From 33fc40ddb70f3394b0138a7f2c43ebccdbdc1068 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Franti=C5=A1ek=20Dvo=C5=99=C3=A1k?= <valtri@civ.zcu.cz>
Date: Mon, 21 Oct 2024 16:14:41 +0000
Subject: [PATCH] Open firewall at production sites

---
 production1/terraform/terraform.tfvars | 16 ++--------------
 production2/terraform/terraform.tfvars | 24 +++---------------------
 2 files changed, 5 insertions(+), 35 deletions(-)

diff --git a/production1/terraform/terraform.tfvars b/production1/terraform/terraform.tfvars
index 5bf6ead..433e788 100644
--- a/production1/terraform/terraform.tfvars
+++ b/production1/terraform/terraform.tfvars
@@ -30,18 +30,6 @@ squid_volume_size = 128
 
 # global firewall rules - public and admin access
 security_public_cidr = {
-  "147.228.0.0/16": "University of West Bohemia in Pilsen",
-  "2001:718:1801::/48": "University of West Bohemia in Pilsen",
-  "78.128.246.160/32": "CESNET VPN",
-  "78.128.247.175/32": "CESNET VPN",
-  "2001:718:ff05:acb::/64": "CESNET VPN",
-  "2001:718:ff05:acc::/64": "CESNET VPN",
-  "147.251.21.79/32": "admin machine - OpenStack project router",
-  "2001:718:801:432:f816:3eff:feab:fbc8/128": "admin machine",
-  "145.90.225.224/27": "EGI VPN",
-  "2001:610:450:80::/64": "EGI VPN",
-  "78.128.247.55/32": "CESNET monitoring",
-  "2001:718:ff05:205::55/128": "CESNET monitoring",
-  "150.254.160.250": "PSNC WAF testing",
-  "150.254.160.252": "PSNC WAF testing",
+  "0.0.0.0/0": "Public access",
+  "::/0": "Public access",
 }
diff --git a/production2/terraform/terraform.tfvars b/production2/terraform/terraform.tfvars
index 18ecd85..a4ad481 100644
--- a/production2/terraform/terraform.tfvars
+++ b/production2/terraform/terraform.tfvars
@@ -31,25 +31,7 @@ squid_volume_size = 128
 # global firewall rules - public and admin access
 # (descriptions not supported @ SafeSpring)
 security_public_cidr = {
-  # University of West Bohemia in Pilsen
-  "147.228.0.0/16": "",
-  "2001:718:1801::/48": "",
-  # CESNET VPN
-  "78.128.246.160/32": "",
-  "78.128.247.175/32": "",
-  "2001:718:ff05:acb::/64": "",
-  "2001:718:ff05:acc::/64": "",
-  # admin machine (OpenStack project router)
-  "147.251.21.79/32": "",
-  # admin machine
-  "2001:718:801:432:f816:3eff:feab:fbc8/128": "",
-  # EGI VPN
-  "145.90.225.224/27": "",
-  "2001:610:450:80::/64": "",
-  # CESNET monitoring
-  "78.128.247.55/32": "",
-  "2001:718:ff05:205::55/128": "",
-  # PSNC WAF testing
-  "150.254.160.250": "",
-  "150.254.160.252": "",
+  # Public access
+  "0.0.0.0/0": "",
+  "::/0": "",
 }
-- 
GitLab