Simplify security groups

deploy.tf

@@ -177,7 +177,6 @@ resource "openstack_compute_instance_v2" "server" {
 	key_pair = var.ssh
 	security_groups = [
 		openstack_networking_secgroup_v2.all.name,
-		openstack_networking_secgroup_v2.ssh.name,
 	]
 	user_data = data.template_cloudinit_config.ctx[count.index].rendered
 	network {

firewall.tf

 resource "openstack_networking_secgroup_v2" "all" {
-	name = format("%s.all", var.domain)
+	name = var.domain
 	description = "${title(var.domain)} all security group"
 }
 
-resource "openstack_networking_secgroup_v2" "ssh" {
-	name = format("%s.ssh", var.domain)
-	description = "${title(var.domain)} ssh security group"
-}
-
 resource "openstack_networking_secgroup_rule_v2" "all_self" {
 	for_each = toset(["0.0.0.0/0", "::/0"])
 	direction = "ingress"
@@ -32,17 +27,12 @@ resource "openstack_networking_secgroup_rule_v2" "all_other" {
 	security_group_id = openstack_networking_secgroup_v2.all.id
 }
 
-resource "openstack_networking_secgroup_rule_v2" "all_floatip" {
-	direction = "ingress"
-	ethertype = "IPv4"
-	remote_ip_prefix = "${openstack_networking_floatingip_v2.floatip_1.address}/32"
-	security_group_id = openstack_networking_secgroup_v2.all.id
-}
-
 resource "openstack_networking_secgroup_rule_v2" "ssh" {
 	for_each = var.security_admin_cidr
 	direction = "ingress"
 	ethertype = length(regexall(":", each.value)) == 0 ? "IPv4" : "IPv6"
+	port_range_min = 22
+	port_range_max = 22
 	remote_ip_prefix = each.key
-	security_group_id = openstack_networking_secgroup_v2.ssh.id
+	security_group_id = openstack_networking_secgroup_v2.all.id
 }