From d975e7a6de8cf45cc714bdbe48badc099c9477b2 Mon Sep 17 00:00:00 2001
From: JJGadgets <git@jjgadgets.tech>
Date: Wed, 30 Jul 2025 13:11:34 +0800
Subject: [PATCH] fix(cilium): revert to KubePrism

panic segfault with apiServerURLs
---
 .../cilium/app/config/biohazard/helm-values.yaml          | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/kube/deploy/core/_networking/cilium/app/config/biohazard/helm-values.yaml b/kube/deploy/core/_networking/cilium/app/config/biohazard/helm-values.yaml
index a37254cf..3e7902b8 100644
--- a/kube/deploy/core/_networking/cilium/app/config/biohazard/helm-values.yaml
+++ b/kube/deploy/core/_networking/cilium/app/config/biohazard/helm-values.yaml
@@ -32,10 +32,10 @@ ipam:
   mode: kubernetes
 kubeProxyReplacement: true
 ### Talos 1.5 and above come with KubePrism which is an internal TCP load balancer for kube-apiserver. DO NOT COPY IF NOT ON TALOS OR A KUBEPRISM-SUPPORTED KUBERNETES DISTRIBUTION!!!
-# k8sServiceHost: "127.0.0.1"
-# k8sServicePort: "7445"
-k8s:
-  apiServerURLs: "https://${IP_ROUTER_VLAN_K8S_PREFIX}1:6443 https://${IP_ROUTER_VLAN_K8S_PREFIX}2:6443 https://${IP_ROUTER_VLAN_K8S_PREFIX}3:6443"
+k8sServiceHost: "127.0.0.1"
+k8sServicePort: "7445"
+# k8s:
+#   apiServerURLs: "https://${IP_ROUTER_VLAN_K8S_PREFIX}1:6443 https://${IP_ROUTER_VLAN_K8S_PREFIX}2:6443 https://${IP_ROUTER_VLAN_K8S_PREFIX}3:6443"
 kubeProxyReplacementHealthzBindAddr: "0.0.0.0:10256"
 enableIPv4Masquerade: false # BGP advertise PodCIDR so only FortiGate does NAT
 directRoutingSkipUnreachable: true # use local L2 within cluster while outside cluster uses BGP