From 822309b406b3e049a583878970b74b5d69ce61c7 Mon Sep 17 00:00:00 2001
From: Nick Fisher <nxf5025@gmail.com>
Date: Tue, 27 Oct 2020 12:02:05 -0400
Subject: [PATCH] Added loadBalancerSourceRanges for internal lbs

---
 .../ingress-nginx/templates/controller-service-internal.yaml   | 3 +++
 charts/ingress-nginx/values.yaml                               | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/charts/ingress-nginx/templates/controller-service-internal.yaml b/charts/ingress-nginx/templates/controller-service-internal.yaml
index 0bdae23dc..54888e965 100644
--- a/charts/ingress-nginx/templates/controller-service-internal.yaml
+++ b/charts/ingress-nginx/templates/controller-service-internal.yaml
@@ -15,6 +15,9 @@ metadata:
   name: {{ include "ingress-nginx.controller.fullname" . }}-internal
 spec:
   type: "{{ .Values.controller.service.type }}"
+{{- if .Values.controller.service.internal.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges: {{ toYaml .Values.controller.service.internal.loadBalancerSourceRanges | nindent 4 }}
+{{- end }}
 {{- if .Values.controller.service.internal.externalTrafficPolicy }}
   externalTrafficPolicy: {{ .Values.controller.service.internal.externalTrafficPolicy }}
 {{- end }}
diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml
index 94fe19ccf..c2eabc560 100644
--- a/charts/ingress-nginx/values.yaml
+++ b/charts/ingress-nginx/values.yaml
@@ -361,6 +361,9 @@ controller:
       enabled: false
       annotations: {}
 
+      ## Restrict access For LoadBalancer service. Defaults to 0.0.0.0/0.
+      loadBalancerSourceRanges: []
+
       ## Set external traffic policy to: "Local" to preserve source IP on
       ## providers supporting it
       ## Ref: https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typeloadbalancer