wireguard-setup/terraform/main.tf
dependabot[bot] 4780c3c9a7
Bump hetznercloud/hcloud from 1.32.2 to 1.33.2 in /terraform
Bumps [hetznercloud/hcloud](https://github.com/hetznercloud/terraform-provider-hcloud) from 1.32.2 to 1.33.2.
- [Release notes](https://github.com/hetznercloud/terraform-provider-hcloud/releases)
- [Changelog](https://github.com/hetznercloud/terraform-provider-hcloud/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hetznercloud/terraform-provider-hcloud/compare/v1.32.2...v1.33.2)

---
updated-dependencies:
- dependency-name: hetznercloud/hcloud
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-05-04 20:51:57 +00:00

76 lines
1.8 KiB
HCL

terraform {
required_providers {
hcloud = {
source = "hetznercloud/hcloud"
version = "~> 1.33.2"
}
}
}
provider "hcloud" {
token = var.hcloud_api_token
}
data "hcloud_image" "wg_image" {
with_selector = "service=wireguard"
most_recent = true
}
resource "hcloud_firewall" "wg_firewall" {
name = var.wg_firewall_name
labels = { service = "wireguard" }
rule {
description = "ICMP"
direction = "in"
protocol = "icmp"
source_ips = ["0.0.0.0/0", "::0/0"]
}
rule {
description = "SSH"
direction = "in"
protocol = "tcp"
port = "122"
source_ips = ["0.0.0.0/0", "::0/0"]
}
rule {
description = "WireGuard"
direction = "in"
protocol = "udp"
port = "51820"
source_ips = ["0.0.0.0/0", "::0/0"]
}
rule {
description = "WireGuard"
direction = "in"
protocol = "udp"
port = "53"
source_ips = ["0.0.0.0/0", "::0/0"]
}
rule {
description = "WireGuard"
direction = "in"
protocol = "tcp"
port = "443"
source_ips = ["0.0.0.0/0", "::0/0"]
}
}
resource "hcloud_ssh_key" "wg_ssh_key" {
public_key = var.wg_ssh_publickey
name = var.wg_ssh_publickey_name
}
resource "hcloud_server" "wg_server" {
image = data.hcloud_image.wg_image.id
name = var.wg_server_name
server_type = var.wg_server_type
location = var.wg_server_location
labels = { service = "wireguard" }
firewall_ids = [hcloud_firewall.wg_firewall.id]
ssh_keys = [hcloud_ssh_key.wg_ssh_key.id]
user_data = templatefile("${path.module}/templates/user-data.tpl", {
wg_server_wg_privatekey = var.wg_server_wg_privatekey
wg_server_wg_peer_publickeys = var.wg_server_wg_peer_publickeys
})
}