fixes

azure/images/gallery.tf

@@ -91,7 +91,7 @@ resource "azurerm_image" "talos" {
 }
 
 resource "azurerm_shared_image_version" "talos" {
-  name                = "0.0.5"
+  name                = "0.0.6"
   location            = var.regions[0]
   resource_group_name = data.azurerm_resource_group.kubernetes.name
   gallery_name        = azurerm_shared_image.talos.gallery_name

azure/instances-web.tf

@@ -16,12 +16,12 @@ resource "azurerm_linux_virtual_machine_scale_set" "web" {
   overprovision                = false
   platform_fault_domain_count  = 2
   proximity_placement_group_id = azurerm_proximity_placement_group.common[each.key].id
-  health_probe_id              = local.network_public[each.key].sku != "Basic" ? azurerm_lb_probe.web[each.key].id : null
 
-  automatic_instance_repair {
-    enabled      = local.network_public[each.key].sku != "Basic"
-    grace_period = "PT60M"
-  }
+  # health_probe_id = local.network_public[each.key].sku != "Basic" ? azurerm_lb_probe.web[each.key].id : null
+  # automatic_instance_repair {
+  #   enabled      = local.network_public[each.key].sku != "Basic"
+  #   grace_period = "PT60M"
+  # }
 
   network_interface {
     name                      = "web-${lower(each.key)}"

azure/prepare/secgroup-gw.tf

@@ -35,5 +35,17 @@ resource "azurerm_network_security_group" "gateway" {
     }
   }
 
+  security_rule {
+    name                       = "Wireguard"
+    priority                   = 1600
+    direction                  = "Inbound"
+    access                     = "Allow"
+    protocol                   = "Udp"
+    source_port_range          = "*"
+    source_address_prefix      = "*"
+    destination_port_range     = "443"
+    destination_address_prefix = "*"
+  }
+
   tags = merge(var.tags, { type = "infra" })
 }