sync

infra/values/gke-dev/gitea-values.yaml

@@ -1,4 +1,4 @@
-# GCP Persistent Disk (SSD via CSI driver)
+# GKE-specific: SSD persistent disk storage class
 persistence:
   storageClass: premium-rwo
 postgresql:

infra/values/gke-dev/grafana-values.yaml

@@ -0,0 +1,4 @@
+# GKE-specific: Grafana hostname
+ingress:
+  hosts:
+  - grafana.forteapps.net

infra/values/gke-dev/keycloak-values.yaml

@@ -0,0 +1,3 @@
+# GKE-specific: Keycloak hostname
+ingress:
+  hostname: id.forteapps.net

infra/values/gke-dev/opencost-values.yaml

@@ -1,9 +1,10 @@
-# GCP native pricing via Cloud Billing API
+# GKE-specific: GCP pricing via BigQuery billing export
 opencost:
   exporter:
+    cloudProviderApiKey: ""
     customPricing:
-      enabled: true
-      provider: gcp
-    gcp:
-      projectID: ""               # <- populate with your GCP project ID
-      key: ""                     # <- or use Workload Identity
+      enabled: false
+    google:
+      key: ""
+      project_id: ""
+      billing_account: ""

infra/values/gke-dev/traefik-values.yaml

@@ -1,15 +1,12 @@
-# GCP GKE — External passthrough Network Load Balancer
+# GKE-specific: Google Cloud Load Balancer for Traefik
 service:
   annotations:
-    cloud.google.com/l4-rbs: "enabled"
+    cloud.google.com/neg: '{"ingress":true}'
+    networking.gke.io/load-balancer-type: External
 ports:
   web:
-    proxyProtocol:
-      trustedIPs: "10.0.0.0/8,35.191.0.0/16,130.211.0.0/22"   # <- subnet CIDR + GCP health checks
     forwardedHeaders:
-      trustedIPs: "10.0.0.0/8,35.191.0.0/16,130.211.0.0/22"
+      trustedIPs: "10.0.0.0/8"
   websecure:
-    proxyProtocol:
-      trustedIPs: "10.0.0.0/8,35.191.0.0/16,130.211.0.0/22"
     forwardedHeaders:
-      trustedIPs: "10.0.0.0/8,35.191.0.0/16,130.211.0.0/22"
+      trustedIPs: "10.0.0.0/8"