42 lines
601 B
HCL
42 lines
601 B
HCL
data "dns_a_record_set" "ctl" {
|
|
host = "zknt-hh3.trantuete.net"
|
|
}
|
|
|
|
locals {
|
|
host_cidr = flatten([
|
|
for ip in data.dns_a_record_set.ctl.addrs :
|
|
"${ip}/32"
|
|
])
|
|
}
|
|
|
|
resource "hcloud_firewall" "k8s-node" {
|
|
name = "k8s-node"
|
|
rule {
|
|
direction = "in"
|
|
protocol = "icmp"
|
|
source_ips = [
|
|
"0.0.0.0/0",
|
|
"::/0"
|
|
]
|
|
}
|
|
|
|
rule {
|
|
direction = "in"
|
|
protocol = "tcp"
|
|
port = "22"
|
|
source_ips = [
|
|
"0.0.0.0/0",
|
|
"::/0"
|
|
]
|
|
}
|
|
|
|
rule {
|
|
direction = "in"
|
|
protocol = "tcp"
|
|
port = "6443"
|
|
source_ips = local.host_cidr
|
|
}
|
|
|
|
}
|
|
|