diff --git a/infra/firewall.tf b/infra/firewall.tf
new file mode 100644
index 0000000..59c233a
--- /dev/null
+++ b/infra/firewall.tf
@@ -0,0 +1,57 @@
+resource "hcloud_firewall" "HomeLab" {
+  name= "firewall-1"
+  rule {
+    direction ="in"
+    protocol = "tcp"
+    port = "80"
+    source_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+  }
+  rule {
+    direction ="in"
+    protocol = "tcp"
+    port = "443"
+    source_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+  }
+  rule {
+    direction ="in"
+    protocol = "tcp"
+    port = "6881"
+    source_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+  }
+  rule {
+    direction ="in"
+    protocol = "udp"
+    port = "51820"
+    source_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+
+  }
+  rule {
+    direction ="in"
+    protocol = "icmp"
+    source_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+  }
+  rule {
+    direction = "in"
+    protocol = "tcp"
+    port = "22"
+    source_ips = [
+      "0.0.0.0/0",
+      "::/0"
+    ]
+  }
+}
diff --git a/infra/server.tf b/infra/server.tf
index 345f933..46df18c 100644
--- a/infra/server.tf
+++ b/infra/server.tf
@@ -5,6 +5,7 @@ resource "hcloud_server" "HomeLab" {
   server_type = var.server_type
   location    = var.location
   ssh_keys     = [hcloud_ssh_key.default.id]
+  firewall_ids = [hcloud_firewall.HomeLab.id]
   labels = {
   }