update fw

terraform/firewall.tf

@@ -23,6 +23,18 @@ resource "linode_firewall" "dynamic_challenge_firewall" {
         ]
     }
 
+    inbound {
+        label    = "allow-docker-cadvisor"
+        action   = "ACCEPT"
+        protocol = "TCP"
+        ports    = "1080"
+        // IPv4 from the VPC
+        ipv4     = [
+            for interface in linode_instance.deploy_dynamic.interface : "${interface.ipv4[0].vpc}/32"
+                if interface.purpose == "vpc"
+        ]
+    }
+
     inbound {
         label    = "allow-dynamic-challenges"
         action   = "ACCEPT"
@@ -53,6 +65,18 @@ resource "linode_firewall" "static_challenge_firewall" {
         ipv6     = ["::/0"]
     }
 
+    inbound {
+        label    = "allow-docker-cadvisor"
+        action   = "ACCEPT"
+        protocol = "TCP"
+        ports    = "1080"
+        // IPv4 from the VPC
+        ipv4     = [
+            for interface in linode_instance.deploy_dynamic.interface : "${interface.ipv4[0].vpc}/32"
+                if interface.purpose == "vpc"
+        ]
+    }
+
     inbound {
         label    = "allow-static-http-https"
         action   = "ACCEPT"
@@ -101,6 +125,15 @@ resource "linode_firewall" "deploy_dynamic_firewall" {
         ipv6     = ["::/0"]
     }
 
+    inbound {
+        label    = "allow-grafana"
+        action   = "ACCEPT"
+        protocol = "TCP"
+        ports    = "9100"
+        ipv4     = ["0.0.0.0/0"]
+        ipv6     = ["::/0"]
+    }
+
     inbound_policy = "DROP"
 
     // OUTBOUND (Allow all)