openboatmobile-ai/README.md

OpenBoatmobile

Deploy OpenClaw agents to Hetzner Cloud or DigitalOcean with one command.

OpenBoatmobile is a reusable, distributable Terraform repository for spinning up AI agent infrastructure. Choose your provider, set your secrets, and deploy.

Features

• Provider-agnostic: Deploy to Hetzner Cloud or DigitalOcean
• Full automation: Server provisioning and either OpenClaw or Hermes installation
• Tailscale integration: Secure remote access without exposing ports
• Secrets management: Environment-based, no secrets in git
• One agent focus: Clean single-agent deployments
• Discord connectivity: Quick setup for Discord bot during deployment

Quick Start

# Clone
git clone https://github.com/YOUR_USERNAME/openboatmobile-ai.git
cd openboatmobile

# Configure secrets
cp .env.example .env
$EDITOR .env

# Deploy
source .env && terraform init && terraform apply

Documentation: GETTING-STARTED.md

Cost Comparison

Provider	Instance	vCPU	RAM	Disk	Price
Hetzner	cpx21	2	4 GB	80 GB	€4.49/mo
DigitalOcean	s-2vcpu-4gb	2	4 GB	80 GB	$24/mo

Hetzner is ~70% cheaper for equivalent specs.

Documentation

Document	Purpose
GETTING-STARTED.md	Step-by-step deployment guide
SECRETS.md	Managing API tokens and keys
HETZNER_SETUP.md	Hetzner Cloud detailed setup
DIGITALOCEAN_SETUP.md	DigitalOcean detailed setup
TAILSCALE_SETUP.md	Secure remote access
DISCORD_SETUP.md	Discord bot integration
DOCKER_VS_DIRECT.md	Docker vs direct installation guide
HERMES_DEBUGGING.md	Debugging Hermes Agent issues
TROUBLESHOOTING.md	Common issues and fixes

Usage

1. Prerequisites

• Terraform >= 1.5.4
• SSH key pair
• Hetzner or DigitalOcean API token
• API key for Venice AI or alternative inference provider
• (Optional) Tailscale auth key
• (Optional) Discord bot token and private server

2. Configure Secrets

cp .env.example .env
$EDITOR .env

Required:

TF_VAR_cloud_provider=hetzner  # or digitalocean
TF_VAR_hcloud_token=your-hetzner-token  # for Hetzner
TF_VAR_venice_api_key=your-venice-key
TF_VAR_ssh_key_names='["your-key-name"]'

Optional:

TF_VAR_docker_enabled=true  # Set to false for direct installation (no Docker)

Recommended:

TF_VAR_enable_tailscale=true
TF_VAR_tailscale_auth_key=tskey-auth-xxxxx

3. Deploy

source .env
terraform init
terraform plan
terraform apply

4. Connect

# SSH (from Terraform output - username varies by framework)
# For Hermes: ssh hermes@<SERVER_IP>
# For OpenClaw: ssh openclaw@<SERVER_IP>
ssh <USERNAME>@<SERVER_IP>

# Run OpenClaw onboarding (OpenClaw framework only)
openclaw onboard --install-daemon

# If using Tailscale
sudo tailscale serve --bg 18789

Configuration

See examples/terraform.tfvars.example

Project Structure

openboatmobile/
├── main.tf              # Provider selector
├── variables.tf         # Input variables
├── outputs.tf           # Deployment outputs
├── cloudinit.tf         # Cloud-init config generator
├── providers/
│   ├── digitalocean.tf  # DO-specific resources
│   └── hetzner.tf       # Hetzner-specific resources
├── templates/
│   └── userdata.tpl     # Cloud-init script
├── examples/
│   └── terraform.tfvars.example
├── docs/
│   ├── GETTING-STARTED.md
│   ├── SECRETS.md
│   ├── HETZNER_SETUP.md
│   ├── DIGITALOCEAN_SETUP.md
│   ├── TAILSCALE_SETUP.md
│   ├── DISCORD_SETUP.md
│   └── TROUBLESHOOTING.md
├── .env.example         # Secrets template
├── .gitignore
└── README.md

Security

OpenBoatmobile deploys with security best practices:

Feature	Description
Loopback binding	Gateway binds to 127.0.0.1 only
Firewall	SSH-only inbound
fail2ban	Brute force protection
Auto-updates	Unattended security patches
Non-root user	Deploy with dedicated OS user (hermes or openclaw based on framework)
Tailscale	No public HTTPS exposure

Support

• OpenClaw docs
• Hermes docs

License

Apache 2.0

Origin

OpenBoatmobile is part of the Krusty Planet project — infrastructure for AI agent deployments.

---