Created
April 5, 2024 21:57
-
-
Save douglasmiranda/0c8dc4f6e08609ba51fd4691730349d4 to your computer and use it in GitHub Desktop.
Terraform Hetzner example config (simple single server + simple firewall)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Simple server: debian, simple firewall, ssh access using existing ssh key pre registered in hetzner panel | |
| # https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/server | |
| # https://docs.hetzner.cloud/#networks | |
| # https://www.hetzner.com/cloud/ | |
| # Configure the Hetzner Cloud Provider | |
| provider "hcloud" { | |
| token = var.hcloud_token | |
| } | |
| # Create a server | |
| resource "hcloud_server" "my_instance_server_name" { | |
| name = "my_instance_server_name-main" | |
| location = "ash" | |
| image = "debian-12" | |
| server_type = "cpx11" | |
| ssh_keys = [data.hcloud_ssh_key.my_existing_ssh_key.id] | |
| public_net { | |
| ipv4_enabled = true | |
| ipv6_enabled = true | |
| } | |
| firewall_ids = [hcloud_firewall.my_instance_server_name_fw.id] | |
| } | |
| resource "hcloud_firewall" "my_instance_server_name_fw" { | |
| name = "my_instance_server_name_fw" | |
| # icmp | |
| rule { | |
| direction = "in" | |
| protocol = "icmp" | |
| source_ips = [ | |
| "0.0.0.0/0", | |
| "::/0" | |
| ] | |
| } | |
| # http 80 | |
| rule { | |
| direction = "in" | |
| protocol = "tcp" | |
| port = "80" | |
| source_ips = [ | |
| "0.0.0.0/0", | |
| "::/0" | |
| ] | |
| } | |
| # http 443 | |
| rule { | |
| direction = "in" | |
| protocol = "tcp" | |
| port = "443" | |
| source_ips = [ | |
| "0.0.0.0/0", | |
| "::/0" | |
| ] | |
| } | |
| # ssh 22 | |
| rule { | |
| direction = "in" | |
| protocol = "tcp" | |
| port = "22" | |
| source_ips = [ | |
| "0.0.0.0/0", | |
| "::/0" | |
| ] | |
| } | |
| # Outbound | |
| rule { | |
| direction = "out" | |
| protocol = "icmp" | |
| destination_ips = [ | |
| "0.0.0.0/0", | |
| "::/0" | |
| ] | |
| } | |
| rule { | |
| direction = "out" | |
| protocol = "tcp" | |
| port = "1-6553" | |
| destination_ips = [ | |
| "0.0.0.0/0", | |
| "::/0" | |
| ] | |
| } | |
| rule { | |
| direction = "out" | |
| protocol = "udp" | |
| port = "1-6553" | |
| destination_ips = [ | |
| "0.0.0.0/0", | |
| "::/0" | |
| ] | |
| } | |
| } | |
| # Existing ssh_key | |
| # https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/data-sources/ssh_key | |
| data "hcloud_ssh_key" "my_existing_ssh_key" { | |
| name = "my_existing_ssh_key" | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Set the variable value in *.tfvars file | |
| # or using the -var="hcloud_token=..." CLI option | |
| variable "hcloud_token" { | |
| sensitive = true # Requires terraform >= 0.14 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| terraform { | |
| required_providers { | |
| hcloud = { | |
| source = "hetznercloud/hcloud" | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment