44 lines
932 B
HCL
44 lines
932 B
HCL
resource "hcloud_firewall" "trading_system" {
|
|
name = "${var.name}-firewall"
|
|
|
|
dynamic "rule" {
|
|
for_each = length(var.admin_cidr_blocks) > 0 ? [22] : []
|
|
content {
|
|
direction = "in"
|
|
protocol = "tcp"
|
|
port = tostring(rule.value)
|
|
source_ips = var.admin_cidr_blocks
|
|
}
|
|
}
|
|
|
|
rule {
|
|
direction = "in"
|
|
protocol = "tcp"
|
|
port = "80"
|
|
source_ips = ["0.0.0.0/0", "::/0"]
|
|
}
|
|
|
|
rule {
|
|
direction = "in"
|
|
protocol = "tcp"
|
|
port = "443"
|
|
source_ips = ["0.0.0.0/0", "::/0"]
|
|
}
|
|
|
|
dynamic "rule" {
|
|
for_each = length(var.admin_cidr_blocks) > 0 ? [6443] : []
|
|
content {
|
|
direction = "in"
|
|
protocol = "tcp"
|
|
port = tostring(rule.value)
|
|
source_ips = var.admin_cidr_blocks
|
|
}
|
|
}
|
|
|
|
rule {
|
|
direction = "in"
|
|
protocol = "icmp"
|
|
source_ips = ["0.0.0.0/0", "::/0"]
|
|
destination_ips = []
|
|
}
|
|
}
|