Move generic vultr firewall stuff into module

Modules are pretty nice!

terraform/vultr_firewall/group.tf

@@ -0,0 +1,3 @@
+resource "vultr_firewall_group" "group" {
+  description = var.description
+}

terraform/vultr_firewall/outputs.tf

@@ -0,0 +1,3 @@
+output "firewall_group" {
+  value = vultr_firewall_group.group
+}

terraform/vultr_firewall/ping.tf

@@ -0,0 +1,15 @@
+resource "vultr_firewall_rule" "ping" {
+  firewall_group_id = vultr_firewall_group.group.id
+  protocol          = "icmp"
+  ip_type           = "v4"
+  subnet            = "0.0.0.0"
+  subnet_size       = 0
+}
+
+resource "vultr_firewall_rule" "pingv6" {
+  firewall_group_id = vultr_firewall_group.group.id
+  protocol          = "icmp"
+  ip_type           = "v6"
+  subnet            = "::"
+  subnet_size       = 0
+}

terraform/vultr_firewall/rules.tf

@@ -0,0 +1,21 @@
+resource "vultr_firewall_rule" "v4" {
+  for_each = toset(var.ports)
+
+  firewall_group_id = vultr_firewall_group.group.id
+  protocol          = split("/", each.value)[1]
+  port              = split("/", each.value)[0]
+  ip_type           = "v4"
+  subnet            = "0.0.0.0"
+  subnet_size       = 0
+}
+
+resource "vultr_firewall_rule" "v6" {
+  for_each = toset(var.ports)
+
+  firewall_group_id = vultr_firewall_group.group.id
+  protocol          = split("/", each.value)[1]
+  port              = split("/", each.value)[0]
+  ip_type           = "v6"
+  subnet            = "::"
+  subnet_size       = 0
+}

terraform/vultr_firewall/terraform.tf

@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    vultr = {
+      source  = "vultr/vultr"
+      version = "2.1.4"
+    }
+  }
+}

terraform/vultr_firewall/variables.tf

@@ -0,0 +1,2 @@
+variable "ports" {}
+variable "description" {}