From 6b0b4ff8074acba637cae1e26e6b8cd76d24912b Mon Sep 17 00:00:00 2001
From: vincent <vincent@ducamps.win>
Date: Mon, 9 Oct 2023 20:12:43 +0200
Subject: [PATCH] infra: factoring firewall

---
 infra/firewall.tf | 48 ++++++++++++++++++++++++-----------------------
 infra/server.tf   |  1 +
 2 files changed, 26 insertions(+), 23 deletions(-)

diff --git a/infra/firewall.tf b/infra/firewall.tf
index 1a1d8c5..e156549 100644
--- a/infra/firewall.tf
+++ b/infra/firewall.tf
@@ -1,6 +1,24 @@
 resource "hcloud_firewall" "prod" {
   name= "prod"
+   
   rule {
+    direction ="in"
+    protocol = "icmp"
+    source_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+  }
+  rule {
+    direction ="in"
+    protocol = "udp"
+    port = "51820"
+    source_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+  }
+   rule {
     direction ="in"
     protocol = "tcp"
     port = "80"
@@ -18,28 +36,11 @@ resource "hcloud_firewall" "prod" {
       "::/0"
     ]
   }
-  # torrent UDH port
-  rule {
-    direction ="in"
-    protocol = "udp"
-    port = "6881"
-    source_ips = [
-      "0.0.0.0/0",
-      "::/0"
-    ]
-  }
-  # wireguard port
-  rule {
-    direction ="in"
-    protocol = "udp"
-    port = "51820"
-    source_ips = [
-      "0.0.0.0/0",
-      "::/0"
-    ]
+}
 
-  }
-# torrent listen port
+
+resource "hcloud_firewall" "torrent" {
+  name = "torrent"
   rule {
     direction ="in"
     protocol = "tcp"
@@ -50,9 +51,10 @@ resource "hcloud_firewall" "prod" {
     ]
 
   }
-  rule {
+ rule {
     direction ="in"
-    protocol = "icmp"
+    protocol = "udp"
+    port = "6881"
     source_ips = [
       "0.0.0.0/0",
       "::/0"
diff --git a/infra/server.tf b/infra/server.tf
index 8c83ab3..ad9a704 100644
--- a/infra/server.tf
+++ b/infra/server.tf
@@ -8,6 +8,7 @@ resource "hcloud_server" "HomeLab2" {
   firewall_ids = [
     hcloud_firewall.prod.id,
     hcloud_firewall.Gitea_SSH.id,
+    hcloud_firewall.torrent.id,
     hcloud_firewall.mail.id,
   ]
   labels = {