42 lines
601 B
Terraform
42 lines
601 B
Terraform
|
data "dns_a_record_set" "ctl" {
|
||
|
host = "zknt-hh3.trantuete.net"
|
||
|
}
|
||
|
|
||
|
locals {
|
||
|
host_cidr = flatten([
|
||
|
for ip in data.dns_a_record_set.ctl.addrs :
|
||
|
"${ip}/32"
|
||
|
])
|
||
|
}
|
||
|
|
||
|
resource "hcloud_firewall" "k8s-node" {
|
||
|
name = "k8s-node"
|
||
|
rule {
|
||
|
direction = "in"
|
||
|
protocol = "icmp"
|
||
|
source_ips = [
|
||
|
"0.0.0.0/0",
|
||
|
"::/0"
|
||
|
]
|
||
|
}
|
||
|
|
||
|
rule {
|
||
|
direction = "in"
|
||
|
protocol = "tcp"
|
||
|
port = "22"
|
||
|
source_ips = [
|
||
|
"0.0.0.0/0",
|
||
|
"::/0"
|
||
|
]
|
||
|
}
|
||
|
|
||
|
rule {
|
||
|
direction = "in"
|
||
|
protocol = "tcp"
|
||
|
port = "6443"
|
||
|
source_ips = local.host_cidr
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|