https://github.com/ujstor/coolify-hetzner-terraform

Deploy Coolfy self hosted service on Hetzner with Terraform
https://github.com/ujstor/coolify-hetzner-terraform

coolify hetzner self-hosted

Last synced: about 1 month ago
JSON representation

Deploy Coolfy self hosted service on Hetzner with Terraform

• Host: GitHub
• URL: https://github.com/ujstor/coolify-hetzner-terraform
• Owner: Ujstor
• Created: 2024-01-16T04:37:08.000Z (12 months ago)
• Default Branch: master
• Last Pushed: 2024-03-25T23:38:46.000Z (9 months ago)
• Last Synced: 2024-03-26T00:35:48.694Z (9 months ago)
• Topics: coolify, hetzner, self-hosted
• Language: HCL
• Homepage: https://coolify.io/
• Size: 8.79 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# Self hosted Coolify instance on Hetzner with Terraform

Deploy [Coolify](https://coolify.io/docs/) on Hetzner Cloud using the Terraform. This project aims to create a highly optimized, auto-upgradable, highly available and cost-effective self hosted Coolify instance for deployng your projects on Hetzner Cloud.

Default configuration will create a one server in Falkenstein Germnay with 2 VCPU, 4 GB RAM, 40 GB disk space, 20TB out traffic for 5.77EUR/month. Change configuration to your needs in `variables.tf` file, see Additional Configuration

## Prerequisites

Before you begin, ensure you have the following:

- A Hetzner Cloud account. You can sign up [here](https://hetzner.cloud/?ref=Ix9xCKNxJriM) (free €⁠20 in cloud credits for new users)

- [Terraform](https://www.terraform.io/downloads.html) command-line tool installed

 

 Install Terraform:

```bash

wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg

echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list

sudo apt update && sudo apt install terraform

```

## Deployment Steps

### 1. Generate Hetzner API Token

Create new project in Hetzner console https://console.hetzner.cloud/projects 

Obtain API token from Hetzner console that will be used by Terraform to interact with the platform. 

Navigate to your project and click on SECURITY > API TOKENS > GENERATE API (give read/write access)

Paste API token in the `hcloud_token` variable in `variables.tf`. More secure way to store API token is to create `.auto.tfvars` file in the root of your project and paste API token there, sintax is same as in .env file (hcloud_token = "API_TOKEN"). This will overwrite default value. In same way other variabels can be changed from default values without having to change them in the code.

### 2. Initialize and Apply Terraform

Initialize Terraform and apply the configuration:

```shell

cd 

terraform init --upgrade

terraform validate

terraform apply -auto-approve

```

### 3. Open UI or SSH into the server

When Terraform finishes, give server a couple of minutes to install all dependencies. Coolify's UI will be available at: 

```shell

# Coolify version 3

SERVER_IP:3000

# Coolify version 4

SERVER_IP:8000

```

Default installed Coolify version is 3, because it is easy to navigate for new users and ver. 4 is still in beta.

You can chage version in `server-config.sh` 

If needed, you can ssh into the server with the following command:

```shell

ssh root@ -i ~/.ssh/coolify_key.pem

```

### 4. Destroy infrastructure

To destroy the infrastructure run the following command:

```shell

terraform destroy -auto-approve

```

## Aditional Configuration

### 1. Firewall Rules

To make the server access more secure, we created firewall rules that only allow traffic on certain ports.

Add more rules in `firewall.tf` file if you use service with specific port.

```terraform

rule {

    destination_ips = []

    direction       = "in"

    port            = "5432"

    protocol        = "tcp"

    source_ips = [

      "0.0.0.0/0",

      "::/0",

    ]

  }

  rule {

    destination_ips = ["0.0.0.0/0"]

    direction       = "out"

    port            = "5432"

    protocol        = "tcp"

    source_ips = [

      "0.0.0.0/0",

      "::/0",

    ]

  }

```

### 2. List images, servers types and locations

Check the list of images, servers and prices on official Hetzner Cloud [website](https://www.hetzner.com/cloud).

Also, you can  query [REST API](https://docs.hetzner.cloud/#servers-create-a-server) with the same API_TOKEN we created earlier.

Only Debian and Ubuntu images are supported.

```shell

export TF_HETZNER_TOKE= 

curl \

 -H "Authorization: Bearer $TF_HETZNER_TOKEN" \

 'https://api.hetzner.cloud/v1/images'

curl \

 -H "Authorization: Bearer $TF_HETZNER_TOKEN" \

 'https://api.hetzner.cloud/v1/server_types'

 curl \

 -H "Authorization: Bearer $TF_HETZNER_TOKEN" \

 'https://api.hetzner.cloud/v1/locations'

```

You can use fetch-data.sh to fetch the data from the API and save it to .json in data folder. Images are filtered  by type and architecture and only x86 servers are listed, ARM is excluded.