sync

infra/values/eks-dev/gitea-values.yaml

@@ -1,4 +1,4 @@
-# AWS EBS gp3 storage class (requires EBS CSI driver)
+# EKS-specific: gp3 storage class
 persistence:
   storageClass: gp3
 postgresql:

infra/values/eks-dev/grafana-values.yaml

@@ -0,0 +1,4 @@
+# EKS-specific: Grafana hostname
+ingress:
+  hosts:
+  - grafana.forteapps.net

infra/values/eks-dev/keycloak-values.yaml

@@ -0,0 +1,3 @@
+# EKS-specific: Keycloak hostname
+ingress:
+  hostname: id.forteapps.net

infra/values/eks-dev/opencost-values.yaml

@@ -1,12 +1,10 @@
-# AWS native pricing via Cost and Usage Reports
+# EKS-specific: AWS pricing via Cost and Usage Report
 opencost:
   exporter:
+    cloudProviderApiKey: ""
     customPricing:
-      enabled: true
-      provider: aws
+      enabled: false
     aws:
-      service_key_name: ""      # <- populate or use IRSA
-      service_key_secret: ""
       spot_data_region: ""
       spot_data_bucket: ""
       spot_data_prefix: ""

infra/values/eks-dev/traefik-values.yaml

@@ -1,14 +1,13 @@
-# AWS EKS — NLB with Proxy Protocol v2 for real client IPs
+# EKS-specific: AWS NLB for Traefik
 service:
   annotations:
-    service.beta.kubernetes.io/aws-load-balancer-type: "external"
-    service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: "ip"
-    service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing"
+    service.beta.kubernetes.io/aws-load-balancer-type: nlb
+    service.beta.kubernetes.io/aws-load-balancer-scheme: internet-facing
     service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*"
 ports:
   web:
     proxyProtocol:
-      trustedIPs: "10.0.0.0/8"       # <- adjust to your VPC CIDR
+      trustedIPs: "10.0.0.0/8"
     forwardedHeaders:
       trustedIPs: "10.0.0.0/8"
   websecure: