-
Notifications
You must be signed in to change notification settings - Fork 9
/
main.tf
41 lines (35 loc) · 941 Bytes
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
terraform {
required_providers {
digitalocean = {
source = "digitalocean/digitalocean"
version = "~> 2.0"
}
}
}
data "http" "cloudflare_ip4_addrs" {
url = "https://www.cloudflare.com/ips-v4"
}
data "http" "cloudflare_ip6_addrs" {
url = "https://www.cloudflare.com/ips-v6"
}
resource "digitalocean_firewall" "inbound_cloudflare" {
name = var.name
droplet_ids = var.droplet_ids
tags = var.tags
inbound_rule {
protocol = "tcp"
port_range = "80"
source_addresses = concat(
split("\n", trimspace(data.http.cloudflare_ip4_addrs.body)),
split("\n", trimspace(data.http.cloudflare_ip6_addrs.body))
)
}
inbound_rule {
protocol = "tcp"
port_range = "443"
source_addresses = concat(
split("\n", trimspace(data.http.cloudflare_ip4_addrs.body)),
split("\n", trimspace(data.http.cloudflare_ip6_addrs.body))
)
}
}