From ed706aeb5f89ede5eea7603dbc1a6d2a0a33e544 Mon Sep 17 00:00:00 2001
From: V <vlad@dev.local>
Date: Sat, 29 Nov 2025 15:34:15 +0000
Subject: [PATCH] added metallb under fluxmgmt

---
 components/networking/configs/base/.sops.yaml |  5 ++
 ...annel.yaml => kustomization-metal-lb.yaml} |  6 ++-
 .../configs/base/metal-lb-ip-pool.yaml        | 47 +++++++++++++++++++
 .../configs/dev-amd64/kustomization.yaml      |  3 +-
 .../configs/dev-arm64/kustomization.yaml      |  3 +-
 .../base/kustomization-cilium.yaml            |  5 ++
 ...annel.yaml => kustomization-metal-lb.yaml} |  6 ++-
 .../controllers/dev-arm64/kustomization.yaml  |  3 +-
 8 files changed, 70 insertions(+), 8 deletions(-)
 create mode 100644 components/networking/configs/base/.sops.yaml
 rename components/networking/configs/base/{kustomization-flannel.yaml => kustomization-metal-lb.yaml} (53%)
 create mode 100644 components/networking/configs/base/metal-lb-ip-pool.yaml
 rename components/networking/controllers/base/{kustomization-flannel.yaml => kustomization-metal-lb.yaml} (53%)

diff --git a/components/networking/configs/base/.sops.yaml b/components/networking/configs/base/.sops.yaml
new file mode 100644
index 0000000..664e7c9
--- /dev/null
+++ b/components/networking/configs/base/.sops.yaml
@@ -0,0 +1,5 @@
+creation_rules:
+  - path_regex: metal-lb-ip-pool.yaml$
+    encrypted_regex: "^(spec)$"
+    age: 
+      - age1u0mt3kmhsr9tz2jaw8n0ztu7s9hnlffkd2acxf85cvk6tysj4gsqqulfdq
diff --git a/components/networking/configs/base/kustomization-flannel.yaml b/components/networking/configs/base/kustomization-metal-lb.yaml
similarity index 53%
rename from components/networking/configs/base/kustomization-flannel.yaml
rename to components/networking/configs/base/kustomization-metal-lb.yaml
index 37a07e2..24ff8e7 100644
--- a/components/networking/configs/base/kustomization-flannel.yaml
+++ b/components/networking/configs/base/kustomization-metal-lb.yaml
@@ -1,4 +1,6 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-namespace: security
-resources: []
\ No newline at end of file
+namespace: metallb-system
+resources:
+  - metal-lb.yaml
+
diff --git a/components/networking/configs/base/metal-lb-ip-pool.yaml b/components/networking/configs/base/metal-lb-ip-pool.yaml
new file mode 100644
index 0000000..4298f39
--- /dev/null
+++ b/components/networking/configs/base/metal-lb-ip-pool.yaml
@@ -0,0 +1,47 @@
+apiVersion: metallb.io/v1beta1
+kind: IPAddressPool
+metadata:
+    name: 1st-pool
+    namespace: metallb-system
+spec:
+    addresses:
+        - ENC[AES256_GCM,data:tP4f/TFwbAcdAr2Gb+S4oKXvwKPJOYwIy5ve,iv:ouTd5THMWaVBkQJtNK7zRUupZu0jeQ66qblE9YRXnuU=,tag:xG7f0R0RPzYh04p18m+/FQ==,type:str]
+sops:
+    age:
+        - recipient: age1u0mt3kmhsr9tz2jaw8n0ztu7s9hnlffkd2acxf85cvk6tysj4gsqqulfdq
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBdDZzb3NRSlJPUW92dnZE
+            emUrUE1LYklYSUpGYVcycUZUaHZaKzNJRm1ZCkFLVjFtVmNFRVphTUFuYmVBWEth
+            U01YZ0laZmF5WHFiOXN1WlB5YmYyVGsKLS0tIEZNd2dmZTZ3a2NXS3haTnk0NlpS
+            N3lVSC9oKzN0eU9Fa0NDMTY2QTl2ckUKTFKY8eIXReEM+L/sE8Y+T7/vZQkaP2Rn
+            c8AAbozJRwuWNQ7yJu1Kva9mj8TNaHi+HrPTYnHAoSOQakoOVO7j6g==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-11-29T15:32:48Z"
+    mac: ENC[AES256_GCM,data:1L/aBWL8/lY4DpCBihvpw2Gb8mtMNvSCQKeH99yEVWtDcijtXeTcTOXQWNjclyNrM6ChceWJKdFoGTPR2RiSk4zthcqqUPMzypRGXKY/F82zFahaINrRzdAVx6il0GuPBeOhxdbIub0+gWFnHJCosBh4q+n/6/C8c7ekWP7b3CI=,iv:slTOpas98PPMR5PRyeLTh5PoAA7OAArVtTYQg0Rduj8=,tag:9ixYDvqfoMi9gPHOorgH5g==,type:str]
+    encrypted_regex: ^(spec)$
+    version: 3.11.0
+---
+apiVersion: metallb.io/v1beta1
+kind: L2Advertisement
+metadata:
+    name: 1st-l2-adv
+    namespace: metallb-system
+spec:
+    ipAddressPools:
+        - ENC[AES256_GCM,data:e2KiGNLv2BY=,iv:kd6NWV8M3yuV8+NALCH6AQLBswxiigklY+SsRlL3m0A=,tag:eM9KMcehxPo7j7cdIUSmsA==,type:str]
+sops:
+    age:
+        - recipient: age1u0mt3kmhsr9tz2jaw8n0ztu7s9hnlffkd2acxf85cvk6tysj4gsqqulfdq
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBBdDZzb3NRSlJPUW92dnZE
+            emUrUE1LYklYSUpGYVcycUZUaHZaKzNJRm1ZCkFLVjFtVmNFRVphTUFuYmVBWEth
+            U01YZ0laZmF5WHFiOXN1WlB5YmYyVGsKLS0tIEZNd2dmZTZ3a2NXS3haTnk0NlpS
+            N3lVSC9oKzN0eU9Fa0NDMTY2QTl2ckUKTFKY8eIXReEM+L/sE8Y+T7/vZQkaP2Rn
+            c8AAbozJRwuWNQ7yJu1Kva9mj8TNaHi+HrPTYnHAoSOQakoOVO7j6g==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-11-29T15:32:48Z"
+    mac: ENC[AES256_GCM,data:1L/aBWL8/lY4DpCBihvpw2Gb8mtMNvSCQKeH99yEVWtDcijtXeTcTOXQWNjclyNrM6ChceWJKdFoGTPR2RiSk4zthcqqUPMzypRGXKY/F82zFahaINrRzdAVx6il0GuPBeOhxdbIub0+gWFnHJCosBh4q+n/6/C8c7ekWP7b3CI=,iv:slTOpas98PPMR5PRyeLTh5PoAA7OAArVtTYQg0Rduj8=,tag:9ixYDvqfoMi9gPHOorgH5g==,type:str]
+    encrypted_regex: ^(spec)$
+    version: 3.11.0
diff --git a/components/networking/configs/dev-amd64/kustomization.yaml b/components/networking/configs/dev-amd64/kustomization.yaml
index 82e7d71..419dcad 100644
--- a/components/networking/configs/dev-amd64/kustomization.yaml
+++ b/components/networking/configs/dev-amd64/kustomization.yaml
@@ -1,4 +1,3 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-resources:
-  - ../base
\ No newline at end of file
+resources: []
\ No newline at end of file
diff --git a/components/networking/configs/dev-arm64/kustomization.yaml b/components/networking/configs/dev-arm64/kustomization.yaml
index b83b23e..aefb2d3 100644
--- a/components/networking/configs/dev-arm64/kustomization.yaml
+++ b/components/networking/configs/dev-arm64/kustomization.yaml
@@ -1,3 +1,4 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-resources: []
+resources: 
+  - ../base/base/metal-lb-ip-pool.yaml
\ No newline at end of file
diff --git a/components/networking/controllers/base/kustomization-cilium.yaml b/components/networking/controllers/base/kustomization-cilium.yaml
index e69de29..cd116c9 100644
--- a/components/networking/controllers/base/kustomization-cilium.yaml
+++ b/components/networking/controllers/base/kustomization-cilium.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: kube-system
+resources: []
+
diff --git a/components/networking/controllers/base/kustomization-flannel.yaml b/components/networking/controllers/base/kustomization-metal-lb.yaml
similarity index 53%
rename from components/networking/controllers/base/kustomization-flannel.yaml
rename to components/networking/controllers/base/kustomization-metal-lb.yaml
index 37a07e2..24ff8e7 100644
--- a/components/networking/controllers/base/kustomization-flannel.yaml
+++ b/components/networking/controllers/base/kustomization-metal-lb.yaml
@@ -1,4 +1,6 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-namespace: security
-resources: []
\ No newline at end of file
+namespace: metallb-system
+resources:
+  - metal-lb.yaml
+
diff --git a/components/networking/controllers/dev-arm64/kustomization.yaml b/components/networking/controllers/dev-arm64/kustomization.yaml
index b83b23e..0aae2ec 100644
--- a/components/networking/controllers/dev-arm64/kustomization.yaml
+++ b/components/networking/controllers/dev-arm64/kustomization.yaml
@@ -1,3 +1,4 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-resources: []
+resources: 
+  - ../base/kustomization-metal-lb.yaml