[Bug]: Non-default ssh_port setting preventing terraform apply to finish

[zeidlos]

Description

When I want to create a cluster, utilizing a non standard ssh_port, terraform can't verify the nodes are up.
Why is this? The firewall is set up to allow all sorts of things, but not the custom ssh port, if firewall_ssh_source has not been set.
I am preparing a pullrequest right now for you to merge.

Kube.tf file

terraform {
  required_version = ">= 1.5.0"
  required_providers {
    hcloud = {
      source  = "hetznercloud/hcloud"
      version = ">= 1.49.1"
    }
  }
}

output "kubeconfig" {
  value     = module.kube-hetzner.kubeconfig
  sensitive = true
}

module "kube-hetzner" {
  providers = {
    hcloud = hcloud
  }
  hcloud_token       = var.hcloud_token
  source             = "kube-hetzner/kube-hetzner/hcloud"
  ssh_port           = 2342
  ssh_public_key     = file("~/.ssh/123.pub")
  ssh_private_key    = file("~/.ssh/123")
  ssh_max_auth_tries = 10
  network_region     = "eu-central" # change to `us-east` if location is ash

  control_plane_nodepools = [
    {
      name         = "control-plane-fsn1",
      server_type  = "cx22",
      location     = "fsn1",
      labels       = ["role=control-plane", "env=prod"], # Example labels
      kubelet_args = ["kube-reserved=cpu=250m,memory=1500Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"]
      taints       = [],
      count        = 1
    },
    {
      name         = "control-plane-nbg1",
      server_type  = "cx22",
      location     = "nbg1",
      labels       = ["role=control-plane", "env=prod"], # Example labels
      kubelet_args = ["kube-reserved=cpu=250m,memory=1500Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"]
      taints       = [],
      count        = 2
    }
  ]

  agent_nodepools = [
    {
      name         = "agent-small",
      server_type  = "cpx11",
      location     = "fsn1",
      labels       = ["role=agent", "env=staging"], # Example labels
      kubelet_args = ["kube-reserved=cpu=50m,memory=300Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"]
      taints       = [],
      count        = 1
    }
  ]

  control_planes_custom_config = {
    etcd-expose-metrics         = true,
    kube-controller-manager-arg = "bind-address=0.0.0.0",
    kube-proxy-arg              = "metrics-bind-address=0.0.0.0",
    kube-scheduler-arg          = "bind-address=0.0.0.0",
  }

  enable_wireguard = true


  automatically_upgrade_k3s = true
  automatically_upgrade_os  = true

  allow_scheduling_on_control_plane = true
  enable_klipper_metal_lb           = true

  ingress_controller  = "traefik"
  enable_cert_manager = true

  extra_firewall_rules = [
    {
      description     = "Allow fluxcd to talk to the repository"
      direction       = "out"
      protocol        = "tcp"
      port            = "22"
      source_ips      = [] # Won't be used for this rule
      destination_ips = ["0.0.0.0/0", "::/0"]
    },
    # {
    #   description     = "Allow ssh incoming"
    #   direction       = "in"
    #   protocol        = "tcp"
    #   port            = "2342"
    #   source_ips      = ["0.0.0.0/0", "::/0"] # Won't be used for this rule
    #   destination_ips = ["0.0.0.0/0", "::/0"]
    # }
  ]

  dns_servers = [
    "1.1.1.1",
    "8.8.8.8",
    "2606:4700:4700::1111",
  ]

  use_control_plane_lb = true
  export_values        = true
}

Screenshots

No response

Platform

macos