR: ${NETWORK_K8S_POD_CIDR}
     k8sServiceHost: "127.0.0.1"
     k8sServicePort: 7445
diff --git a/kubernetes/hegira/apps/scripts/kustomization.yaml b/kubernetes/hegira/apps/scripts/kustomization.yaml
index 56c23253d1..5116ef63be 100644
--- a/kubernetes/hegira/apps/scripts/kustomization.yaml
+++ b/kubernetes/hegira/apps/scripts/kustomization.yaml
@@ -6,5 +6,5 @@ resources:
   - ./namespace.yaml
   # Flux-Kustomizations
   - ./mailbackup/ks.yaml
-  - ./yt-dlp-jon-ong/ks.yaml
+  # - ./yt-dlp-jon-ong/ks.yaml
   # - ./volsync-to-b2/ks.yaml
diff --git a/kubernetes/hegira/apps/security/kustomization.yaml b/kubernetes/hegira/apps/security/kustomization.yaml
index 42a83e3e2b..4cebb5f00c 100644
--- a/kubernetes/hegira/apps/security/kustomization.yaml
+++ b/kubernetes/hegira/apps/security/kustomization.yaml
@@ -7,5 +7,5 @@ resources:
   # Flux-Kustomizations
   - ./authelia/ks.yaml
   - ./glauth/ks.yaml
-  - ./dmarc-report/ks.yaml
-  - ./lldap/ks.yaml
+  # - ./dmarc-report/ks.yaml
+  # - ./lldap/ks.yaml
diff --git a/kubernetes/hegira/apps/system-controllers/kustomization.yaml b/kubernetes/hegira/apps/system-controllers/kustomization.yaml
index ef1e34dcc9..3adc463d33 100644
--- a/kubernetes/hegira/apps/system-controllers/kustomization.yaml
+++ b/kubernetes/hegira/apps/system-controllers/kustomization.yaml
@@ -5,8 +5,8 @@ resources:
   # Pre Flux-Kustomizations
   - ./namespace.yaml
   # Flux-Kustomizations
-  - ./k8s-ycl/ks.yaml
-  - ./k8tz/ks.yaml
+  # - ./k8s-ycl/ks.yaml
+  # - ./k8tz/ks.yaml
   - ./kubelet-csr-approver/ks.yaml
   - ./snapshot-controller/ks.yaml
-  - ./kubernetes-replicator/ks.yaml
+  # - ./kubernetes-replicator/ks.yaml