KrustyPlanet/openboatmobile-ai
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openboatmobile-ai/docs/HETZNER_SETUP.md
CeeLo Greenheart a593af9b27 Initial commit - Clean public release 
Sanitized for public release:
- Removed all API keys, tokens, and secrets
- Removed personal Discord IDs from hermes-openclaw.json
- Updated git URLs to be generic placeholders
- All sensitive data uses environment variable interpolation
2026-04-22 19:13:28 +00:00

194 lines
No EOL
3.9 KiB
Markdown
Raw Permalink Blame History

# Hetzner Cloud Setup
Detailed guide for deploying OpenBoatmobile to Hetzner Cloud.
## Why Hetzner?
| Spec | Hetznercx23 | DigitalOcean s-2vcpu-4gb |
|------|-------------|-------------------------|
| vCPU | 2 | 2 |
| RAM | 4 GB | 4 GB |
| Disk | 80 GB NVMe | 80 GB SSD |
| Bandwidth | 20 TB included | 4 TB included |
| **Price** | **€4.49/mo** | **$24/mo** |
Hetzner is ~70% cheaper for equivalent specs.
## Create Hetzner Account
1. Go to [Hetzner Cloud](https://www.hetzner.com/cloud)
2. Sign up (email verification required)
3. Add a payment method
## Create API Token
1. Go to [Hetzner Console](https://console.hetzner.cloud/)
2. Click your project (or create one)
3. Navigate to **Security****API Tokens**
4. Click **Create API Token**
5. Name it (e.g., "openclaw-terraform")
6. Permissions: **Read & Write**
7. Copy the token immediately (shown onlyonce)
## Add SSH Key
1. In Hetzner Console, go to **Security****SSH Keys**
2. Click **Add SSH Key**
3. Paste your public key contents:
```bash
cat ~/.ssh/id_ed25519.pub
```
4. Give it a name you can remember (e.g., "laptop-2024")
5. Click **Add SSH Key**
## Choose a Location
Hetzner locations:
| Code | Location | Continent |
|------|----------|-----------|
| `nbg1` | Nuremberg | Europe |
| `fsn1` | Falkenstein | Europe |
| `hel1` | Helsinki | Europe |
| `ash` | Ashburn, VA | North America |
For US users: `ash` (Ashburn) has the best latency.
## Configure OpenBoatmobile
### Minimal Configuration
In `terraform.tfvars`:
```hcl
provider = "hetzner"
server_name = "my-agent"
server_type_hetzner = "cx23"
location_hetzner = "ash"
# These come from environment:
# TF_VAR_hcloud_token
# TF_VAR_venice_api_key
# TF_VAR_ssh_key_names
```
### Server Types
| Type | vCPU | RAM | Disk | Price |
|------|------|-----|------|-------|
| cx22 | 2 | 4 GB | 40 GB | €3.79/mo |
| **cx23** | 2 | 4 GB | 80 GB | **€4.49/mo** (recommended) |
| cpx21 | 3 | 4 GB | 80 GB | €5.99/mo |
| cpx31 | 4 | 8 GB | 160 GB | €8.99/mo |
The cx23 is the sweet spot for OpenClaw: enough RAM for Node.js + LLM contexts, affordable price.
## Deploy
```bash
# Load secrets
source .env
# Initialize (first time only)
terraform init
# Preview changes
terraform plan
# Deploy
terraform apply
```
## Post-Deployment
Terraform outputs your server IP:
```
server_ip = "123.45.67.89"
ssh_command = "ssh openclaw@123.45.67.89" # or "ssh hermes@123.45.67.89" for Hermes
```
### Connect
```bash
# Username is 'openclaw' or 'hermes' depending on framework
ssh <USERNAME>@123.45.67.89
```
### Check Cloud-Init Status
On the server:
```bash
# Check if cloud-init is still running
cloud-init status
# If waiting, you can watch progress:
tail -f /var/log/cloud-init-output.log
```
### Run OpenClaw Onboarding
```bash
openclaw onboard --install-daemon
```
### Verify Gateway
```bash
systemctl status openclaw-gateway
```
## Firewall Rules
OpenBoatmobile creates a Hetzner firewall with:
| Direction | Port | Source |
|-----------|------|--------|
| Inbound | 22 (SSH) | Configured IPs |
| Outbound | All | Any |
To restrict SSH to your IP:
```bash
TF_VAR_ssh_allowed_ips='["your.public.ip/32", "another.ip/32"]'
```
## Cleanup
To destroy your deployment:
```bash
terraform destroy
```
**Note:** This deletes the server and all data. Backup anything important first.
## Troubleshooting
### "API Token invalid"
- Copy the token again (shown only once)
- Check for trailing spaces in `.env`
- Verify token has Read & Write permissions
### "SSH Key not found"
- The key name must match exactly what you entered in Hetzner Console
- Case-sensitive
- Use the name, not the fingerprint
### Server shows but can't SSH
- Wait 2-3 minutes for cloud-init
- Check your IP is in `ssh_allowed_ips`
- Verify the key is added to your agent: `ssh-add -l`
### Cloud-init stuck
```bash
# On the server
cloud-init status --wait
# Or check logs
tail -f /var/log/cloud-init-output.log
```
Reference in a new issue View git blame Copy permalink