jooola
commented
6 months ago We are open to merging a pull request for this :)
Closed roberto-sebastiano closed 1 month ago
jooola
commented
6 months ago We are open to merging a pull request for this :)
roberto-sebastiano
commented
6 months ago Due to time constrains on the project I'm working on, I can't work on this right now. I can share the workaround for an ubuntu 22.04:
in the "os-setup.sh" (or shell provisioner), put these lines to allow ssh only:
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install iptables -y
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -P INPUT DROPKeep up the good work, Roberto
jooola
commented
3 months ago As a workaround, you can configure a firewall with a label selector, and use this label in the packer configuration:
source "hcloud" "example" {
server_name = "hcloud-example"
server_labels = {
firewall-ssh-only = "enabled"
}
}Then for the firewall label selector, you can use: firewall-ssh-only or even firewall-ssh-only=enabled
roberto-sebastiano
commented
3 months ago I'll give it a try, thanks
Description
Hello, I don't see a way to attach an Hetzner firewall to the packer instance.
Use Case(s)
I'm building a packer instance on Hetzner that has NFS, this has rcp portmapper opened to the world and I'm receiving alerts from the cloud provider. I should be able to attach an Hetzner firewall to the packer instance like it is already done for all the other VMs I have
Potential configuration
something like
firewall_id = numberinsource "hcloud"?Potential References
Thank you