Provision a new caseyon Linode

terraform/casey_vps.tf

@@ -18,8 +18,77 @@ resource "vultr_instance" "casey" {
   firewall_group_id = module.casey_firewall.firewall_group.id
 }
 
-resource "vultr_reverse_ipv4" "casey_reverse_ipv4" {
-  instance_id = vultr_instance.casey.id
-  ip          = vultr_instance.casey.main_ip
-  reverse     = "casey.sys.theorangeone.net"
+# Linode
+
+resource "linode_instance" "casey" {
+  label      = "casey"
+  image      = "linode/arch"
+  region     = "eu-west"
+  type       = "g6-nanode-1"
+  private_ip = true
+}
+
+resource "linode_firewall" "casey" {
+  label           = "casey"
+  linodes         = [linode_instance.casey.id]
+  outbound_policy = "ACCEPT"
+  inbound_policy  = "DROP"
+
+  inbound {
+    label    = "allow-ping"
+    action   = "ACCEPT"
+    protocol = "ICMP"
+    ipv4     = ["0.0.0.0/0"]
+    ipv6     = ["::/0"]
+  }
+
+  inbound {
+    label    = "allow-inbound-https"
+    action   = "ACCEPT"
+    protocol = "TCP"
+    ports    = "443"
+    ipv4     = ["0.0.0.0/0"]
+    ipv6     = ["::/0"]
+  }
+
+  inbound {
+    label    = "allow-inbound-http"
+    action   = "ACCEPT"
+    protocol = "TCP"
+    ports    = "80"
+    ipv4     = ["0.0.0.0/0"]
+    ipv6     = ["::/0"]
+  }
+
+  inbound {
+    label    = "allow-inbound-wireguard"
+    action   = "ACCEPT"
+    protocol = "UDP"
+    ports    = "51820"
+    ipv4     = ["0.0.0.0/0"]
+    ipv6     = ["::/0"]
+  }
+
+  inbound {
+    label    = "allow-inbound-nebula"
+    action   = "ACCEPT"
+    protocol = "UDP"
+    ports    = "6328"
+    ipv4     = ["0.0.0.0/0"]
+    ipv6     = ["::/0"]
+  }
+
+  inbound {
+    label    = "allow-inbound-matrix"
+    action   = "ACCEPT"
+    protocol = "TCP"
+    ports    = "8448"
+    ipv4     = ["0.0.0.0/0"]
+    ipv6     = ["::/0"]
+  }
+}
+
+resource "linode_rdns" "casey_reverse_ipv4" {
+  address = linode_instance.casey.ip_address
+  rdns    = "casey.sys.theorangeone.net"
 }