From cdea8999c1f68cac18961c1fd4537b99eafeb677 Mon Sep 17 00:00:00 2001
From: gitea-bot <gitea-bot@alexlebens.net>
Date: Thu, 5 Feb 2026 18:27:01 +0000
Subject: [PATCH] Automated Manifest Update (#3732)

This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow.

Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/3732
Co-authored-by: gitea-bot <gitea-bot@alexlebens.net>
Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
---
 ...ouncementPolicy-node-gateway-l2-policy.yaml | 18 ++++++++++++++++++
 .../cilium/ConfigMap-cilium-config.yaml        |  1 +
 .../manifests/cilium/DaemonSet-cilium.yaml     |  2 +-
 .../cilium/Deployment-cilium-operator.yaml     |  2 +-
 .../cilium/Gateway-cilium-tls-gateway.yaml     |  1 +
 5 files changed, 22 insertions(+), 2 deletions(-)
 create mode 100644 clusters/cl01tl/manifests/cilium/CiliumL2AnnouncementPolicy-node-gateway-l2-policy.yaml

diff --git a/clusters/cl01tl/manifests/cilium/CiliumL2AnnouncementPolicy-node-gateway-l2-policy.yaml b/clusters/cl01tl/manifests/cilium/CiliumL2AnnouncementPolicy-node-gateway-l2-policy.yaml
new file mode 100644
index 000000000..2081ea1a1
--- /dev/null
+++ b/clusters/cl01tl/manifests/cilium/CiliumL2AnnouncementPolicy-node-gateway-l2-policy.yaml
@@ -0,0 +1,18 @@
+apiVersion: "cilium.io/v2alpha1"
+kind: CiliumL2AnnouncementPolicy
+metadata:
+  name: node-gateway-l2-policy
+  namespace: kube-system
+  labels:
+    app.kubernetes.io/name: node-gateway-l2-policy
+    app.kubernetes.io/instance: cilium
+    app.kubernetes.io/part-of: cilium
+spec:
+  nodeSelector:
+    matchLabels:
+      kubernetes.io/hostname: talos-ix7-xku
+  interfaces:
+    - end0
+    - enp6s0
+  externalIPs: true
+  loadBalancerIPs: true
diff --git a/clusters/cl01tl/manifests/cilium/ConfigMap-cilium-config.yaml b/clusters/cl01tl/manifests/cilium/ConfigMap-cilium-config.yaml
index f7c7addd0..3b02f37e3 100644
--- a/clusters/cl01tl/manifests/cilium/ConfigMap-cilium-config.yaml
+++ b/clusters/cl01tl/manifests/cilium/ConfigMap-cilium-config.yaml
@@ -39,6 +39,7 @@ data:
   monitor-aggregation-interval: "5s"
   monitor-aggregation-flags: all
   bpf-map-dynamic-size-ratio: "0.0025"
+  enable-host-legacy-routing: "true"
   bpf-policy-map-max: "16384"
   bpf-policy-stats-map-max: "65536"
   bpf-lb-map-max: "65536"
diff --git a/clusters/cl01tl/manifests/cilium/DaemonSet-cilium.yaml b/clusters/cl01tl/manifests/cilium/DaemonSet-cilium.yaml
index 22bd86c51..7946434a0 100644
--- a/clusters/cl01tl/manifests/cilium/DaemonSet-cilium.yaml
+++ b/clusters/cl01tl/manifests/cilium/DaemonSet-cilium.yaml
@@ -18,7 +18,7 @@ spec:
   template:
     metadata:
       annotations:
-        cilium.io/cilium-configmap-checksum: "9353df2d60b1fc5f552e5a2b44bb26b18afa3934939b033438f85fb57e1a0b50"
+        cilium.io/cilium-configmap-checksum: "4eee6b83c252f1939319a9a6b7c1f70e207fbd0285735985db7b2470bcfdd91c"
         kubectl.kubernetes.io/default-container: cilium-agent
       labels:
         k8s-app: cilium
diff --git a/clusters/cl01tl/manifests/cilium/Deployment-cilium-operator.yaml b/clusters/cl01tl/manifests/cilium/Deployment-cilium-operator.yaml
index 019c852e3..3eb5cb0c7 100644
--- a/clusters/cl01tl/manifests/cilium/Deployment-cilium-operator.yaml
+++ b/clusters/cl01tl/manifests/cilium/Deployment-cilium-operator.yaml
@@ -22,7 +22,7 @@ spec:
   template:
     metadata:
       annotations:
-        cilium.io/cilium-configmap-checksum: "9353df2d60b1fc5f552e5a2b44bb26b18afa3934939b033438f85fb57e1a0b50"
+        cilium.io/cilium-configmap-checksum: "4eee6b83c252f1939319a9a6b7c1f70e207fbd0285735985db7b2470bcfdd91c"
       labels:
         io.cilium/app: operator
         name: cilium-operator
diff --git a/clusters/cl01tl/manifests/cilium/Gateway-cilium-tls-gateway.yaml b/clusters/cl01tl/manifests/cilium/Gateway-cilium-tls-gateway.yaml
index 99f5071fb..6e03d0b48 100644
--- a/clusters/cl01tl/manifests/cilium/Gateway-cilium-tls-gateway.yaml
+++ b/clusters/cl01tl/manifests/cilium/Gateway-cilium-tls-gateway.yaml
@@ -9,6 +9,7 @@ metadata:
     app.kubernetes.io/part-of: cilium
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-issuer
+    io.cilium/lb-ipam-ips: "10.232.1.23"
 spec:
   addresses:
     - type: IPAddress