opnsense b created

2024-04-17 04:06:14 +12:00 · 2024-04-17 04:06:14 +12:00 · 8d049f3056
commit 8d049f3056
parent a0997ee8ec
3 changed files with 64 additions and 16 deletions
--- a/terraform/hetzner/firewall.tf
+++ b/terraform/hetzner/firewall.tf
@ -98,3 +98,11 @@ resource "hcloud_firewall" "opnsense" {
    ]
  }   
 }
 resource "hcloud_firewall_attachment" "opnsense" {
  firewall_id = hcloud_firewall.opnsense.id
  server_ids  = [
    hcloud_server.opnsense_a.id,
    hcloud_server.opnsense_b.id
  ]
 }
--- a/terraform/hetzner/network.tf
+++ b/terraform/hetzner/network.tf
@ -87,19 +87,35 @@ resource "hcloud_floating_ip" "opnsense_float_v6" {
 resource "hcloud_floating_ip_assignment" "opnsense-a-v4" {
  floating_ip_id = hcloud_floating_ip.opnsense_float_v4.id
  server_id      = hcloud_server.opnsense_a.id
  depends_on = [
    hcloud_floating_ip.opnsense_float_v4,
    hcloud_server.opnsense_a
  ]
 }
 resource "hcloud_floating_ip_assignment" "opnsense-a-v6" {
  floating_ip_id = hcloud_floating_ip.opnsense_float_v6.id
  server_id      = hcloud_server.opnsense_a.id
  depends_on = [
    hcloud_floating_ip.opnsense_float_v6,
    hcloud_server.opnsense_a
  ]
 }
-# resource "hcloud_floating_ip_assignment" "opnsense-b-v4" {
+resource "hcloud_floating_ip_assignment" "opnsense-b-v4" {
-#   floating_ip_id = hcloud_floating_ip.opnsense_float_v4.id
+  floating_ip_id = hcloud_floating_ip.opnsense_float_v4.id
-#   server_id      = hcloud_server.opnsense_b.id
+  server_id      = hcloud_server.opnsense_b.id
-# }
+  depends_on = [
    hcloud_floating_ip.opnsense_float_v4,
    hcloud_server.opnsense_b
  ]
 }
-# resource "hcloud_floating_ip_assignment" "opnsense-b-v6" {
+resource "hcloud_floating_ip_assignment" "opnsense-b-v6" {
-#   floating_ip_id = hcloud_floating_ip.opnsense_float_v6.id
+  floating_ip_id = hcloud_floating_ip.opnsense_float_v6.id
-#   server_id      = hcloud_server.opnsense_b.id
+  server_id      = hcloud_server.opnsense_b.id
-# }
+  depends_on = [
    hcloud_floating_ip.opnsense_float_v6,
    hcloud_server.opnsense_b
  ]
 }
--- a/terraform/hetzner/servers.tf
+++ b/terraform/hetzner/servers.tf
@ -12,22 +12,15 @@ resource "hcloud_server" "opnsense_a" {
  name        = "opnsense-a"
  server_type = "cpx11"
  image       = "ubuntu-22.04"
  location    = "ash"
  datacenter  = "ash-dc1"
  keep_disk   = true
  backups     = false
 #   ssh_keys    = [
 #     hcloud_ssh_key.default.id
 #   ]
  public_net {
    ipv4_enabled = true
    ipv4 = hcloud_primary_ip.opnsense_a_v4.id
    ipv6_enabled = true
    ipv6 = hcloud_primary_ip.opnsense_a_v6.id
  }
  firewall_ids = [
    hcloud_firewall.opnsense.id
  ]
  network {
    network_id = hcloud_network.us_east_lan.id
    ip = "10.128.1.250"
@ -44,3 +37,34 @@ resource "hcloud_server" "opnsense_a" {
  rebuild_protection  = true
  placement_group_id  = hcloud_placement_group.firewalls.id
 }
 resource "hcloud_server" "opnsense_b" {
  name        = "opnsense-b"
  server_type = "cpx11"
  image       = "ubuntu-22.04"
  # iso         = "OPNsense-23.7-dvd-amd64.iso" 
  datacenter  = "ash-dc1"
  keep_disk   = true
  backups     = false
  public_net {
    ipv4_enabled = true
    ipv4 = hcloud_primary_ip.opnsense_b_v4.id
    ipv6_enabled = true
    ipv6 = hcloud_primary_ip.opnsense_b_v6.id
  }
  network {
    network_id = hcloud_network.us_east_lan.id
    ip = "10.128.1.240"
  }
  network {
    network_id = hcloud_network.us_east_sync.id
    ip = "10.128.2.20"
  }
  depends_on = [
    hcloud_network_subnet.lan,
    hcloud_network_subnet.sync
  ]
  delete_protection   = true
  rebuild_protection  = true
  placement_group_id  = hcloud_placement_group.firewalls.id
 }