initial terraform code

2022-10-09 21:13:41 +00:00
parent f73b890e18
commit 8072eb9434
9 changed files with 314 additions and 0 deletions
--- a/firewall.tf
+++ b/firewall.tf
@@ -0,0 +1,32 @@
+# Hetzner Cloud Firewall
+
+resource "hcloud_firewall" "icmp" {
+  name = "ICMP"
+  rule {
+    direction = "in"
+    protocol  = "icmp"
+    source_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+  }
+  apply_to {
+    label_selector = "env=prod"
+  }
+}
+
+resource "hcloud_firewall" "ssh" {
+  name = "SSH"
+  rule {
+    direction = "in"
+    protocol  = "tcp"
+    port      = "22"
+    source_ips = [
+      var.ows_gateway.ipv4,
+      var.ows_gateway.ipv6
+    ]
+  }
+  apply_to {
+    label_selector = "env=prod"
+  }
+}