From 11c200faf0f93b2abfc5d29573c3ff64a485a621 Mon Sep 17 00:00:00 2001
From: Paul Buetow <paul@buetow.org>
Date: Sun, 24 Dec 2023 23:58:28 +0200
Subject: syncthing works

---
 org-buetow-base/network.tf | 32 +++++++++++++-------------------
 1 file changed, 13 insertions(+), 19 deletions(-)

(limited to 'org-buetow-base')

diff --git a/org-buetow-base/network.tf b/org-buetow-base/network.tf
index ad95ff4..97e0bd8 100644
--- a/org-buetow-base/network.tf
+++ b/org-buetow-base/network.tf
@@ -97,13 +97,14 @@ resource "aws_security_group" "allow_web" {
     ipv6_cidr_blocks = ["::/0"]
   }
 
-  ingress {
-    from_port        = 8080
-    to_port          = 8080
-    protocol         = "tcp"
-    cidr_blocks      = ["0.0.0.0/0"]
-    ipv6_cidr_blocks = ["::/0"]
-  }
+  # syncthing testing. TODO: Remove?
+  #  ingress {
+  #  from_port        = 8384
+  #  to_port          = 8384
+  #  protocol         = "tcp"
+  #  cidr_blocks      = ["0.0.0.0/0"]
+  #  ipv6_cidr_blocks = ["::/0"]
+  #}
 
   ingress {
     from_port        = 443
@@ -112,14 +113,6 @@ resource "aws_security_group" "allow_web" {
     cidr_blocks      = ["0.0.0.0/0"]
     ipv6_cidr_blocks = ["::/0"]
   }
-
-  egress {
-    from_port        = 0
-    to_port          = 0
-    protocol         = "-1"
-    cidr_blocks      = ["0.0.0.0/0"]
-    ipv6_cidr_blocks = ["::/0"]
-  }
 }
 
 resource "aws_security_group" "allow_outbound" {
@@ -128,9 +121,10 @@ resource "aws_security_group" "allow_outbound" {
   vpc_id      = aws_vpc.vpc.id
 
   egress {
-    from_port   = 0
-    to_port     = 0
-    protocol    = "-1"          # -1 means all protocols
-    cidr_blocks = ["0.0.0.0/0"] # Allows outbound traffic to all IP addresses
+    from_port        = 0
+    to_port          = 0
+    protocol         = "-1"          # -1 means all protocols
+    cidr_blocks      = ["0.0.0.0/0"] # Allows outbound traffic to all IP addresses
+    ipv6_cidr_blocks = ["::/0"]
   }
 }
-- 
cgit v1.2.3