serguzim/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add hcloud firewall

Browse source
This commit is contained in:
Tobias Reisinger 2024-11-01 02:34:58 +01:00
parent f817305718
commit 96b298c0c9
Signed by: serguzim
GPG key ID: 13AD60C237A28DFE
3 changed files with 105 additions and 1 deletions

60
services.auto.tfvars
View file

@ -8,6 +8,18 @@ services = {
url = "/health"
group = "7-support"
}
ports = [
{
port = 53
protocol = "tcp"
type = "firewall"
},
{
port = 53
protocol = "udp"
type = "firewall"
}
]
auth = false
database = true
s3 = false
@ -51,7 +63,7 @@ services = {
},
{
port = 443
protocol = "tcp"
protocol = "udp"
type = "reverse_proxy"
},
#"2019:2019",
@ -91,6 +103,13 @@ services = {
monitoring = {
group = "7-support"
}
ports = [
{
port = 3022
protocol = "tcp"
type = "firewall"
}
]
auth = false
database = false
s3 = false
@ -116,6 +135,13 @@ services = {
url = "/api/v1/version"
group = "4-services"
}
ports = [
{
port = 22
protocol = "tcp"
type = "firewall"
}
]
auth = true
auth_redirects = ["https://git.serguzim.me/user/oauth2/auth.serguzim.me/callback"]
database = true
@ -285,6 +311,38 @@ services = {
monitoring = {
group = "4-services"
}
ports = [
{
port = 25 # SMTP
protocol = "tcp"
type = "firewall"
},
{
port = 465 # SMTP TLS
protocol = "tcp"
type = "firewall"
},
{
port = 587 # SMTP StartTLS
protocol = "tcp"
type = "firewall"
},
{
port = 993 # IMAPS
protocol = "tcp"
type = "firewall"
},
{
port = 995 # POPS
protocol = "tcp"
type = "firewall"
},
{
port = 4190 # Sieve
protocol = "tcp"
type = "firewall"
}
]
auth = false
database = false
s3 = false