resource "openstack_compute_secgroup_v2" "allow_ssh" {
  name        = "allow ssh"
  description = "allow ssh to hosts"

  rule {
    from_port   = 22
    to_port     = 22
    ip_protocol = "tcp"
    cidr        = "0.0.0.0/0"
  }
}

resource "openstack_compute_secgroup_v2" "allow_web_interface" {
  name        = "allow web interfaces for ceph"
  description = "allow 8080/8443 to the monitor host"

  rule {
    from_port   = 8080
    to_port     = 8080
    ip_protocol = "tcp"
    cidr        = "0.0.0.0/0"
  }

  rule {
    from_port   = 8443
    to_port     = 8443
    ip_protocol = "tcp"
    cidr        = "0.0.0.0/0"
  }
}