infrastructure/terraform/modules/firewall/main.tf

resource "hcloud_firewall" "prod-fw" {
  name = "prod-fw"
  rule {
    direction = "in"
    protocol  = "tcp"
    source_ips = [
      "0.0.0.0/0",
      "::/0"
    ]
    port = "22"
    description = "Allow SSH"
  }
  rule {
    direction = "in"
    protocol  = "tcp"
    source_ips = [
      "0.0.0.0/0",
      "::/0"
    ]
    port = "80"
    description = "Allow HTTP"
  }
  rule {
    direction = "in"
    protocol  = "tcp"
    source_ips = [
      "0.0.0.0/0",
      "::/0"
    ]
    port = "443"
    description = "Allow HTTP/S"
  }
  rule {
    direction = "out"
    protocol  = "tcp"
    destination_ips = [
      "0.0.0.0/0",
      "::/0"
    ]
    description = "Allow all outbound TCP traffic"
  }
  rule {
    direction = "out"
    protocol  = "udp"
    destination_ips = [
      "0.0.0.0/0",
      "::/0"
    ]
    description = "Allow all outbound UDP traffic"
  }
}