Skip to content

GitLab

Switch branch/tag
  1. 01 Jul, 2022 1 commit
  3. 24 Jun, 2022 5 commits
  5. 23 Jun, 2022 1 commit
  7. 22 Jun, 2022 1 commit
  9. 21 Jun, 2022 2 commits
  11. 20 Jun, 2022 1 commit
  13. 18 Jun, 2022 2 commits
  15. 29 Apr, 2022 2 commits
  17. 07 Mar, 2022 1 commit
  19. 25 Oct, 2021 1 commit
  21. 17 Aug, 2021 3 commits
  23. 09 Aug, 2021 1 commit
  25. 05 Aug, 2021 1 commit
  27. 21 Jul, 2021 4 commits
  29. 15 Jul, 2021 2 commits
    • Sheogorath's avatar
      fixup! Add intial version of firewall feature · f46df5ee
      Sheogorath authored
      f46df5ee
    • Sheogorath's avatar
      Add intial version of firewall feature · b0daacc6
      Sheogorath authored 
      This patch provides an initial firewall configuration that provides
complete isolation of the cluster from the outside world. The only way
to access the cluster is through the load balancer on ports 6443 (api),
443 (https), 80 (http) and currently 22623 (ignition). Sadly, we can't
automatically apply these firewalls to hosts, since the hcloud terraform
module has a bootstrapping problem[1], so this has to be done afterwards
manually using the Webinterface or CLI. Since all instances are tagged
already, it should be trivial to apply the right firewall rules based on
the tag.

Note on 22623, exposing this port through the loadbalancer permentently
to the internet is not ideal and should be changed. However, I haven't
come up with a better solution. This will be sorted out in the long run.

[1]: https://github.com/hetznercloud/terraform-provider-hcloud/issues/336
      b0daacc6
  31. 02 Jul, 2021 2 commits
  33. 29 Jun, 2021 9 commits
  35. 25 Jun, 2021 1 commit