Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/thoth2357/provisioning-hetzner-server
Provisioning a Hetzner Server, automated configuration of ssh, firewall, nginx, and s3 bucket mount with Terraform and cloud init
https://github.com/thoth2357/provisioning-hetzner-server
hetzner-cloud s3-bucket server-management terraform
Last synced: 4 days ago
JSON representation
Provisioning a Hetzner Server, automated configuration of ssh, firewall, nginx, and s3 bucket mount with Terraform and cloud init
- Host: GitHub
- URL: https://github.com/thoth2357/provisioning-hetzner-server
- Owner: thoth2357
- Created: 2024-01-05T06:22:51.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2024-05-06T11:11:18.000Z (6 months ago)
- Last Synced: 2024-05-06T12:30:05.588Z (6 months ago)
- Topics: hetzner-cloud, s3-bucket, server-management, terraform
- Language: HCL
- Homepage:
- Size: 14.6 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.MD
Awesome Lists containing this project
README
# Provisioning a Hetzner Server with Terraform
This repository encompasses the essential files and code for provisioning a Hetzner server through Terraform. It automates the configuration of firewall rules, SSH access with added keys, utilizes cloud-init for provisioning tasks including hardening SSH, configuring the firewall, setting up nginx, and finally, mounting an external Contabo S3 bucket..
## Prerequisites
Before you begin, make sure your development environment includes the following prerequisites:
- [Terraform](https://www.terraform.io/downloads.html) installed on your local machine.
- A [Hetzner Cloud](https://www.hetzner.com/cloud) account.
- An [API token](https://docs.hetzner.cloud/#overview-getting-started) from Hetzner Cloud.
- A [SSH key](https://docs.hetzner.cloud/#resources-ssh-keys-get) added to your Hetzner Cloud account.
- A [Contabo S3 bucket](https://contabo.com/en/storage/s3-object-storage/) with a [user](https://contabo.com/en/storage/s3-object-storage/#user-management) and [access key](https://contabo.com/en/storage/s3-object-storage/#access-keys) created.
## Usage
To use this code and provision a Hetzner server with Terraform, follow these steps:
1. Clone or download this repository to your local machine.
######
2. Obtain an API token from Hetzner Cloud. This token will be used to authenticate and interact with the Hetzner API.
######
3. Create a `terraform.tfvars` file in the root directory of your project. This file should contain the following configuration:
```plaintext
hcloud_token = "YOUR_HETZNER_API_TOKEN"
```
Replace `YOUR_HETZNER_API_TOKEN` with your actual Hetzner API token.
Note: Make sure to keep this file secure and do not commit it to version control systems.
######
4. Update the values in the `variables.tf` file according to your requirements. This file defines the input variables used in the Terraform configuration.
######
5. Update the values in the `ssh.tf` file according to your requirements. This file defines the SSH keys to be used for authentication with the Hetzner server. It includes the primary SSH key and two secondary SSH keys.
######
6. Update, delete, or add new firewall rules in the `firewall.tf` file according to your requirements. This file defines the firewall rules for the Hetzner server. It currently includes inbound and outbound rules for specific ports and protocols.
######
7. Update the values in the `instance.tf` file according to your requirements. This file defines the resources to be provisioned, such as the Hetzner server, networking settings, and any other required infrastructure components.
######
8. Update the values in the `cloud-init.yml` file according to your requirements. Such as your access_id and key, hashed_passwd and ssh_authorized_keys that can login to the specific users.
To Generate the hashed passwd, run below command on your local machine, input your desired password and copy the output to the cloud-init.yml file.
```console
thoth@Macbook:~$ mkpasswd --method=SHA-512 --rounds=500000
Password:
```
8. Run `terraform init` to initialize the Terraform configuration.
######
9. Run `terraform plan` to see an execution plan for the Terraform provisioning process.
######
10. Run `terraform apply` to provision the Hetzner server and deploy the defined infrastructure components.
######
11. After the provisioning process is complete, you can retrieve information about the provisioned resources by running `terraform output`.
######
12. To destroy the provisioned resources and clean up, run `terraform destroy`.
That's it! You have now successfully provisioned a Hetzner server using Terraform and deployed the necessary infrastructure components. Enjoy using your new server!
Replace `YOUR_HETZNER_API_TOKEN` with your actual Hetzner API token.
Note: Make sure to keep this file secure and do not commit it to version control systems.