about summary refs log tree commit diff
diff options
context:
space:
mode:
authorWilliam Carroll <wpcarro@gmail.com>2021-12-30T14·44-0400
committerclbot <clbot@tvl.fyi>2022-01-08T05·31+0000
commitd24eef0735dfcec37c516cb4a138172aba2a7497 (patch)
tree91017434255949156d208d5d93d6ceecd4fb45ee
parentff0552c7584e1c82cf0943db52e397aed2331531 (diff)
fix(wpcarro/terraform): Drop source_tags (prefer source_ranges) r/3534
source_tags means:

> the firewall will apply only to traffic with source IP that belongs to a tag
> listed in source tags.

This mechanism exists (presumably) for local networking between instances that I
manage. For ingress traffic, I'd like to open these ports to the wider
internet.

Change-Id: If0963c853f10f3c205581cce100671714a5f6a3a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4750
Tested-by: BuildkiteCI
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
-rw-r--r--users/wpcarro/terraform/default.nix2
1 files changed, 1 insertions, 1 deletions
diff --git a/users/wpcarro/terraform/default.nix b/users/wpcarro/terraform/default.nix
index b3c16144a209..be35785a54d0 100644
--- a/users/wpcarro/terraform/default.nix
+++ b/users/wpcarro/terraform/default.nix
@@ -123,7 +123,7 @@ in {
           ];
         }
       ];
-      source_tags = ["${name}-firewall"];
+      source_ranges = ["0.0.0.0/0"];
     };
   
     resource.google_compute_disk."${name}" = {