12 lines
399 B
HCL
12 lines
399 B
HCL
# Firewall Configuration
|
|
#
|
|
# Security groups are managed manually in Proxmox UI:
|
|
# Datacenter → Firewall → Security Group
|
|
#
|
|
# Groups:
|
|
# - base-egress: HTTP, HTTPS, DNS, NTP (default for VMs)
|
|
# - restricted: UDP 4242 only (Nebula tunnels, no internet)
|
|
#
|
|
# VMs reference these groups via the firewall_security_group variable.
|
|
# East-west segmentation (VM-to-VM) is handled by Nebula groups.
|