ACL is inbound, not outbound
This commit is contained in:
parent
b9965f2092
commit
76343d991d
6
main.tf
6
main.tf
|
@ -119,6 +119,12 @@ module "digitalocean" {
|
|||
source = "digitalocean"
|
||||
}
|
||||
|
||||
// Used to force access to ISP related resources
|
||||
module "tinyproxy" {
|
||||
source = "tinyproxy"
|
||||
ips = "${var.ips}"
|
||||
}
|
||||
|
||||
module "abstruse" {
|
||||
source = "abstruse"
|
||||
domain = "ci.bb8.fun"
|
||||
|
|
|
@ -0,0 +1,26 @@
|
|||
data "docker_registry_image" "tinyproxy" {
|
||||
name = "captn3m0/tinyproxy:latest"
|
||||
}
|
||||
|
||||
resource "docker_image" "tinyproxy" {
|
||||
name = "${data.docker_registry_image.tinyproxy.name}"
|
||||
pull_triggers = ["${data.docker_registry_image.tinyproxy.sha256_digest}"]
|
||||
}
|
||||
|
||||
resource "docker_container" "tinyproxy" {
|
||||
name = "tinyproxy"
|
||||
image = "${docker_image.tinyproxy.latest}"
|
||||
|
||||
// Access is restricted to VPN only
|
||||
command = ["ANY"]
|
||||
|
||||
ports {
|
||||
internal = 8888
|
||||
external = 8888
|
||||
ip = "${var.ips["tun0"]}"
|
||||
}
|
||||
|
||||
restart = "unless-stopped"
|
||||
destroy_grace_seconds = 10
|
||||
must_run = true
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
variable "ips" {
|
||||
type = "map"
|
||||
}
|
Loading…
Reference in New Issue