sync

2026-04-22 21:56:43 +02:00
parent acc9bb1a85
commit f1dd61cece
30 changed files with 104 additions and 86 deletions
--- a/infra/values/gke-prod/traefik-values.yaml
+++ b/infra/values/gke-prod/traefik-values.yaml
@@ -1,15 +1,12 @@
-# GCP GKE — External passthrough Network Load Balancer
+# GKE-specific: Google Cloud Load Balancer for Traefik (prod)
 service:
  annotations:
-    cloud.google.com/l4-rbs: "enabled"
+    cloud.google.com/neg: '{"ingress":true}'
+    networking.gke.io/load-balancer-type: External
 ports:
  web:
-    proxyProtocol:
-      trustedIPs: "10.0.0.0/8,35.191.0.0/16,130.211.0.0/22"   # <- subnet CIDR + GCP health checks
    forwardedHeaders:
-      trustedIPs: "10.0.0.0/8,35.191.0.0/16,130.211.0.0/22"
+      trustedIPs: "10.0.0.0/8"
  websecure:
-    proxyProtocol:
-      trustedIPs: "10.0.0.0/8,35.191.0.0/16,130.211.0.0/22"
    forwardedHeaders:
-      trustedIPs: "10.0.0.0/8,35.191.0.0/16,130.211.0.0/22"
+      trustedIPs: "10.0.0.0/8"