Select Git revision
test_typedcols.py
-
Pavel Kácha authoredRemoved OpenTypedDict support. Would need more TypedDict methods decoupling to avoid too much state keeping issues; also makes class/instance distinction too obscure to get users to use it correctly
Pavel Kácha authoredRemoved OpenTypedDict support. Would need more TypedDict methods decoupling to avoid too much state keeping issues; also makes class/instance distinction too obscure to get users to use it correctly
firewall.tf 1.35 KiB
resource "openstack_networking_secgroup_v2" "all" {
name = var.domain
description = "${title(var.domain)} all security group"
}
resource "openstack_networking_secgroup_rule_v2" "all_self" {
for_each = toset(["0.0.0.0/0", "::/0"])
direction = "ingress"
ethertype = length(regexall(":", each.value)) == 0 ? "IPv4" : "IPv6"
remote_group_id = openstack_networking_secgroup_v2.all.id
security_group_id = openstack_networking_secgroup_v2.all.id
}
resource "openstack_networking_secgroup_rule_v2" "all_icmp" {
for_each = toset(["0.0.0.0/0", "::/0"])
direction = "ingress"
ethertype = length(regexall(":", each.value)) == 0 ? "IPv4" : "IPv6"
protocol = each.value == "0.0.0.0/0" ? "icmp" : "ipv6-icmp"
security_group_id = openstack_networking_secgroup_v2.all.id
}
resource "openstack_networking_secgroup_rule_v2" "all_other" {
for_each = var.security_trusted_cidr
direction = "ingress"
ethertype = length(regexall(":", each.value)) == 0 ? "IPv4" : "IPv6"
remote_ip_prefix = each.key
security_group_id = openstack_networking_secgroup_v2.all.id
}
resource "openstack_networking_secgroup_rule_v2" "ssh" {
for_each = var.security_admin_cidr
direction = "ingress"
ethertype = length(regexall(":", each.value)) == 0 ? "IPv4" : "IPv6"
port_range_min = 22
port_range_max = 22
remote_ip_prefix = each.key
security_group_id = openstack_networking_secgroup_v2.all.id
}