Related
Local Connections with DigitalOcean Firewall enabled
Question
Question
DO Network Firewall vs UFW
Question
Question
Question
Allowing upgrades on a server (ports 80 and 443 are open but still can't run apt installs)
Hello, I have a droplet set up as follows:
module "bastion_server" {
ipv6 = "false"
region = "nyc1"
private_networking = "false}"
name = "somename"
source = "mysource"
ssh_fingerprint = ["${var.default_ssh_key_fingerprint}"]
}
and the following firewall rule set up:
resource "digitalocean_firewall" "bastion_server" {
name = "only-ports-22-80-and-443"
droplet_ids = ["${module.bastion_server.id}"]
inbound_rule = [
{
protocol = "tcp"
port_range = "22"
source_addresses = ["myIP"]
},
{
protocol = "tcp"
port_range = "80"
source_addresses = ["0.0.0.0/0", "::/0"]
},
{
protocol = "tcp"
port_range = "443"
source_addresses = ["0.0.0.0/0", "::/0"]
},
{
protocol = "icmp"
source_addresses = ["0.0.0.0/0", "::/0"]
}
]
outbound_rule = [
{
protocol = "icmp"
destination_addresses = ["0.0.0.0/0", "::/0"]
}
]
}
With the above rules, I expect that this server allows:
- ssh access from my ip only
- inbound http and https connections from the internet
- outbound responses to http/https and ICMP queries
The result though is that I can:
- ssh into the server
- but can’t install packages
Can someone please help me pinpoint what rule I am missing?
Thank you
Can someone please tell me what I am missing? Are
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×
Duh! Also open up 80 and 443. Sigh!
EDIT: that does not solve the problem. What am I doing wrong?