From 8c27f2b0e2a1c04c34456d55f0a768b4173e7ad6 Mon Sep 17 00:00:00 2001
From: Steven Polley <himself@stevenpolley.net>
Date: Sat, 23 Dec 2023 10:03:25 -0700
Subject: [PATCH] Set externalTrafficPolicy: Local for nginx service to
 preserve source IP - required for IP allowlisting

---
 04-ingress-controller-nginx/values.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/04-ingress-controller-nginx/values.yaml b/04-ingress-controller-nginx/values.yaml
index 87c3d67..1899463 100644
--- a/04-ingress-controller-nginx/values.yaml
+++ b/04-ingress-controller-nginx/values.yaml
@@ -3,10 +3,12 @@
 
 controller:
   service:
+    # -- Provisioned manually on external hardware load balancer
     externalIPs: 
     - "10.69.69.51"
     nodePorts:
       # -- Node port allocated for the external HTTP listener. If left empty, the service controller allocates one from the configured node port range.
       http: "31451"
       # -- Node port allocated for the external HTTPS listener. If left empty, the service controller allocates one from the configured node port range.
-      https: "31207"
\ No newline at end of file
+      https: "31207"
+    externalTrafficPolicy: Local
\ No newline at end of file