firewall

package

v0.0.10 Latest Latest Go to latest Published: Apr 16, 2024 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/spigell/pulumi-hcloud-kube-hetzner

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type AllowAllRules
- func NewAllowAllRules() *AllowAllRules
- func (a *AllowAllRules) Rules() []*RuleConfig
- func (a *AllowAllRules) WithPulumiSourceIPs(ips pulumi.StringArray) *AllowAllRules
type Config
type Firewall
- func New(config *Config) *Firewall
- func (f *Firewall) Attach(ctx *program.Context, name string, serverIDs pulumi.IntArray) (*hcloud.FirewallAttachment, error)
- func (f *Firewall) Up(ctx *program.Context, name string) (*Firewall, error)
type RuleConfig
type SSHConfig

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ICMPRule = &RuleConfig{
		Protocol:    "icmp",
		Description: "Allow ICMP",
		Port:        "",
		SourceIps: []string{
			"0.0.0.0/0",
			"::/0",
		},
	}
	SSHRule = &RuleConfig{
		Protocol:    "tcp",
		Description: "Allow SSH",
		Port:        "22",

		SourceIps: []string{
			"0.0.0.0/0",
			"::/0",
		},
	}
)

Functions ¶

This section is empty.

Types ¶

type AllowAllRules ¶

type AllowAllRules struct {
	// contains filtered or unexported fields
}

func NewAllowAllRules ¶

func NewAllowAllRules() *AllowAllRules

func (*AllowAllRules) Rules ¶

func (a *AllowAllRules) Rules() []*RuleConfig

func (*AllowAllRules) WithPulumiSourceIPs ¶

func (a *AllowAllRules) WithPulumiSourceIPs(ips pulumi.StringArray) *AllowAllRules

type Config ¶

type Config struct {

	// Enabled specifies if the configuration is active.
	Enabled bool

	// AllowICMP indicates whether ICMP traffic is allowed.
	AllowICMP bool `json:"allow-icmp" yaml:"allow-icmp"`

	// SSH holds the SSH specific configurations.
	SSH *SSHConfig

	// AdditionalRules is a list of additional rules to be applied.
	AdditionalRules []*RuleConfig `json:"additional-rules" yaml:"additional-rules"`
	// contains filtered or unexported fields
}

func (*Config) AddRules ¶

func (c *Config) AddRules(rules []*RuleConfig)

func (*Config) Dedicated ¶

func (c *Config) Dedicated() bool

func (*Config) DedicatedPool ¶

func (c *Config) DedicatedPool() bool

func (*Config) MarkAsDedicated ¶

func (c *Config) MarkAsDedicated()

func (*Config) MarkWithDedicatedPool ¶

func (c *Config) MarkWithDedicatedPool()

type Firewall ¶

type Firewall struct {
	Config *Config
	// contains filtered or unexported fields
}

func New ¶

func New(config *Config) *Firewall

func (*Firewall) Attach ¶

func (f *Firewall) Attach(ctx *program.Context, name string, serverIDs pulumi.IntArray) (*hcloud.FirewallAttachment, error)

func (*Firewall) Up ¶

func (f *Firewall) Up(ctx *program.Context, name string) (*Firewall, error)

type RuleConfig ¶

type RuleConfig struct {

	// Protocol specifies the network protocol (e.g., TCP, UDP) applicable for the rule.
	// Default is TCP.
	Protocol string

	// Port specifies the network port number or range applicable for the rule.
	// Required
	Port string

	// SourceIps lists IP addresses or subnets from which traffic is allowed or to which traffic is directed, based on the Direction.
	// Required.
	SourceIps []string `json:"source-ips" yaml:"source-ips"`

	// Description provides a human-readable explanation of what the rule is intended to do.
	Description string
	// contains filtered or unexported fields
}

type SSHConfig ¶

type SSHConfig struct {
	// Allow indicates whether SSH access is permitted.
	Allow bool

	// DisallowOwnIP specifies whether SSH access from the deployer's own IP address is disallowed.
	DisallowOwnIP bool `json:"disallow-own-ip" yaml:"disallow-own-ip"`

	// AllowedIps lists specific IP addresses that are permitted to access via SSH.
	AllowedIps []string `json:"allowed-ips" yaml:"allowed-ips"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL