diff --git a/k3s_cluster_v2/agents.tf b/k3s_cluster_v2/agents.tf
index 3454774..a3ad4d2 100644
--- a/k3s_cluster_v2/agents.tf
+++ b/k3s_cluster_v2/agents.tf
@@ -20,3 +20,11 @@ resource "hcloud_server_network" "agents_network" {
   subnet_id = hcloud_network_subnet.k3s_nodes.id
   ip        = cidrhost(hcloud_network_subnet.k3s_nodes.ip_range, 1 + var.control_count + count.index)
 }
+
+resource "hcloud_load_balancer_target" "ingress" {
+  count            = var.compute_count
+  type             = "server"
+  load_balancer_id = hcloud_load_balancer.k3s.id
+  server_id        = hcloud_server.agents[count.index].id
+  use_private_ip   = true
+}
diff --git a/k3s_cluster_v2/flux.tf b/k3s_cluster_v2/flux.tf
index 0afb87b..f0b556c 100644
--- a/k3s_cluster_v2/flux.tf
+++ b/k3s_cluster_v2/flux.tf
@@ -92,6 +92,18 @@ resource "kubernetes_secret" "main" {
   }
 }
 
+resource "kubernetes_secret" "github_notifications" {
+  metadata {
+    name      = "github"
+    namespace = data.flux_sync.main.namespace
+  }
+
+  data = {
+    token = var.github_token_flux_notifications
+  }
+}
+
+
 # GitHub
 resource "github_repository" "main" {
   name       = var.repository_name
diff --git a/k3s_cluster_v2/k3s.tf b/k3s_cluster_v2/k3s.tf
index 57f6f45..053450d 100644
--- a/k3s_cluster_v2/k3s.tf
+++ b/k3s_cluster_v2/k3s.tf
@@ -25,7 +25,12 @@ module "k3s" {
 
         agent = true
       }
-      flags       = ["--disable-cloud-controller", "--tls-san ${var.domain}"]
+      flags = [
+        "--disable-cloud-controller",
+        "--tls-san ${var.domain}",
+        # We need to modify the helm release to work with one loadbalancer for api+ingress
+        "--disable traefik"
+      ]
       annotations = { "server_id" : i } // theses annotations will not be managed by this module
     }
   }
diff --git a/k3s_cluster_v2/main.tf b/k3s_cluster_v2/main.tf
index 86579ef..7b1efd5 100755
--- a/k3s_cluster_v2/main.tf
+++ b/k3s_cluster_v2/main.tf
@@ -44,3 +44,19 @@ resource "hcloud_rdns" "k3s" {
   ip_address       = hcloud_load_balancer.k3s.ipv4
   dns_ptr          = var.domain
 }
+
+### LB Ingress
+
+resource "hcloud_load_balancer_service" "ingress_https" {
+  load_balancer_id = hcloud_load_balancer.k3s.id
+  protocol         = "tcp"
+  listen_port      = 443
+  destination_port = 32443
+}
+
+resource "hcloud_load_balancer_service" "ingress_http" {
+  load_balancer_id = hcloud_load_balancer.k3s.id
+  protocol         = "tcp"
+  listen_port      = 80
+  destination_port = 32080
+}
diff --git a/k3s_cluster_v2/server.tf b/k3s_cluster_v2/server.tf
index 9c94ba2..67c958c 100644
--- a/k3s_cluster_v2/server.tf
+++ b/k3s_cluster_v2/server.tf
@@ -35,4 +35,5 @@ resource "hcloud_load_balancer_target" "api" {
   type             = "server"
   load_balancer_id = hcloud_load_balancer.k3s.id
   server_id        = hcloud_server.control_planes[count.index].id
+  use_private_ip   = true
 }
diff --git a/k3s_cluster_v2/variables.tf b/k3s_cluster_v2/variables.tf
index 33841c8..a88ac83 100644
--- a/k3s_cluster_v2/variables.tf
+++ b/k3s_cluster_v2/variables.tf
@@ -67,6 +67,11 @@ variable "github_token" {
   sensitive = true
 }
 
+variable "github_token_flux_notifications" {
+  type      = string
+  sensitive = true
+}
+
 variable "repository_name" {
   type = string
 }
diff --git a/main.tf b/main.tf
index dab589f..ea2c315 100644
--- a/main.tf
+++ b/main.tf
@@ -39,13 +39,14 @@ module "k3s_cluster_v2" {
   hcloud_ccm_token    = var.hcloud_ccm_token
 
   ## Flux
-  github_owner          = "apricote"
-  github_token          = var.github_token
-  repository_name       = "home-cloud-flux-v2"
-  branch                = "main"
-  repository_visibility = "private"
-  target_path           = ""
-  flux_version          = "v0.24.0"
+  github_owner                    = "apricote"
+  github_token                    = var.github_token
+  github_token_flux_notifications = var.github_token_flux_notifications
+  repository_name                 = "home-cloud-flux-v2"
+  branch                          = "main"
+  repository_visibility           = "private"
+  target_path                     = ""
+  flux_version                    = "v0.24.0"
 
 
 
diff --git a/variables.tf b/variables.tf
index 826f421..bef47ce 100644
--- a/variables.tf
+++ b/variables.tf
@@ -9,6 +9,13 @@ variable "hcloud_ccm_token" {
 }
 
 variable "github_token" {
-  type      = string
-  sensitive = true
+  description = "Github Personal Access Token that is used by Terraform"
+  type        = string
+  sensitive   = true
+}
+
+variable "github_token_flux_notifications" {
+  description = "GH PAT used by flux for notifications"
+  type        = string
+  sensitive   = true
 }