explainx.ainewsletter3.4k
Backend

hetzner-server

connorads/dotfiles · updated Apr 8, 2026

MDX-style export adds YAML metadata + attribution linking explainx.ai and this canonical listing URL.

$npx skills add https://github.com/connorads/dotfiles --skill hetzner-server
0 commentsdiscussion
summary

Create and manage Hetzner Cloud servers using the hcloud CLI.

skill.md

Hetzner Server Management

Create and manage Hetzner Cloud servers using the hcloud CLI.

Prerequisites

  • hcloud CLI installed (via mise: hcloud = "latest")
  • Authenticated: hcloud context create <name> with API token from https://console.hetzner.cloud

Cloud Firewalls

Reusable firewall profiles applied at server creation. Firewalls can be swapped on running servers — use apply-to-resource / remove-from-resource.

Firewall Rules Use case
ts-ssh UDP 41641 (Tailscale) + TCP 22 (SSH) Dev boxes — initial setup, swap to ts-only after tsonlyssh
ts-only UDP 41641 (Tailscale) Tailscale-only access, no public ports
ts-web UDP 41641 (Tailscale) + TCP 80,443 (HTTP/S) Servers accepting public web traffic

Swapping firewalls on a running server

hcloud firewall remove-from-resource ts-ssh --type server --server dev
hcloud firewall apply-to-resource ts-only --type server --server dev

Quick Reference

Create a server

# Prefer ARM (best value)
hcloud server create \
  --name dev \
  --type cax21 \
  --image ubuntu-24.04 \
  --location nbg1 \
  --ssh-key connorads \
  --ssh-key connor@penguin \
  --firewall ts-ssh

# x86 fallback
hcloud server create \
  --name dev \
  --type cpx21 \
  --image ubuntu-24.04 \
  --location nbg1 \
  --ssh-key connorads \
  --ssh-key connor@penguin \
  --firewall ts-ssh

# IPv6-only (saves ~$0.60/month on IPv4)
hcloud server create \
  --name dev \
  --type cax21 \
  --image ubuntu-24.04 \
  --location nbg1 \
  --ssh-key connorads \
  --ssh-key connor@penguin \
  --firewall ts-ssh \
  --without-ipv4

With user-data (auto-run install script)

# Use heredoc - process substitution <(echo '...') escapes the shebang incorrectly
hcloud server create \
  --name dev \
  --type cax21 \
  --image ubuntu-24.04 \
  --location nbg1 \
  --ssh-key connorads \
  --ssh-key connor@penguin \
  --firewall ts-ssh \
  --user-data-from-file - <<'EOF'
#!/bin/bash
curl -fsSL https://raw.githubusercontent.com/connorads/dotfiles/master/install.sh | bash
EOF

The dotfiles installation takes ~5 minutes. To monitor progress:

# Quick status check
ssh connor@$(hcloud server ip dev) "cloud-init status"

# View recent installation logs
ssh connor@$(hcloud server ip dev) "sudo journalctl -u cloud-final -n 50 --no-pager"

# Follow installation in real-time
ssh connor@$(hcloud server ip dev) "sudo journalctl -u cloud-final -f"

# Check if tools are installed
ssh connor@$(hcloud server ip dev) "which zsh mise && echo \$SHELL"

With swap (recommended for production)

Ubuntu cloud images don't include swap by default. Add swap via cloud-init at creation:

# Create server with 16GB swap (1:1 ratio for 16GB RAM server)
hcloud server create \
  --name dev \
  --type cax33 \
  --image ubuntu-24.04 \
  --location nbg1 \
  --ssh-key connorads \
  --ssh-key connor@penguin \
  --firewall ts-ssh \
  --user-data-from-file - <<'EOF'
#cloud-config
swap:
  filename: /swapfile
  size: 16G
  maxsize: 16G
EOF

Recommended swap sizes:

  • 4GB RAM → 4-8GB swap
  • 8GB RAM → 8GB swap
  • 16GB+ RAM → 16GB swap (1:1 ratio)

Add swap to existing server:

# Create 16GB swap file
ssh connor@$(hcloud server ip dev) "sudo fallocate -l 16G /swapfile && \
  sudo chmod 600 /swapfile && \
  sudo mkswap /swapfile && \
  sudo swapon /swapfile && \
  echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab"

# Verify swap is active
ssh connor@$(hcloud server ip dev) "free -h"

Common commands

# List servers
hcloud server list

# Get server IP
hcloud server ip dev

# SSH to server
ssh connor@$(hcloud server ip dev)

# Delete server
hcloud server delete dev

# Power operations
hcloud server poweroff dev
hcloud server poweron dev
hcloud server reboot dev

# Rebuild (reinstall OS, keeps IP)
hcloud server rebuild dev --image ubuntu-24.04

Server types (commonly used)

Prices in USD for EU regions (US regions ~20% higher):

Type Arch vCPU RAM Disk ~USD/mo
cax11 ARM 2 4GB 40GB $4.50
cax21 ARM 4 8GB 80GB $8
cax31 ARM 8 16GB 160GB $16
cpx21 x86 3 4GB 80GB $9
cpx31 x86 4 8GB 160GB $18

Full list: hcloud server-type list

Locations

ID City Country
fsn1 Falkenstein DE
nbg1 Nuremberg DE
hel1 Helsinki FI
ash Ashburn US
hil Hillsboro US
sin Singapore SG

SSH keys

# List keys
hcloud ssh-key list

# Add a key
hcloud ssh-key create --name mykey --public-key-from-file ~/.ssh/id_ed25519.pub

Images

# List system images
hcloud image list --type system

# ARM images
hcloud image list --type system --architecture arm

Cloning GitHub repos (SSH agent forwarding)

Use the <name>-agent SSH host (which has agent forwarding enabled) to clone private repos without copying keys to the server. If you hit host key errors, add GitHub's host key first.

# First time only: add GitHub's host key
ssh dev "ssh-keyscan github.com >> ~/.ssh/known_hosts 2>/dev/null"

# Confirm forwarded agent is visible
ssh dev-agent "ssh-add -l"

# Clone with agent forwarding (use -agent suffix)
ssh dev-agent "mkdir -p ~/git && cd ~/git && git clone [email protected]:you/repo.git"

# Clone specific branch
ssh dev-agent "mkdir -p ~/git && cd ~/git && git clone [email protected]:you/repo.git && cd repo && git checkout branch-name"

# Push/pull with agent forwarding
ssh dev-agent "cd repo && git push"

For interactive sessions (e.g., lazygit):

ssh dev-agent
# Then on server: git clone/push/pull works with forwarded agent

Post-creation setup

After creating a server, always clear any old host keys for that IP (Hetzner reuses IPs):

ssh-keygen -R $(hcloud server ip dev) 2>/dev/null
ssh-keyscan $(hcloud server ip dev) >> ~/.ssh/known_hosts 2>/dev/null

Then generate/update SSH config entries:

hcssh              # update ~/.ssh/config with all Hetzner servers
hcssh --dry-run    # preview without writing

This creates two Host entries per server inside a managed block (# BEGIN/END hetzner-managed):

  • <name> — no agent forwarding (safe for AI agents)
  • <name>-agent — with agent forwarding (for git push/pull to GitHub)

Run hcssh again after creating/deleting servers to keep SSH config in sync. This enables VS Code Remote-SSH to show the server in the dropdown.

Optional: Restrict SSH to Tailscale only

After ts up and confirming SSH works via Tailscale (ts ssh connor@dev), run tsonlyssh on the server to remove public port 22 from UFW. This leaves SSH accessible only via the Tailscale interface.

Fallback: Hetzner Cloud Console VNC if locked out.

Notes

  • ARM (cax*) servers are best value for dev work
  • IPv6-only saves money but requires Tailscale/cloudflared for access from IPv4 networks
  • User-data runs as root on first boot
  • The dotfiles install.sh handles creating user connor, installing Nix, home-manager, and mise tools
how to use hetzner-server

How to use hetzner-server on Cursor

AI-first code editor with Composer

1

Prerequisites

Before installing skills in Cursor, ensure your development environment meets these requirements:

  • Cursor installed and configured on your development machine
  • Node.js version 16.0+ with npm package manager (verify with node --version)
  • Active project directory or workspace where you want to add hetzner-server
2

Execute installation command

Execute the skills CLI command in your project's root directory to begin installation:

$npx skills add https://github.com/connorads/dotfiles --skill hetzner-server

The skills CLI fetches hetzner-server from GitHub repository connorads/dotfiles and configures it for Cursor.

3

Select Cursor when prompted

The CLI will show a list of available agents. Use arrow keys to navigate and space to select Cursor:

◆ Which agents do you want to install to?
│ ── Universal (.agents/skills) ── always included ────
│ • Amp
│ • Antigravity
│ • Cline
│ • Codex
│ ●Cursor(selected)
│ • Cursor
│ • Windsurf
4

Verify installation

Confirm successful installation by checking the skill directory location:

.cursor/skills/hetzner-server

Reload or restart Cursor to activate hetzner-server. Access the skill through slash commands (e.g., /hetzner-server) or your agent's skill management interface.

Security & Verification Notice

We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.

Skills execute code in your development environment. Always verify the publisher's identity, review recent commits, and test in isolated environments before production deployment.

Additional Resources

View source code on GitHubSkills CLI documentationLearn more about CursorWhat are agent skills?

List & Monetize Your Skill

Submit your Claude Code skill and start earning

GET_STARTED →

Use Cases

Task Automation & Efficiency

Automate repetitive workflows and reduce manual effort

Example

Generate reports, summarize documents, draft communications

Save 3-5 hours per week on routine tasks

Knowledge Enhancement

Learn new skills, understand complex topics, get expert guidance

Example

Explain concepts, provide examples, suggest learning resources

Accelerate learning and skill development by 2x

Quality Improvement

Enhance output quality through reviews, suggestions, and refinements

Example

Review drafts, suggest improvements, catch errors

Improve work quality by 30-40% with less effort

Implementation Guide

Prerequisites

  • Claude Desktop or compatible AI client with skill support
  • Clear understanding of task or problem to solve
  • Willingness to iterate and refine outputs

Time Estimate

15-45 minutes depending on use case complexity

Installation Steps

  1. 1.Install skill using provided installation command
  2. 2.Test with simple use case relevant to your work
  3. 3.Evaluate output quality and relevance
  4. 4.Iterate on prompts to improve results
  5. 5.Integrate into regular workflow if valuable

Common Pitfalls

  • Expecting perfect results without iteration
  • Not providing enough context in prompts
  • Using skill for tasks outside its intended scope
  • Accepting outputs without review and validation

Best Practices

✓ Do

  • +Start with clear, specific prompts
  • +Provide relevant context and constraints
  • +Review and refine all outputs before using
  • +Iterate to improve output quality
  • +Document successful prompt patterns

✗ Don't

  • Don't use without understanding skill limitations
  • Don't skip validation of outputs
  • Don't share sensitive information in prompts
  • Don't expect skill to replace human judgment

💡 Pro Tips

  • Be specific about desired format and style
  • Ask for multiple options to choose from
  • Request explanations to understand reasoning
  • Combine AI efficiency with human expertise

When to Use This

✓ Use When

Use when skill capabilities match your task, clear ROI on time saved, and you can validate outputs. Best for repetitive tasks, learning, and quality improvement.

✗ Avoid When

Avoid when task requires deep expertise you can't validate, involves sensitive decisions, or when learning process is more valuable than speed of completion.

Learning Path

  1. 1Familiarize yourself with skill capabilities and limitations
  2. 2Start with low-risk, non-critical tasks
  3. 3Progress to more complex and valuable use cases
  4. 4Build expertise through regular use and experimentation

Discussion

Product Hunt–style comments (not star reviews)
  • No comments yet — start the thread.
general reviews

Ratings

4.564 reviews
  • Sophia Taylor· Dec 28, 2024

    Solid pick for teams standardizing on skills: hetzner-server is focused, and the summary matches what you get after install.

  • Pratham Ware· Dec 24, 2024

    hetzner-server is among the better-maintained entries we tried; worth keeping pinned for repeat workflows.

  • Mia Li· Dec 20, 2024

    hetzner-server has been reliable in day-to-day use. Documentation quality is above average for community skills.

  • Luis Anderson· Dec 12, 2024

    Useful defaults in hetzner-server — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.

  • Min Kim· Dec 8, 2024

    Keeps context tight: hetzner-server is the kind of skill you can hand to a new teammate without a long onboarding doc.

  • Sophia Brown· Dec 8, 2024

    hetzner-server reduced setup friction for our internal harness; good balance of opinion and flexibility.

  • Luis Thomas· Dec 4, 2024

    We added hetzner-server from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront.

  • Henry Smith· Nov 27, 2024

    hetzner-server is among the better-maintained entries we tried; worth keeping pinned for repeat workflows.

  • Luis White· Nov 27, 2024

    hetzner-server has been reliable in day-to-day use. Documentation quality is above average for community skills.

  • Sakshi Patil· Nov 15, 2024

    Keeps context tight: hetzner-server is the kind of skill you can hand to a new teammate without a long onboarding doc.

showing 1-10 of 64

1 / 7