diff --git a/TestTestNet/mining-node/template.json b/TestTestNet/mining-node/template.json index 8e84c15..6f9d208 100644 --- a/TestTestNet/mining-node/template.json +++ b/TestTestNet/mining-node/template.json @@ -84,7 +84,8 @@ "miningKeypass": "[trim(parameters('MiningKeyPassword'))]", "netstatsServer": "[trim(parameters('NetstatsServer'))]", "netstatsSecret": "[trim(parameters('NetstatsSecret'))]", - "dnsLabelPrefix": "[toLower(concat('oracles-', uniqueString(resourceGroup().id, variables('miningAddress'))))]" + "dnsLabelPrefix": "[toLower(concat('oracles-', uniqueString(resourceGroup().id, variables('miningAddress'))))]", + "networkSecurityGroupName": "OraclesTest-NSG-1" }, "resources": [ { @@ -138,6 +139,7 @@ "location": "[resourceGroup().location]", "dependsOn": [ "[resourceId('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]", + "[resourceId('Microsoft.Network/networkSecurityGroups/', variables('networkSecurityGroupName'))]", "[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]" ], "properties": { @@ -154,7 +156,10 @@ } } } - ] + ], + "networkSecurityGroup": { + "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]" + } } }, { @@ -246,6 +251,82 @@ } } ] + }, + { + "name": "[variables('networkSecurityGroupName')]", + "type": "Microsoft.Network/networkSecurityGroups", + "apiVersion": "2016-09-01", + "location": "[resourceGroup().location]", + "comments": "Network Security Group (NSG) for your Primary NIC", + "properties": { + "securityRules": [ + { + "name": "allow-ssh", + "properties": { + "priority": 1000, + "direction": "Inbound", + "sourceAddressPrefix": "*", + "sourcePortRange": "*", + "protocol": "Tcp", + "access": "Allow", + "destinationAddressPrefix": "*", + "destinationPortRange": "22" + } + }, + { + "name": "allow-rpc", + "properties": { + "priority": 1100, + "direction": "Inbound", + "sourceAddressPrefix": "*", + "sourcePortRange": "*", + "protocol": "Tcp", + "access": "Allow", + "destinationAddressPrefix": "*", + "destinationPortRange": "8545" + } + }, + { + "name": "allow-discovery", + "properties": { + "priority": 1200, + "direction": "Inbound", + "sourceAddressPrefix": "*", + "sourcePortRange": "*", + "protocol": "*", + "access": "Allow", + "destinationAddressPrefix": "*", + "destinationPortRange": "30303" + } + }, + { + "name": "allow-https", + "properties": { + "priority": 1300, + "direction": "Inbound", + "sourceAddressPrefix": "*", + "sourcePortRange": "*", + "protocol": "*", + "access": "Allow", + "destinationAddressPrefix": "*", + "destinationPortRange": "443" + } + }, + { + "name": "disallow-other", + "properties": { + "priority": 2000, + "direction": "Inbound", + "sourceAddressPrefix": "*", + "sourcePortRange": "*", + "protocol": "*", + "access": "Deny", + "destinationAddressPrefix": "*", + "destinationPortRange": "*" + } + } + ] + } } ], "outputs": {