professional-service-best-practices/terraform-pfsense-deployment
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

removed sec groups

Browse source
This commit is contained in:
BackInBash 2025-04-02 14:23:17 +02:00
parent f7efbdfb03
commit 089597a9b5
1 changed files with 14 additions and 84 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

78
03-pfsense-network.tf
View file

@ -12,98 +12,28 @@ resource "stackit_network" "wan_network" {
project_id = var.STACKIT_PROJECT_ID project_id = var.STACKIT_PROJECT_ID
name = "wan_network" name = "wan_network"
ipv4_nameservers = ["208.67.222.222", "9.9.9.9"] ipv4_nameservers = ["208.67.222.222", "9.9.9.9"]
routed = true routed = false
} }
resource "stackit_network" "lan_network" { resource "stackit_network" "lan_network" {
project_id = var.STACKIT_PROJECT_ID project_id = var.STACKIT_PROJECT_ID
name = "lan_network" name = "lan_network"
ipv4_nameservers = ["208.67.222.222", "9.9.9.9"] ipv4_nameservers = ["208.67.222.222", "9.9.9.9"]
routed = true
} }
resource "stackit_security_group" "sec_group_wan" {
project_id = var.STACKIT_PROJECT_ID
name = "sec_group"
labels = {
"key" = "value"
}
}
resource "stackit_security_group_rule" "sec_icmp" {
project_id = var.STACKIT_PROJECT_ID
security_group_id = stackit_security_group.sec_group_wan.security_group_id
direction = "ingress"
icmp_parameters = {
code = 0
type = 8
}
protocol = {
name = "icmp"
}
}
resource "stackit_security_group_rule" "sec_tcp" {
project_id = var.STACKIT_PROJECT_ID
security_group_id = stackit_security_group.sec_group_wan.security_group_id
direction = "ingress"
port_range = {
max = 443
min = 443
}
protocol = {
name = "tcp"
}
}
resource "stackit_security_group" "sec_group_lan" {
project_id = var.STACKIT_PROJECT_ID
name = "sec_group"
labels = {
"key" = "value"
}
}
#resource "stackit_security_group_rule" "lan_sec_icmp" {
# project_id = var.STACKIT_PROJECT_ID
# security_group_id = stackit_security_group.sec_group_lan.security_group_id
# direction = "ingress"
# icmp_parameters = {
# code = 0
# type = 8
# }
# protocol = {
# name = "icmp"
# }
#}
#resource "stackit_security_group_rule" "lan_sec_tcp" {
# project_id = var.STACKIT_PROJECT_ID
# security_group_id = stackit_security_group.sec_group_lan.security_group_id
# direction = "ingress"
# port_range = {
# max = 443
# min = 443
# }
# protocol = {
# name = "tcp"
# }
#}
resource "stackit_network_interface" "nic_wan" { resource "stackit_network_interface" "nic_wan" {
project_id = var.STACKIT_PROJECT_ID project_id = var.STACKIT_PROJECT_ID
network_id = stackit_network.wan_network.network_id network_id = stackit_network.wan_network.network_id
security_group_ids = [stackit_security_group.sec_group_wan.security_group_id] security = false
} }
resource "stackit_network_interface" "nic_lan" { resource "stackit_network_interface" "nic_lan" {
project_id = var.STACKIT_PROJECT_ID project_id = var.STACKIT_PROJECT_ID
network_id = stackit_network.lan_network.network_id network_id = stackit_network.lan_network.network_id
security_group_ids = [stackit_security_group.sec_group_lan.security_group_id] security = false
depends_on = [stackit_network_interface.nic_wan]
} }
resource "stackit_public_ip" "example" { resource "stackit_public_ip" "wan-ip" {
project_id = var.STACKIT_PROJECT_ID project_id = var.STACKIT_PROJECT_ID
network_interface_id = stackit_network_interface.nic_wan.network_interface_id network_interface_id = stackit_network_interface.nic_wan.network_interface_id
} }