Make ssh-port of servers initially configurable

It looks somehow random that the SSH-port was simply defined in the configuration of the k3s-setup. It looks somehow "configurable" although it isn't. Therefore I moved this setting to the correct place in the terraform-setup. An important side-note is that this change doesn't make it possible to _change_ the ssh-port, though. Once decided for an port and I have to stick to it until I tear down the cluster!
2025-09-19 18:03:04 +02:00
parent 9c19a21273
commit adec38e1cd
6 changed files with 15 additions and 2 deletions
--- a/infra/modules/hetzner/kubernetes/main.tf
+++ b/infra/modules/hetzner/kubernetes/main.tf
@@ -21,7 +21,7 @@ locals {
  all_ips           = ["0.0.0.0/0", "::/0"]
  ping_firewall     = var.ping_enabled ? { "ping" : [{ protocol = "icmp", port = null }] } : {}
  k8s_firewall      = { "kubernetes" : [{ port = "6443", source_ips = concat([local.network], var.kubernetes_exposed_ips) }] }
-  ssh_firewall      = length(var.ssh_exposed_ips) > 0 ? { "ssh" : [{ port = 1022, source_ips = var.ssh_exposed_ips }] } : {}
+  ssh_firewall      = length(var.ssh_exposed_ips) > 0 ? { "ssh" : [{ port = var.ssh_port, source_ips = var.ssh_exposed_ips }] } : {}
  service_firewalls = { for service, ports in var.public_tcp_services : service => [for port in ports : { port = port }] }
  firewalls = merge(
    local.ping_firewall,