refactor: restructure into hermes/ and openclaw/ directories

- Split cloudinit.tf into cloudinit-hermes.tf and cloudinit-openclaw.tf - Split variables.tf into variables-common.tf, variables-hermes.tf, variables-openclaw.tf - Move templates into hermes/templates/ and openclaw/templates/ - Move models/ into openclaw/models/ - Move hermes-openclaw.json to openclaw/openclaw-reference.json - Move hermes docs to hermes/docs/ - OpenClaw cloudinit now uses variables instead of hardcoded values - All 48 variable references verified against definitions
2026-04-24 19:45:03 +00:00 · 2026-04-24 19:45:03 +00:00 · ea73745147
commit ea73745147
parent 8a94313bd3
21 changed files with 277 additions and 216 deletions
--- a/variables-common.tf
+++ b/variables-common.tf
@ -0,0 +1,229 @@
+# OpenBoatmobile Configuration Variables — Common
+# Shared by both Hermes and OpenClaw deployments
+# Environment-based secrets: Set TF_VAR_<name> in your shell or .env file
+
+# =============================================================================
+# PROVIDER SELECTION
+# =============================================================================
+
+variable "cloud_provider" {
+  description = "Cloud provider to use: 'digitalocean' or 'hetzner'"
+  type        = string
+  default     = "hetzner"
+
+  validation {
+    condition     = contains(["digitalocean", "hetzner"], var.cloud_provider)
+    error_message = "Provider must be 'digitalocean' or 'hetzner'."
+  }
+}
+
+# =============================================================================
+# AGENT FRAMEWORK SELECTION
+# =============================================================================
+
+variable "agent_framework" {
+  description = "Agent framework to deploy: 'openclaw' or 'hermes'"
+  type        = string
+  default     = "hermes"
+
+  validation {
+    condition     = contains(["openclaw", "hermes"], var.agent_framework)
+    error_message = "Framework must be 'openclaw' or 'hermes'."
+  }
+}
+
+# =============================================================================
+# PROVIDER TOKENS (Set via environment: TF_VAR_do_token or TF_VAR_hcloud_token)
+# =============================================================================
+
+variable "do_token" {
+  description = "DigitalOcean API token (set via TF_VAR_do_token)"
+  type        = string
+  sensitive   = true
+  default     = ""
+}
+
+variable "hcloud_token" {
+  description = "Hetzner Cloud API token (set via TF_VAR_hcloud)"
+  type        = string
+  sensitive   = true
+  default     = ""
+}
+
+# =============================================================================
+# SERVER CONFIGURATION (Provider-agnostic)
+# =============================================================================
+
+variable "server_name" {
+  description = "Hostname for the server"
+  type        = string
+  default     = "agent-gateway"
+}
+
+variable "server_type_hetzner" {
+  description = "Hetzner server type (e.g., cx23 for 2vCPU/4GB, cpx21 for 3vCPU/4GB)"
+  type        = string
+  default     = "cpx21"  # 3 vCPU, 4 GB RAM, 80 GB disk - works in US regions
+}
+
+variable "server_image" {
+  description = "Hetzner server image (e.g., ubuntu-24.04, ubuntu-22.04)"
+  type        = string
+  default     = "ubuntu-24.04"
+}
+
+variable "create_network" {
+  description = "Create a private network for multi-server deployments"
+  type        = bool
+  default     = false
+}
+
+variable "network_ip_range" {
+  description = "IP range for private network"
+  type        = string
+  default     = "10.10.0.0/16"
+}
+
+variable "network_zone" {
+  description = "Hetzner network zone"
+  type        = string
+  default     = "eu-central"
+}
+
+variable "droplet_size_digitalocean" {
+  description = "DigitalOcean droplet size (e.g., s-2vcpu-4gb)"
+  type        = string
+  default     = "s-2vcpu-4gb"
+}
+
+variable "region_digitalocean" {
+  description = "DigitalOcean region (e.g., nyc3, sfo2, ams3)"
+  type        = string
+  default     = "nyc3"
+}
+
+variable "location_hetzner" {
+  description = "Hetzner location (nbg1, fsn1, hel1, ash)"
+  type        = string
+  default     = "ash"  # Ashburn, VA - US East Coast
+}
+
+# =============================================================================
+# SSH CONFIGURATION
+# =============================================================================
+
+variable "ssh_key_names" {
+  description = "Names of SSH keys added to the cloud provider (Hetzner: key name in console)"
+  type        = list(string)
+  default     = []
+}
+
+variable "ssh_key_fingerprints" {
+  description = "DigitalOcean SSH key fingerprints"
+  type        = list(string)
+  default     = []
+}
+
+variable "ssh_port" {
+  description = "SSH port (non-standard can be more secure)"
+  type        = number
+  default     = 22
+}
+
+variable "ssh_allowed_ips" {
+  description = "IPs allowed to connect via SSH"
+  type        = list(string)
+  default     = ["0.0.0.0/0", "::/0"]
+}
+
+variable "admin_user" {
+  description = "Admin username (not root). Defaults to framework name: 'hermes' for hermes deployments, 'openclaw' for openclaw deployments. Set to override."
+  type        = string
+  default     = ""
+}
+
+variable "admin_ssh_keys" {
+  description = "Additional public SSH keys for admin user"
+  type        = list(string)
+  default     = []
+}
+
+# =============================================================================
+# API KEYS — Shared (Set via environment: TF_VAR_<name>)
+# =============================================================================
+
+variable "venice_api_key" {
+  description = "Venice AI API key for inference"
+  type        = string
+  sensitive   = true
+  default     = ""
+}
+
+variable "brave_search_api_key" {
+  description = "Brave Search API key"
+  type        = string
+  sensitive   = true
+  default     = ""
+}
+
+# =============================================================================
+# DISCORD CONFIGURATION — Shared
+# =============================================================================
+
+variable "discord_bot_token" {
+  description = "Discord bot token"
+  type        = string
+  sensitive   = true
+  default     = ""
+}
+
+variable "discord_server_id" {
+  description = "Discord server/guild ID"
+  type        = string
+  default     = ""
+}
+
+variable "discord_user_id" {
+  description = "Discord user IDs for allowlist"
+  type        = list(string)
+  default     = []
+}
+
+# =============================================================================
+# PROJECT METADATA
+# =============================================================================
+
+variable "project_name" {
+  description = "Project name for tagging"
+  type        = string
+  default     = "OpenBoatmobile"
+}
+
+variable "environment" {
+  description = "Environment name (e.g., production, staging, development)"
+  type        = string
+  default     = "production"
+}
+
+# =============================================================================
+# TAILSCALE (OPTIONAL)
+# =============================================================================
+
+variable "enable_tailscale" {
+  description = "Install Tailscale for secure remote access"
+  type        = bool
+  default     = false
+}
+
+variable "tailscale_auth_key" {
+  description = "Tailscale auth key"
+  type        = string
+  sensitive   = true
+  default     = ""
+}
+
+variable "tailscale_tailnet_domain" {
+  description = "Tailscale tailnet domain (without .ts.net suffix)"
+  type        = string
+  default     = "tailnet"
+}