Claude-codex-settings hetzner-deploy

This skill should be used when user asks to "deploy to Hetzner", "create Hetzner server", "manage Hetzner Cloud", "hcloud CLI", or works with Hetzner Cloud infrastructure including servers, networks, firewalls, load balancers, DNS zones, and volumes.

install

source · Clone the upstream repo

git clone https://github.com/fcakyon/claude-codex-settings

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/fcakyon/claude-codex-settings "$T" && mkdir -p ~/.claude/skills && cp -r "$T/plugins/hetzner-skills/skills/hetzner-deploy" ~/.claude/skills/fcakyon-claude-codex-settings-hetzner-deploy && rm -rf "$T"

manifest: plugins/hetzner-skills/skills/hetzner-deploy/SKILL.md

Hetzner Cloud CLI Skill

Skill for provisioning and managing infrastructure on Hetzner Cloud using the

hcloud

CLI. Use the decision trees below to find the right command group, then load detailed references.

Your knowledge of Hetzner Cloud pricing, server types, locations, and API behavior may be outdated. Prefer retrieval over pre-training when citing specific numbers, available types, or configuration options. The reference files alongside this skill are starting points extracted from the official CLI docs.

Authentication

The CLI authenticates via API token. Set the

HCLOUD_TOKEN

environment variable or create a named context:

# Stateless (CI, scripting, agent use)
export HCLOUD_TOKEN="your-api-token"

# Named context (interactive use)
hcloud context create my-project

Generate tokens at https://console.hetzner.cloud under your project's Security > API Tokens.

Installation

# macOS / Linux (Homebrew)
brew install hcloud

# Linux (binary)
curl -sSLO https://github.com/hetznercloud/cli/releases/latest/download/hcloud-linux-amd64.tar.gz
sudo tar -C /usr/local/bin --no-same-owner -xzf hcloud-linux-amd64.tar.gz hcloud

# Docker
docker run --rm -e HCLOUD_TOKEN="$HCLOUD_TOKEN" hetznercloud/cli:latest <command>

Quick Decision Trees

"I need compute"

Need a server?
├─ Create a new server → hcloud server create --name <n> --type <t> --image <img>
├─ With cloud-init user data → add --user-data-from-file <path>
├─ With firewall + network → add --firewall <fw> --network <net>
├─ List available types → hcloud server-type list
├─ List available images → hcloud image list
├─ SSH into server → hcloud server ssh <name>
├─ Create snapshot → hcloud server create-image --type snapshot <name>
├─ Rescue mode → hcloud server enable-rescue <name>
└─ Delete server → hcloud server delete <name>

"I need networking"

Need networking?
├─ Private network (VPC) → hcloud network create --name <n> --ip-range <cidr>
│  ├─ Add subnet → hcloud network add-subnet --network <n> --type cloud --network-zone <z> --ip-range <cidr>
│  └─ Attach server → hcloud server attach-to-network --network <n> --server <s>
├─ Firewall → hcloud firewall create --name <n> --rules-file <json>
│  ├─ Apply to server → hcloud firewall apply-to-resource --firewall <n> --type server --server <s>
│  └─ Replace rules → hcloud firewall replace-rules --rules-file <json> <name>
├─ Load balancer → hcloud load-balancer create --name <n> --type <t> --location <loc>
│  ├─ Add target → hcloud load-balancer add-target --server <s> <lb>
│  └─ Add service → hcloud load-balancer add-service --protocol <p> --listen-port <port> <lb>
├─ Floating IP → hcloud floating-ip create --type ipv4 --home-location <loc>
│  └─ Assign → hcloud floating-ip assign <ip> --server <s>
└─ Primary IP → hcloud primary-ip create --name <n> --type ipv4 --datacenter <dc>

"I need storage"

Need storage?
├─ Block volume → hcloud volume create --name <n> --size <gb> --server <s> --automount --format ext4
│  ├─ Resize → hcloud volume resize --size <gb> <name>
│  └─ Detach → hcloud volume detach <name>
└─ Storage Box (managed NFS/CIFS/SCP) → hcloud storage-box create --name <n> --type <t> --location <loc>
   ├─ Subaccounts → hcloud storage-box subaccount create <box>
   └─ Snapshots → hcloud storage-box snapshot create <box>

"I need DNS"

Need DNS?
├─ Create zone → hcloud zone create --name <domain>
├─ Add records → hcloud zone add-records --zone <z> --type A --name <n> --value <ip>
├─ Set full record set → hcloud zone set-records --zone <z> --type A --name <n> --value <ip1> --value <ip2>
├─ Import zone file → hcloud zone import-zonefile --zone <z> <file>
├─ Export zone file → hcloud zone export-zonefile <zone>
└─ Manage individual RRSets → hcloud zone rrset list <zone>

"I need info"

Need reference data?
├─ Server types + pricing → hcloud server-type list / describe <type>
├─ Locations → hcloud location list / describe <loc>
├─ Datacenters → hcloud datacenter list / describe <dc>
├─ Available images → hcloud image list
├─ ISO images → hcloud iso list
├─ Load balancer types → hcloud load-balancer-type list
└─ Storage box types → hcloud storage-box-type list

"I need to configure the CLI"

Need CLI config?
├─ Create context → hcloud context create <name>
├─ Switch context → hcloud context use <name>
├─ Set default SSH key → hcloud config set default-ssh-keys <key>
├─ View config → hcloud config list
└─ Shell completion → hcloud completion bash/zsh/fish

Common Workflows

Quick server deploy

# Upload SSH key, create server, connect
hcloud ssh-key create --name deploy-key --public-key-from-file ~/.ssh/id_ed25519.pub
hcloud server create --name web-1 --type cpx21 --image ubuntu-24.04 --ssh-key deploy-key --location fsn1
hcloud server ssh web-1

Full stack with network + firewall

# Network
hcloud network create --name prod-net --ip-range 10.0.0.0/16
hcloud network add-subnet --network prod-net --type cloud --network-zone eu-central --ip-range 10.0.1.0/24

# Firewall (allow SSH + HTTP/S)
cat > rules.json << 'EOF'
[
  {"direction":"in","protocol":"tcp","port":"22","source_ips":["0.0.0.0/0","::/0"]},
  {"direction":"in","protocol":"tcp","port":"80","source_ips":["0.0.0.0/0","::/0"]},
  {"direction":"in","protocol":"tcp","port":"443","source_ips":["0.0.0.0/0","::/0"]}
]
EOF
hcloud firewall create --name web-fw --rules-file rules.json

# Server with network + firewall
hcloud server create --name app-1 --type cpx21 --image ubuntu-24.04 \
  --ssh-key deploy-key --network prod-net --firewall web-fw --location fsn1

# Load balancer
hcloud load-balancer create --name web-lb --type lb11 --location fsn1
hcloud load-balancer attach-to-network --network prod-net web-lb
hcloud load-balancer add-target --server app-1 web-lb
hcloud load-balancer add-service --protocol tcp --listen-port 80 --destination-port 80 web-lb

Output Formats

All

describe

list

, and

create

commands support structured output for scripting and agent use:

hcloud server list --output json          # JSON array
hcloud server describe my-srv --output yaml  # YAML
hcloud server describe my-srv --output format='{{.ServerType.Cores}}'  # Go template
hcloud server list --output columns=id,name,status  # Custom table columns

Resource Index

Compute

Resource	Reference
Server	`references/server/`
Server Types	`references/info/`

Networking

Resource	Reference
Network (VPC)	`references/network/`
Firewall	`references/firewall/`
Load Balancer	`references/load-balancer/`
Floating IP	`references/floating-ip/`
Primary IP	`references/primary-ip/`

Storage

Resource	Reference
Volume	`references/volume/`
Storage Box	`references/storage-box/`

DNS

Resource	Reference
Zone & Records	`references/dns/`

Security & Access

Resource	Reference
SSH Key	`references/ssh-key/`
Certificate	`references/certificate/`
Image	`references/image/`
Placement Group	`references/placement-group/`

Reference Data

Resource	Reference
Server Types, LB Types, Storage Box Types, Datacenters, Locations, ISOs	`references/info/`

CLI Configuration

Resource	Reference
Config, Context, Completion	`references/config/`
All Resources	`references/all/`

Getting Started

Resource	Reference
Setup, Server Tutorial, Output Options, Configuration	`references/getting-started/`