Viktor Barzin e9046e5a26 traefik+pfsense: real IPv6 client IPs via HAProxy PROXY-v2 bridge ... Replace the pfSense socat IPv6 forwarder (which masked every IPv6 client as 10.0.20.1) with a standalone HAProxy bridge using send-proxy-v2, so real IPv6 client IPs reach Traefik/CrowdSec. Traefik now trusts PROXY-v2 only from 10.0.20.1 on the web/websecure entrypoints; real IPv4 clients (ETP=Local, own source IP) are unaffected. Mail-over-IPv6 routed through the mail NodePorts (send-proxy-v2) too. Bridge is TCP/h2 only (no QUIC over IPv6). Persistence on pfSense: rc.d/ipv6proxy + ipv6_proxy.sh (config.xml shellcmd), keeping the nginx-off-[::] patch. Also fixes stale networking.md: Traefik was still documented on the shared .200; it moved to dedicated .203/ETP=Local on 2026-05-30. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>		2026-05-30 09:51:23 +00:00
..
agents	k8s-version-upgrade: decompose into Job chain to fix self-preemption	2026-05-11 23:54:22 +00:00
commands	[ci skip] update kubectl skill to use local kubeconfig	2026-02-07 13:42:35 +00:00
reference	paperless-mcp: deploy MCP for AI document search	2026-05-17 11:14:35 +00:00
scripts	rename weekly-backup → daily-backup across scripts, timers, services, and docs [ci skip]	2026-04-13 18:37:04 +00:00
skills	cluster-health skill: document tightened #43 thermal threshold (65 C)	2026-05-22 14:09:12 +00:00
calendar-query.py	sync regenerated providers.tf + upstream changes	2026-03-22 02:56:04 +02:00
CLAUDE.md	traefik+pfsense: real IPv6 client IPs via HAProxy PROXY-v2 bridge	2026-05-30 09:51:23 +00:00
home-assistant-sofia.py	[ci skip] Add ha-sofia Home Assistant deployment to skills	2026-02-07 21:26:05 +00:00
home-assistant.py	add claude [ci skip]	2026-02-06 20:10:02 +00:00
internet-mode-used_DO_NOT_REMOVE_MANUALLY_SECURITY_RISK	add claude [ci skip]	2026-02-06 20:10:02 +00:00
pfsense.py	[ci skip] Add pfSense firewall management skill	2026-02-14 12:42:10 +00:00
settings.json	add claude files [ci skip]	2026-01-18 15:40:43 +00:00