22504b886b
- Deployed PostgreSQL 18.4 + Gitea 1.22.6 via Docker Compose - Configured Nginx reverse proxy with Let's Encrypt SSL - Created Ansible playbooks for full automation (site.yml) - Database credentials in AWS Secrets Manager - Production deployment at https://gitea.poll-streams.com
48 lines
1019 B
HCL
48 lines
1019 B
HCL
# Security Group for EC2
|
|
module "security_group" {
|
|
source = "terraform-aws-modules/security-group/aws"
|
|
version = "6.0.0"
|
|
|
|
name = "${var.project_name}-ec2-sg"
|
|
description = "Security group for EC2 instance"
|
|
vpc_id = module.vpc.vpc_id
|
|
|
|
ingress_rules = {
|
|
ssh = {
|
|
from_port = 22
|
|
to_port = 22
|
|
ip_protocol = "tcp"
|
|
description = "SSH from anywhere"
|
|
cidr_ipv4 = "0.0.0.0/0"
|
|
}
|
|
http = {
|
|
from_port = 80
|
|
to_port = 80
|
|
ip_protocol = "tcp"
|
|
description = "HTTP from anywhere"
|
|
cidr_ipv4 = "0.0.0.0/0"
|
|
}
|
|
https = {
|
|
from_port = 443
|
|
to_port = 443
|
|
ip_protocol = "tcp"
|
|
description = "HTTPS from anywhere"
|
|
cidr_ipv4 = "0.0.0.0/0"
|
|
}
|
|
}
|
|
|
|
egress_rules = {
|
|
all = {
|
|
from_port = -1
|
|
to_port = -1
|
|
ip_protocol = "-1"
|
|
description = "Allow all outbound"
|
|
cidr_ipv4 = "0.0.0.0/0"
|
|
}
|
|
}
|
|
|
|
tags = {
|
|
Name = "${var.project_name}-ec2-sg"
|
|
}
|
|
}
|