shockrah/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adding firewall stuff

Browse Source
This commit is contained in:
shockrah 2024-04-28 21:31:59 -07:00
parent 2133c1ff3e
commit d7038e26b9
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
infra/static-vultr/firewall.tf
View File

@ -12,6 +12,17 @@ resource vultr_firewall_rule web_v4 {
port = each.value port = each.value
} }
resource vultr_firewall_rule web_v6 {
for_each = toset(["80", "443"])
firewall_group_id = vultr_firewall_group.host.id
protocol = "tcp"
ip_type = "v6"
subnet = "::"
subnet_size = 0
port = each.value
}
# Turn this off when we're not doing maintenance
resource vultr_firewall_rule ssh_v4 { resource vultr_firewall_rule ssh_v4 {
count = var.enable_ssh ? 1 : 0 count = var.enable_ssh ? 1 : 0
firewall_group_id = vultr_firewall_group.host.id firewall_group_id = vultr_firewall_group.host.id

1
infra/static-vultr/host.tf
View File

@ -17,4 +17,5 @@ resource "vultr_instance" "websites" {
hour = var.host.backups.hour hour = var.host.backups.hour
} }
ssh_key_ids = [ vultr_ssh_key.host.id ] ssh_key_ids = [ vultr_ssh_key.host.id ]
firewall_group_id = vultr_firewall_group.host.id
} }