feat: nginx proxy manager

2025-10-12 17:32:07 -04:00
parent 8ca2011d77
commit 2401368316
13 changed files with 309 additions and 67 deletions
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -10,6 +10,12 @@ resource "hcloud_network_subnet" "subnet" {
  ip_range     = local.subnet_cidr
 }

+resource "hcloud_network_route" "privNet" {
+  network_id  = hcloud_network.network.id
+  destination = "0.0.0.0/0"
+  gateway     = local.proxy_ip
+}
+
 /* -------------------------------------------------------------------------- */

 resource "hcloud_primary_ip" "public_ip" {
@@ -75,12 +81,16 @@ resource "hcloud_firewall" "server_firewall" {
    source_ips = [local.network_cidr]
  }

-  # Poke holes for SSH.
-  rule {
-    direction  = "in"
-    protocol   = "tcp"
-    port = "22"
-    source_ips = ["0.0.0.0/0", "::/0"]
+  # Poke holes for applications, and SSH.
+  dynamic "rule" {
+    for_each = ["80", "443", "22", "81"]
+
+    content {
+      direction  = "in"
+      protocol   = "tcp"
+      port       = rule.value
+      source_ips = ["0.0.0.0/0", "::/0"]
+    }
  }
 }