Deploy Coolify on Hetzner Cloud using the Terraform. This project aims to create a highly optimized, auto-upgradable, highly available and cost-effective self hosted Coolify instance for deployng your projects on Hetzner Cloud.
Default configuration will create a one server in Falkenstein Germnay with 2 VCPU, 4 GB RAM, 40 GB disk space, 20TB out traffic for 5.77EUR/month. Change configuration to your needs in variables.tf
file, see Additional Configuration
Before you begin, ensure you have the following:
- A Hetzner Cloud account. You can sign up here (free €20 in cloud credits for new users)
- Terraform command-line tool installed
Install Terraform:
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install terraform
Create new project in Hetzner console https://console.hetzner.cloud/projects
Obtain API token from Hetzner console that will be used by Terraform to interact with the platform. Navigate to your project and click on SECURITY > API TOKENS > GENERATE API (give read/write access)
Paste API token in the hcloud_token
variable in variables.tf
. More secure way to store API token is to create .auto.tfvars
file in the root of your project and paste API token there, sintax is same as in .env file (hcloud_token = "API_TOKEN"). This will overwrite default value. In same way other variabels can be changed from default values without having to change them in the code.
Initialize Terraform and apply the configuration:
cd <your-project-folder>
terraform init --upgrade
terraform validate
terraform apply -auto-approve
When Terraform finishes, give server a couple of minutes to install all dependencies. Coolify's UI will be available at:
# Coolify version 3
SERVER_IP:3000
# Coolify version 4
SERVER_IP:8000
Default installed Coolify version is 3, because it is easy to navigate for new users and ver. 4 is still in beta.
You can chage version in server-config.sh
If needed, you can ssh into the server with the following command:
ssh root@<server-ip> -i ~/.ssh/coolify_key.pem
To destroy the infrastructure run the following command:
terraform destroy -auto-approve
To make the server access more secure, we created firewall rules that only allow traffic on certain ports.
Add more rules in firewall.tf
file if you use service with specific port.
rule {
destination_ips = []
direction = "in"
port = "5432"
protocol = "tcp"
source_ips = [
"0.0.0.0/0",
"::/0",
]
}
rule {
destination_ips = ["0.0.0.0/0"]
direction = "out"
port = "5432"
protocol = "tcp"
source_ips = [
"0.0.0.0/0",
"::/0",
]
}
Check the list of images, servers and prices on official Hetzner Cloud website. Also, you can query REST API with the same API_TOKEN we created earlier.
Only Debian and Ubuntu images are supported.
export TF_HETZNER_TOKE= <API_TOKEN>
curl \
-H "Authorization: Bearer $TF_HETZNER_TOKEN" \
'https://api.hetzner.cloud/v1/images'
curl \
-H "Authorization: Bearer $TF_HETZNER_TOKEN" \
'https://api.hetzner.cloud/v1/server_types'
curl \
-H "Authorization: Bearer $TF_HETZNER_TOKEN" \
'https://api.hetzner.cloud/v1/locations'
You can use fetch-data.sh to fetch the data from the API and save it to .json in data folder. Images are filtered by type and architecture and only x86 servers are listed, ARM is excluded.