1
0

opnsense b created

This commit is contained in:
michael 2024-04-17 04:06:14 +12:00
parent a0997ee8ec
commit 8d049f3056
3 changed files with 64 additions and 16 deletions

View File

@ -97,4 +97,12 @@ resource "hcloud_firewall" "opnsense" {
"::/0" "::/0"
] ]
} }
}
resource "hcloud_firewall_attachment" "opnsense" {
firewall_id = hcloud_firewall.opnsense.id
server_ids = [
hcloud_server.opnsense_a.id,
hcloud_server.opnsense_b.id
]
} }

View File

@ -87,19 +87,35 @@ resource "hcloud_floating_ip" "opnsense_float_v6" {
resource "hcloud_floating_ip_assignment" "opnsense-a-v4" { resource "hcloud_floating_ip_assignment" "opnsense-a-v4" {
floating_ip_id = hcloud_floating_ip.opnsense_float_v4.id floating_ip_id = hcloud_floating_ip.opnsense_float_v4.id
server_id = hcloud_server.opnsense_a.id server_id = hcloud_server.opnsense_a.id
depends_on = [
hcloud_floating_ip.opnsense_float_v4,
hcloud_server.opnsense_a
]
} }
resource "hcloud_floating_ip_assignment" "opnsense-a-v6" { resource "hcloud_floating_ip_assignment" "opnsense-a-v6" {
floating_ip_id = hcloud_floating_ip.opnsense_float_v6.id floating_ip_id = hcloud_floating_ip.opnsense_float_v6.id
server_id = hcloud_server.opnsense_a.id server_id = hcloud_server.opnsense_a.id
depends_on = [
hcloud_floating_ip.opnsense_float_v6,
hcloud_server.opnsense_a
]
} }
# resource "hcloud_floating_ip_assignment" "opnsense-b-v4" { resource "hcloud_floating_ip_assignment" "opnsense-b-v4" {
# floating_ip_id = hcloud_floating_ip.opnsense_float_v4.id floating_ip_id = hcloud_floating_ip.opnsense_float_v4.id
# server_id = hcloud_server.opnsense_b.id server_id = hcloud_server.opnsense_b.id
# } depends_on = [
hcloud_floating_ip.opnsense_float_v4,
hcloud_server.opnsense_b
]
}
# resource "hcloud_floating_ip_assignment" "opnsense-b-v6" { resource "hcloud_floating_ip_assignment" "opnsense-b-v6" {
# floating_ip_id = hcloud_floating_ip.opnsense_float_v6.id floating_ip_id = hcloud_floating_ip.opnsense_float_v6.id
# server_id = hcloud_server.opnsense_b.id server_id = hcloud_server.opnsense_b.id
# } depends_on = [
hcloud_floating_ip.opnsense_float_v6,
hcloud_server.opnsense_b
]
}

View File

@ -12,22 +12,15 @@ resource "hcloud_server" "opnsense_a" {
name = "opnsense-a" name = "opnsense-a"
server_type = "cpx11" server_type = "cpx11"
image = "ubuntu-22.04" image = "ubuntu-22.04"
location = "ash"
datacenter = "ash-dc1" datacenter = "ash-dc1"
keep_disk = true keep_disk = true
backups = false backups = false
# ssh_keys = [
# hcloud_ssh_key.default.id
# ]
public_net { public_net {
ipv4_enabled = true ipv4_enabled = true
ipv4 = hcloud_primary_ip.opnsense_a_v4.id ipv4 = hcloud_primary_ip.opnsense_a_v4.id
ipv6_enabled = true ipv6_enabled = true
ipv6 = hcloud_primary_ip.opnsense_a_v6.id ipv6 = hcloud_primary_ip.opnsense_a_v6.id
} }
firewall_ids = [
hcloud_firewall.opnsense.id
]
network { network {
network_id = hcloud_network.us_east_lan.id network_id = hcloud_network.us_east_lan.id
ip = "10.128.1.250" ip = "10.128.1.250"
@ -43,4 +36,35 @@ resource "hcloud_server" "opnsense_a" {
delete_protection = true delete_protection = true
rebuild_protection = true rebuild_protection = true
placement_group_id = hcloud_placement_group.firewalls.id placement_group_id = hcloud_placement_group.firewalls.id
} }
resource "hcloud_server" "opnsense_b" {
name = "opnsense-b"
server_type = "cpx11"
image = "ubuntu-22.04"
# iso = "OPNsense-23.7-dvd-amd64.iso"
datacenter = "ash-dc1"
keep_disk = true
backups = false
public_net {
ipv4_enabled = true
ipv4 = hcloud_primary_ip.opnsense_b_v4.id
ipv6_enabled = true
ipv6 = hcloud_primary_ip.opnsense_b_v6.id
}
network {
network_id = hcloud_network.us_east_lan.id
ip = "10.128.1.240"
}
network {
network_id = hcloud_network.us_east_sync.id
ip = "10.128.2.20"
}
depends_on = [
hcloud_network_subnet.lan,
hcloud_network_subnet.sync
]
delete_protection = true
rebuild_protection = true
placement_group_id = hcloud_placement_group.firewalls.id
}