Hetzner Server Management

Create and manage Hetzner Cloud servers using the hcloud CLI.

Prerequisites

hcloud CLI installed (via mise: hcloud = "latest")
Authenticated: hcloud context create <name> with API token from https://console.hetzner.cloud

Cloud Firewalls

Reusable firewall profiles applied at server creation. Firewalls can be swapped on running servers — use apply-to-resource / remove-from-resource.

Firewall	Rules	Use case
`ts-ssh`	UDP 41641 (Tailscale) + TCP 22 (SSH)	Dev boxes — initial setup, swap to `ts-only` after `tsonlyssh`
`ts-only`	UDP 41641 (Tailscale)	Tailscale-only access, no public ports
`ts-web`	UDP 41641 (Tailscale) + TCP 80,443 (HTTP/S)	Servers accepting public web traffic

Installs

114

Repository

pedronauck/skills

GitHub Stars

436

First Seen

Mar 18, 2026

Security Audits

Gen Agent Trust HubFail

SocketPass

SnykWarn