From 01c86af77fb1461339bc860b2c3575b57681963c Mon Sep 17 00:00:00 2001
From: David <david.andersson@elastisys.com>
Date: Sat, 23 Mar 2024 00:08:59 +0100
Subject: [PATCH] Make proxy protocol in upcloud LB configurable (#10971)

---
 contrib/terraform/upcloud/cluster-settings.tfvars          | 5 +++--
 contrib/terraform/upcloud/main.tf                          | 7 ++++---
 .../terraform/upcloud/modules/kubernetes-cluster/main.tf   | 3 +++
 .../upcloud/modules/kubernetes-cluster/variables.tf        | 4 ++++
 contrib/terraform/upcloud/variables.tf                     | 5 +++++
 5 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/contrib/terraform/upcloud/cluster-settings.tfvars b/contrib/terraform/upcloud/cluster-settings.tfvars
index 199661e6b..45a374900 100644
--- a/contrib/terraform/upcloud/cluster-settings.tfvars
+++ b/contrib/terraform/upcloud/cluster-settings.tfvars
@@ -116,8 +116,9 @@ k8s_allowed_remote_ips = [
 master_allowed_ports = []
 worker_allowed_ports = []
 
-loadbalancer_enabled = false
-loadbalancer_plan    = "development"
+loadbalancer_enabled        = false
+loadbalancer_plan           = "development"
+loadbalancer_proxy_protocol = false
 loadbalancers = {
   # "http" : {
   #   "port" : 80,
diff --git a/contrib/terraform/upcloud/main.tf b/contrib/terraform/upcloud/main.tf
index 93483a94e..30986667d 100644
--- a/contrib/terraform/upcloud/main.tf
+++ b/contrib/terraform/upcloud/main.tf
@@ -31,9 +31,10 @@ module "kubernetes" {
   master_allowed_ports      = var.master_allowed_ports
   worker_allowed_ports      = var.worker_allowed_ports
 
-  loadbalancer_enabled = var.loadbalancer_enabled
-  loadbalancer_plan    = var.loadbalancer_plan
-  loadbalancers        = var.loadbalancers
+  loadbalancer_enabled                 = var.loadbalancer_enabled
+  loadbalancer_plan                    = var.loadbalancer_plan
+  loadbalancer_outbound_proxy_protocol = var.loadbalancer_proxy_protocol ? "v2" : ""
+  loadbalancers                        = var.loadbalancers
 
   server_groups = var.server_groups
 }
diff --git a/contrib/terraform/upcloud/modules/kubernetes-cluster/main.tf b/contrib/terraform/upcloud/modules/kubernetes-cluster/main.tf
index 72c441087..2adeb4467 100644
--- a/contrib/terraform/upcloud/modules/kubernetes-cluster/main.tf
+++ b/contrib/terraform/upcloud/modules/kubernetes-cluster/main.tf
@@ -521,6 +521,9 @@ resource "upcloud_loadbalancer_backend" "lb_backend" {
 
   loadbalancer = upcloud_loadbalancer.lb[0].id
   name         = "lb-backend-${each.key}"
+  properties {
+    outbound_proxy_protocol = var.loadbalancer_outbound_proxy_protocol
+  }
 }
 
 resource "upcloud_loadbalancer_frontend" "lb_frontend" {
diff --git a/contrib/terraform/upcloud/modules/kubernetes-cluster/variables.tf b/contrib/terraform/upcloud/modules/kubernetes-cluster/variables.tf
index a99d2d848..ad2cc70f0 100644
--- a/contrib/terraform/upcloud/modules/kubernetes-cluster/variables.tf
+++ b/contrib/terraform/upcloud/modules/kubernetes-cluster/variables.tf
@@ -85,6 +85,10 @@ variable "loadbalancer_plan" {
   type = string
 }
 
+variable "loadbalancer_outbound_proxy_protocol" {
+  type = string
+}
+
 variable "loadbalancers" {
   description = "Load balancers"
 
diff --git a/contrib/terraform/upcloud/variables.tf b/contrib/terraform/upcloud/variables.tf
index 880dc4157..9d8c90c17 100644
--- a/contrib/terraform/upcloud/variables.tf
+++ b/contrib/terraform/upcloud/variables.tf
@@ -121,6 +121,11 @@ variable "loadbalancer_plan" {
   default     = "development"
 }
 
+variable "loadbalancer_proxy_protocol" {
+  type    = bool
+  default = false
+}
+
 variable "loadbalancers" {
   description = "Load balancers"