From ed298452e7df324225dc4723740b77d0816b2d62 Mon Sep 17 00:00:00 2001
From: Sheogorath <sheogorath@shivering-isles.com>
Date: Wed, 6 Oct 2021 02:20:08 +0200
Subject: [PATCH] terraform: Move description into module variable

The hetzner terraform module for firewall has a description field added.
This should result in description not just being in terraform as
comment, but as description also in the firewall rules themselves on the
webinterface.
---
 terraform/firewall.tf | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/terraform/firewall.tf b/terraform/firewall.tf
index fffcb3cce..77e9100ad 100644
--- a/terraform/firewall.tf
+++ b/terraform/firewall.tf
@@ -16,43 +16,43 @@ resource "hcloud_firewall" "k8s-node" {
       "::/0"
    ]
   }
-  # Kublet
   rule {
+      description     = "Kublet"
       direction       = "in"
       protocol        = "tcp"
       port            = "10250"
       source_ips      = [for s in concat(module.nodes.ipv4_addresses) : "${s}/32"]
   }
-  # Kubernetes node port
   rule {
+      description     = "Kubernetes NodePort"
       direction       = "in"
       protocol        = "tcp"
       port            = "30000-32767"
       source_ips      = [for s in concat(module.nodes.ipv4_addresses) : "${s}/32"]
   }
-  # Kubernetes node port
   rule {
+      description     = "Kubernetes NodePort"
       direction       = "in"
       protocol        = "udp"
       port            = "30000-32767"
       source_ips      = [for s in concat(module.nodes.ipv4_addresses) : "${s}/32"]
   }
-  # Calico BGP
   rule {
+      description     = "Calico BGP"
       direction       = "in"
       protocol        = "tcp"
       port            = "179"
       source_ips      = [for s in concat(module.nodes.ipv4_addresses) : "${s}/32"]
   }
-  # Calico VXLAN
   rule {
+      description     = "Calico VXLAN"
       direction       = "in"
       protocol        = "udp"
       port            = "4789"
       source_ips      = [for s in concat(module.nodes.ipv4_addresses) : "${s}/32"]
   }
-  # Calico Typha
   rule {
+      description     = "Calico Typha"
       direction       = "in"
       protocol        = "tcp"
       port            = "5473"
@@ -60,6 +60,7 @@ resource "hcloud_firewall" "k8s-node" {
   }
   # Host level services, including the node exporter on ports 9100-9101.
   rule {
+      description     = "Host level services"
       direction       = "in"
       protocol        = "tcp"
       port            = "9000-9999"
@@ -67,6 +68,7 @@ resource "hcloud_firewall" "k8s-node" {
   }
   # Host level services, including the node exporter on ports 9100-9101.
   rule {
+      description     = "Host level services"
       direction       = "in"
       protocol        = "udp"
       port            = "9000-9999"
-- 
GitLab