Change server OS image anf fix firewall rules

main
trivernis 1 year ago
parent 981ed41a3b
commit ce48dbe1e9
Signed by: Trivernis
GPG Key ID: 7E6D18B61C8D2F4B

@ -34,7 +34,7 @@ resource "hcloud_placement_group" "spread-group" {
resource "hcloud_server" "control" { resource "hcloud_server" "control" {
name = "cluster-control" name = "cluster-control"
image = "ubuntu-22.04" image = "fedora-38"
location = "nbg1" location = "nbg1"
ssh_keys = ["archomen_cloud1", "deepthought_cloud1"] ssh_keys = ["archomen_cloud1", "deepthought_cloud1"]
server_type = "cx11" server_type = "cx11"
@ -57,7 +57,7 @@ resource "hcloud_server" "control" {
resource "hcloud_server" "worker-1" { resource "hcloud_server" "worker-1" {
name = "cluster-worker-1" name = "cluster-worker-1"
image = "ubuntu-20.04" image = "fedora-38"
location = "nbg1" location = "nbg1"
ssh_keys = ["archomen_cloud2", "deepthought_cloud2"] ssh_keys = ["archomen_cloud2", "deepthought_cloud2"]
server_type = "cx21" server_type = "cx21"
@ -100,64 +100,23 @@ resource "hcloud_firewall" "firewall" {
] ]
} }
## Outbound rules
rule { rule {
direction = "out" direction = "in"
protocol = "tcp"
port = "53"
destination_ips = [
"0.0.0.0/0",
"::/0"
]
}
rule {
direction = "out"
protocol = "udp"
port = "53"
destination_ips = [
"0.0.0.0/0",
"::/0"
]
}
rule {
direction = "out"
protocol = "udp"
port = "123"
destination_ips = [
"0.0.0.0/0",
"::/0"
]
}
rule {
direction = "out"
protocol = "tcp" protocol = "tcp"
port = "80" port = "80"
destination_ips = [ source_ips = [
"0.0.0.0/0", "0.0.0.0/0",
"::/0" "::/0"
] ]
} }
rule { rule {
direction = "out" direction = "in"
protocol = "udp" protocol = "tcp"
port = "443" port = "443"
destination_ips = [ source_ips = [
"0.0.0.0/0",
"::/0"
]
}
rule {
direction = "out"
protocol = "icmp"
destination_ips = [
"0.0.0.0/0", "0.0.0.0/0",
"::/0" "::/0"
] ]
} }
} }

Loading…
Cancel
Save