chore: enhance server and NAT gateway configurations in Helm chart with updated user data and network settings

Michael Lechner · Michael Lechner · commit ee1db67da214 · 2025-12-10T13:24:02.000+01:00
diff --git a/examples-chart/templates/server.yaml b/examples-chart/templates/server.yaml
@@ -14,64 +14,34 @@ spec:
           matchLabels:
             cloudscale.crossplane.io/subnet: {{ .Values.subnet.name }}
       type: private
-    - type: public
     name: {{ .Values.server.name }}
     sshKeys: {{ .Values.server.sshKeys }}
     zoneSlug: {{ .Values.server.zoneSlug }}
     userData: |
 {{- .Values.server.userData | nindent 6 }}
 
-# apiVersion: cloudscale.crossplane.io/v1alpha1
-# kind: Server
-# metadata:
-#   labels:
-#     cloudscale.crossplane.io/server: nat-gateway
-#   name: nat-gateway
-# spec:
-#   forProvider:
-#     flavorSlug: flex-4-2
-#     imageSlug: ubuntu-24.04
-#     interfaces:
-#     - type: public
-#     - addresses:
-#       - subnetUuidSelector:
-#           matchLabels:
-#             cloudscale.crossplane.io/subnet: {{ .Values.subnet.name }}
-#       type: private
-#     name: nat-gateway
-#     sshKeys: {{ .Values.server.sshKeys }}
-#     zoneSlug: {{ .Values.server.zoneSlug }}
-#     userData: |
-#       #cloud-config
-#       write_files:
-#         - path: /etc/sysctl.d/99-ip-forward.conf
-#             content: |
-#             net.ipv4.ip_forward = 1
-#             owner: root:root
-#             mode: '0644'
-        
-#         - path: /etc/iptables/rules.v4
-#             content: |
-#             *nat
-#             :PREROUTING ACCEPT [0:0]
-#             :INPUT ACCEPT [0:0]
-#             :OUTPUT ACCEPT [0:0]
-#             :POSTROUTING ACCEPT [0:0]
-#             -A POSTROUTING -o ens3 -j MASQUERADE
-#             COMMIT
-            
-#             *filter
-#             :INPUT ACCEPT [0:0]
-#             :FORWARD ACCEPT [0:0]
-#             :OUTPUT ACCEPT [0:0]
-#             -A FORWARD -o ens3 -i ens4 -s {{ .Values.subnet.cidr }} -m conntrack --ctstate NEW -j ACCEPT
-#             -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-#             COMMIT
-#             owner: root:root
-#             mode: '0644'
+---
 
-#         runcmd:
-#         - sysctl --system
-#         - iptables-restore < /etc/iptables/rules.v4
-#         - systemctl enable netfilter-persistent
-#         - systemctl start netfilter-persistent
+apiVersion: cloudscale.crossplane.io/v1alpha1
+kind: Server
+metadata:
+  labels:
+    cloudscale.crossplane.io/server: nat-gateway
+  name: nat-gateway
+spec:
+  forProvider:
+    flavorSlug: {{ .Values.natGateway.flavorSlug }}
+    imageSlug: {{ .Values.natGateway.imageSlug }}
+    interfaces:
+    - type: public
+    - addresses:
+      - address: {{ .Values.natGateway.address }}
+        subnetUuidSelector:
+          matchLabels:
+            cloudscale.crossplane.io/subnet: {{ .Values.subnet.name }}
+      type: private
+    name: nat-gateway
+    sshKeys: {{ .Values.natGateway.sshKeys }}
+    zoneSlug: {{ .Values.natGateway.zoneSlug }}
+    userData: |
+{{- .Values.natGateway.userData | nindent 6 }}
diff --git a/examples-chart/values.yaml b/examples-chart/values.yaml
@@ -7,7 +7,20 @@ server:
   zoneSlug: lpg1
   userData: |
     #cloud-config
+    write_files:
+        - path: /etc/netplan/01-netcfg.yaml
+          content: |
+            network:
+              version: 2
+              ethernets:
+                ens3:
+                  dhcp4: true
+                  routes:
+                    - to: 0.0.0.0/0
+                      via: 10.11.12.1
+                      metric: 1
     runcmd:
+    - netplan apply
     - apt-get update
     - apt-get install -y nginx
     - systemctl start nginx
@@ -33,4 +46,47 @@ loadbalancer:
   listener:
     name: web-loadbalancer-listener
     protocol: tcp
-    protocolPort: 80
+    protocolPort: 80
+
+natGateway:
+  name: nat-gateway
+  flavorSlug: flex-4-2
+  imageSlug: ubuntu-24.04
+  address: 10.11.12.1
+  sshKeys:
+  - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOf/JADcF3j0vZH1gXT+But9nNkVt5tN9LAaJe6Cn6sm
+  zoneSlug: lpg1
+  userData: |
+    #cloud-config
+    write_files:
+    - path: /etc/sysctl.d/99-ip-forward.conf
+      content: |
+        net.ipv4.ip_forward = 1
+        owner: root:root
+        mode: '0644'
+    
+    - path: /etc/iptables/rules.v4
+      content: |
+        *nat
+        :PREROUTING ACCEPT [0:0]
+        :INPUT ACCEPT [0:0]
+        :OUTPUT ACCEPT [0:0]
+        :POSTROUTING ACCEPT [0:0]
+        -A POSTROUTING -o ens3 -j MASQUERADE
+        COMMIT
+        
+        *filter
+        :INPUT ACCEPT [0:0]
+        :FORWARD ACCEPT [0:0]
+        :OUTPUT ACCEPT [0:0]
+        -A FORWARD -o ens3 -i ens4 -s {{ .Values.subnet.cidr }} -m conntrack --ctstate NEW -j ACCEPT
+        -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
+        COMMIT
+        owner: root:root
+        mode: '0644'
+
+    runcmd:
+    - sysctl --system
+    - iptables-restore < /etc/iptables/rules.v4
+    - systemctl enable netfilter-persistent
+    - systemctl start netfilter-persistent
