Initial commit - Clean public release

Sanitized for public release: - Removed all API keys, tokens, and secrets - Removed personal Discord IDs from hermes-openclaw.json - Updated git URLs to be generic placeholders - All sensitive data uses environment variable interpolation
2026-04-22 19:13:28 +00:00 · 2026-04-22 19:13:28 +00:00 · a593af9b27
commit a593af9b27
34 changed files with 5646 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,175 @@
+# OpenBoatmobile
+
+**Deploy OpenClaw agents to Hetzner Cloud or DigitalOcean with one command.**
+
+OpenBoatmobile is a reusable, distributable Terraform repository for spinning up AI agent infrastructure. Choose your provider, set your secrets, and deploy.
+
+## Features
+
+- **Provider-agnostic**: Deploy to Hetzner Cloud or DigitalOcean
+- **Full automation**: Server provisioning and either OpenClaw or Hermes installation
+- **Tailscale integration**: Secure remote access without exposing ports
+- **Secrets management**: Environment-based, no secrets in git
+- **One agent focus**: Clean single-agent deployments
+- **Discord connectivity**: Quick setup for Discord bot during deployment
+
+## Quick Start
+
+```bash
+# Clone
+git clone https://github.com/YOUR_USERNAME/openboatmobile-ai.git
+cd openboatmobile
+
+# Configure secrets
+cp .env.example .env
+$EDITOR .env
+
+# Deploy
+source .env && terraform init && terraform apply
+```
+
+**Documentation:** [GETTING-STARTED.md](docs/GETTING-STARTED.md)
+
+## Cost Comparison
+
+| Provider | Instance | vCPU | RAM | Disk | Price |
+|----------|----------|------|-----|------|-------|
+| **Hetzner** | cpx21 | 2 | 4 GB | 80 GB | **€4.49/mo** |
+| DigitalOcean | s-2vcpu-4gb | 2 | 4 GB | 80 GB | $24/mo |
+
+Hetzner is ~70% cheaper for equivalent specs.
+
+## Documentation
+
+| Document | Purpose |
+|----------|---------|
+| [GETTING-STARTED.md](docs/GETTING-STARTED.md) | Step-by-step deployment guide |
+| [SECRETS.md](docs/SECRETS.md) | Managing API tokens and keys |
+| [HETZNER_SETUP.md](docs/HETZNER_SETUP.md) | Hetzner Cloud detailed setup |
+| [DIGITALOCEAN_SETUP.md](docs/DIGITALOCEAN_SETUP.md) | DigitalOcean detailed setup |
+| [TAILSCALE_SETUP.md](docs/TAILSCALE_SETUP.md) | Secure remote access |
+| [DISCORD_SETUP.md](docs/DISCORD_SETUP.md) | Discord bot integration |
+| [DOCKER_VS_DIRECT.md](docs/DOCKER_VS_DIRECT.md) | Docker vs direct installation guide |
+| [HERMES_DEBUGGING.md](docs/HERMES_DEBUGGING.md) | Debugging Hermes Agent issues |
+| [TROUBLESHOOTING.md](docs/TROUBLESHOOTING.md) | Common issues and fixes |
+
+## Usage
+
+### 1. Prerequisites
+
+- Terraform >= 1.5.4
+- SSH key pair
+- Hetzner or DigitalOcean API token
+- API key for Venice AI or alternative inference provider
+- (Optional) Tailscale auth key
+- (Optional) Discord bot token and private server
+
+### 2. Configure Secrets
+
+```bash
+cp .env.example .env
+$EDITOR .env
+```
+
+Required:
+```bash
+TF_VAR_cloud_provider=hetzner  # or digitalocean
+TF_VAR_hcloud_token=your-hetzner-token  # for Hetzner
+TF_VAR_venice_api_key=your-venice-key
+TF_VAR_ssh_key_names='["your-key-name"]'
+```
+
+Optional:
+```bash
+TF_VAR_docker_enabled=true  # Set to false for direct installation (no Docker)
+```
+
+Recommended:
+```bash
+TF_VAR_enable_tailscale=true
+TF_VAR_tailscale_auth_key=tskey-auth-xxxxx
+```
+
+### 3. Deploy
+
+```bash
+source .env
+terraform init
+terraform plan
+terraform apply
+```
+
+### 4. Connect
+
+```bash
+# SSH (from Terraform output - username varies by framework)
+# For Hermes: ssh hermes@<SERVER_IP>
+# For OpenClaw: ssh openclaw@<SERVER_IP>
+ssh <USERNAME>@<SERVER_IP>
+
+# Run OpenClaw onboarding (OpenClaw framework only)
+openclaw onboard --install-daemon
+
+# If using Tailscale
+sudo tailscale serve --bg 18789
+```
+
+## Configuration
+
+See [examples/terraform.tfvars.example](examples/terraform.tfvars.example)
+
+## Project Structure
+
+```
+openboatmobile/
+├── main.tf              # Provider selector
+├── variables.tf         # Input variables
+├── outputs.tf           # Deployment outputs
+├── cloudinit.tf         # Cloud-init config generator
+├── providers/
+│   ├── digitalocean.tf  # DO-specific resources
+│   └── hetzner.tf       # Hetzner-specific resources
+├── templates/
+│   └── userdata.tpl     # Cloud-init script
+├── examples/
+│   └── terraform.tfvars.example
+├── docs/
+│   ├── GETTING-STARTED.md
+│   ├── SECRETS.md
+│   ├── HETZNER_SETUP.md
+│   ├── DIGITALOCEAN_SETUP.md
+│   ├── TAILSCALE_SETUP.md
+│   ├── DISCORD_SETUP.md
+│   └── TROUBLESHOOTING.md
+├── .env.example         # Secrets template
+├── .gitignore
+└── README.md
+```
+
+## Security
+
+OpenBoatmobile deploys with security best practices:
+
+| Feature | Description |
+|---------|-------------|
+| Loopback binding | Gateway binds to 127.0.0.1 only |
+| Firewall | SSH-only inbound |
+| fail2ban | Brute force protection |
+| Auto-updates | Unattended security patches |
+| Non-root user | Deploy with dedicated OS user (`hermes` or `openclaw` based on framework) |
+| Tailscale | No public HTTPS exposure |
+
+## Support
+
+- [OpenClaw docs](https://docs.openclaw.ai)
+- [Hermes docs](https://hermes-agent.nousresearch.com/docs/)
+
+## License
+
+Apache 2.0
+
+## Origin
+
+OpenBoatmobile is part of the **Krusty Planet** project — infrastructure for AI agent deployments.
+
+---