From 089597a9b568d4156463cfe01ba1f49a766974af Mon Sep 17 00:00:00 2001 From: BackInBash <48181660+BackInBash@users.noreply.github.com> Date: Wed, 2 Apr 2025 14:23:17 +0200 Subject: [PATCH] removed sec groups --- 03-pfsense-network.tf | 98 +++++++------------------------------------ 1 file changed, 14 insertions(+), 84 deletions(-) diff --git a/03-pfsense-network.tf b/03-pfsense-network.tf index f4c83a8..447c3fe 100644 --- a/03-pfsense-network.tf +++ b/03-pfsense-network.tf @@ -9,101 +9,31 @@ https://opensource.org/licenses/MIT. # Get vNET Networks resource "stackit_network" "wan_network" { - project_id = var.STACKIT_PROJECT_ID - name = "wan_network" - ipv4_nameservers = ["208.67.222.222", "9.9.9.9"] - routed = true + project_id = var.STACKIT_PROJECT_ID + name = "wan_network" + ipv4_nameservers = ["208.67.222.222", "9.9.9.9"] + routed = false } resource "stackit_network" "lan_network" { - project_id = var.STACKIT_PROJECT_ID - name = "lan_network" - ipv4_nameservers = ["208.67.222.222", "9.9.9.9"] - routed = true + project_id = var.STACKIT_PROJECT_ID + name = "lan_network" + ipv4_nameservers = ["208.67.222.222", "9.9.9.9"] } -resource "stackit_security_group" "sec_group_wan" { - project_id = var.STACKIT_PROJECT_ID - name = "sec_group" - labels = { - "key" = "value" - } -} - -resource "stackit_security_group_rule" "sec_icmp" { - project_id = var.STACKIT_PROJECT_ID - security_group_id = stackit_security_group.sec_group_wan.security_group_id - direction = "ingress" - icmp_parameters = { - code = 0 - type = 8 - } - protocol = { - name = "icmp" - } -} - -resource "stackit_security_group_rule" "sec_tcp" { - project_id = var.STACKIT_PROJECT_ID - security_group_id = stackit_security_group.sec_group_wan.security_group_id - direction = "ingress" - port_range = { - max = 443 - min = 443 - } - protocol = { - name = "tcp" - } -} - -resource "stackit_security_group" "sec_group_lan" { - project_id = var.STACKIT_PROJECT_ID - name = "sec_group" - labels = { - "key" = "value" - } -} - -#resource "stackit_security_group_rule" "lan_sec_icmp" { -# project_id = var.STACKIT_PROJECT_ID -# security_group_id = stackit_security_group.sec_group_lan.security_group_id -# direction = "ingress" -# icmp_parameters = { -# code = 0 -# type = 8 -# } -# protocol = { -# name = "icmp" -# } -#} - -#resource "stackit_security_group_rule" "lan_sec_tcp" { -# project_id = var.STACKIT_PROJECT_ID -# security_group_id = stackit_security_group.sec_group_lan.security_group_id -# direction = "ingress" -# port_range = { -# max = 443 -# min = 443 -# } -# protocol = { -# name = "tcp" -# } -#} - resource "stackit_network_interface" "nic_wan" { - project_id = var.STACKIT_PROJECT_ID - network_id = stackit_network.wan_network.network_id - security_group_ids = [stackit_security_group.sec_group_wan.security_group_id] + project_id = var.STACKIT_PROJECT_ID + network_id = stackit_network.wan_network.network_id + security = false } resource "stackit_network_interface" "nic_lan" { - project_id = var.STACKIT_PROJECT_ID - network_id = stackit_network.lan_network.network_id - security_group_ids = [stackit_security_group.sec_group_lan.security_group_id] - depends_on = [stackit_network_interface.nic_wan] + project_id = var.STACKIT_PROJECT_ID + network_id = stackit_network.lan_network.network_id + security = false } -resource "stackit_public_ip" "example" { +resource "stackit_public_ip" "wan-ip" { project_id = var.STACKIT_PROJECT_ID network_interface_id = stackit_network_interface.nic_wan.network_interface_id }