--- charts-original/values.yaml
+++ charts/values.yaml
@@ -1,11 +1,23 @@
 imagePullSecrets: {}
 
 installation:
+  controlPlaneTolerations:
+  - key: "node-role.kubernetes.io/control-plane"
+    operator: "Exists"
+    effect: "NoSchedule"
+  - key: "node-role.kubernetes.io/etcd"
+    operator: "Exists"
+    effect: "NoExecute"
   enabled: true
   kubernetesProvider: ""
+  calicoNetwork:
+    bgp: Disabled
+  imagePath: "rancher"
+  imagePrefix: "mirrored-calico-"
+  flexVolumePath: "/var/lib/kubelet/volumeplugins/"
 
 apiServer:
-  enabled: true
+  enabled: false
 
 certs:
   node:
@@ -40,9 +52,32 @@
 
 # Image and registry configuration for the tigera/operator pod.
 tigeraOperator:
-  image: tigera/operator
+  image: rancher/mirrored-calico-operator
   version: v1.28.1
-  registry: quay.io
+  registry: docker.io
 calicoctl:
-  image: docker.io/calico/ctl
+  image: rancher/mirrored-calico-ctl
   tag: v3.24.1
+
+global:
+  systemDefaultRegistry: ""
+  clusterCIDRv4: ""
+  clusterCIDRv6: ""
+
+# Config required by Windows nodes
+ipamConfig:
+  strictAffinity: true
+  autoAllocateBlocks: true
+
+felixConfiguration:
+  wireguardEnabled: false
+  # Config required to fix RKE2 issue #1541
+  featureDetectOverride: "ChecksumOffloadBroken=true"
+  healthPort: 9099
+  defaultEndpointToHostAction: Drop
+  failsafeInboundHostPorts: ""
+  failsafeOutboundHostPorts: ""
+  iptablesRefreshInterval: 90s
+  iptablesBackend: auto
+  logSeveritySys: Info
+  xdpEnabled: true