Initial commit - Clean public release

Sanitized for public release: - Removed all API keys, tokens, and secrets - Removed personal Discord IDs from hermes-openclaw.json - Updated git URLs to be generic placeholders - All sensitive data uses environment variable interpolation
2026-04-22 19:13:28 +00:00 · 2026-04-22 19:13:28 +00:00 · a593af9b27
commit a593af9b27
34 changed files with 5646 additions and 0 deletions
--- a/digitalocean.tf
+++ b/digitalocean.tf
@ -0,0 +1,74 @@
+# DigitalOcean Provider Resources
+# Conditionally created when var.cloud_provider == "digitalocean"
+
+# =============================================================================
+# FIREWALL (DigitalOcean calls this "Firewall")
+# =============================================================================
+
+resource "digitalocean_firewall" "agent" {
+  count = local.is_digitalocean ? 1 : 0
+
+  name = "${var.server_name}-firewall"
+
+  # Inbound: SSH only
+  inbound_rule {
+    protocol         = "tcp"
+    port_range       = tostring(var.ssh_port)
+    source_addresses = var.ssh_allowed_ips
+  }
+
+  # Outbound: Allow all
+  outbound_rule {
+    protocol              = "tcp"
+    port_range            = "1-65535"
+    destination_addresses = ["0.0.0.0/0", "::/0"]
+  }
+
+  outbound_rule {
+    protocol              = "udp"
+    port_range            = "1-65535"
+    destination_addresses = ["0.0.0.0/0", "::/0"]
+  }
+
+  outbound_rule {
+    protocol              = "icmp"
+    destination_addresses = ["0.0.0.0/0", "::/0"]
+  }
+}
+
+# =============================================================================
+# DROPLET (Server)
+# =============================================================================
+
+resource "digitalocean_droplet" "agent" {
+  count = local.is_digitalocean ? 1 : 0
+
+  name   = var.server_name
+  image  = "ubuntu-24-04-x64"
+  size   = var.droplet_size_digitalocean
+  region = var.region_digitalocean
+
+  # SSH keys specified by fingerprint - DigitalOcean accepts fingerprints directly
+  ssh_keys = var.ssh_key_fingerprints
+
+  # Tags for organization
+  tags = [
+    var.project_name,
+    var.environment,
+    var.agent_framework
+  ]
+
+  # Cloud-init user data
+  user_data = local.userdata
+}
+
+# =============================================================================
+# FIREWALL ATTACHMENT
+# =============================================================================
+
+resource "digitalocean_firewall" "agent_attachment" {
+  count = local.is_digitalocean ? 1 : 0
+
+  name        = "${var.server_name}-firewall"
+  droplet_ids = [digitalocean_droplet.agent[0].id]
+}