Configuring a Hetzner Cloud server
The Hetzner Cloud integration uses your Hetzner Cloud API token to access your Hetzner Cloud account resources (your servers in this case), and allow you to select them directly from a drop-down in your server configuration.
This allows you to quickly set up your Hetzner Cloud servers in DeployHQ without the hassle of looking up your server name, IP, or username.
The only step required is to create a server (if you don't have an existing one), create a Hetzner Cloud API token, and to upload your SSH key to the server's .ssh/authorized_keys file, so that DeployHQ can authenticate its connection with the server. Let's go over these step by step.
Pre-requisites
To use this integration, there are some steps that you'll need to follow to get your setup running. Those are:
- A running server on Hetzner Cloud
- A Hetzner Cloud API token
Let's go over these steps one by one!
Create a server
To be able to connect DeployHQ to a Hetzner Cloud server, you first need the server to exist. If you already have a running server in your Hetzner Cloud project, feel free to skip this step completely.
First, log in to the Hetzner Cloud Console, select your project, and click "Add Server". Choose the options that best suit your needs, such as location, image (operating system), and server type. Once configured, click "Create & Buy now" to provision your server.
Create a Hetzner Cloud API token
Once the server is present in your Hetzner Cloud project, you need to create an API token that DeployHQ will use to access your resources.
To do so, go to your project in the Hetzner Cloud Console, then navigate to Security > API Tokens and click Generate API Token.
Give the token a descriptive name (e.g., "DeployHQ") so you can identify it later. For permissions, select Read & Write as DeployHQ needs to both read your server list and manage SSH keys.
Once generated, copy the token immediately as it will only be shown once. If you lose it, you'll need to generate a new one.
For more information about API tokens, see the Hetzner Cloud API documentation.
Adding your Hetzner Cloud server in DeployHQ
Once you have the Hetzner Cloud API token ready, you can add it in your DeployHQ account to select your servers from a drop-down instead of adding server parameters manually.
To do so, go into your DeployHQ project and create a new server. Select "Hetzner Cloud" as your protocol. The server form is organized into sections:
Server Details
Enter your Hetzner Cloud API token. Once added, the "Server" drop-down will automatically populate with your existing servers. Select the one you wish to use. Make sure the server is running, as stopped servers will cause a timeout error during DeployHQ's server creation.
Configuring the username
After selecting your server, you'll need to configure the username that DeployHQ will use to connect to your server. By default, this is set to root, but for security reasons, we strongly recommend using a non-root user for deployments.
If you're using a non-root user, make sure:
- The user exists on your server
- The user has the necessary permissions to access and modify files in your deployment path
- You'll add the DeployHQ SSH key to that specific user's .ssh/authorized_keys file (as detailed in the next section)
Security recommendation: Using a non-root user helps limit the potential impact of security issues. Consider creating a dedicated deployment user with only the permissions needed for your deployments.
Now, the only missing step is adding your DeployHQ server key to your Hetzner Cloud server, so that DeployHQ's connection can be authenticated through SSH.
Adding your DeployHQ SSH key to your server
The SSH key process normally needs you to generate a new key pair, and store the key pair following the SSH requirements. In this case, however, the key pair is already generated by DeployHQ, so you just need to do the follow-up step, which is to store the public SSH key on your server.
You can find the public key in the Authentication section of your server configuration, under the Public Key tab. Alternatively, use the Setup Script tab for a ready-to-use shell command that installs the key automatically.
To install the key manually, follow these steps:
- Connect to your server's console.
- This can be done either through the Hetzner Cloud Console (using the web console), or through a regular SSH connection on your local terminal.
- Access the
.ssh/authorized_keysfile for the user you configured in DeployHQ (by default, this would be the root user) with a file editor, such asnanoorvi. Important: The SSH key must be added to the same user you specified in the DeployHQ server configuration. Each user on your server has their own.ssh/folder, located in their respective$HOMEpaths (e.g.,/home/username/.ssh/for regular users or/root/.ssh/for root). - Add your DeployHQ public key to the
authorized_keysfile in a new line. If needed, set your
authorized_keysand its.sshparent folder's permissions such that they're accessible. This step might only be needed on your first SSH configuration.chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys
Finishing up the configuration
Once this is done, go back to your DeployHQ server configuration page. Configure your Deployment Path and any Advanced Options such as atomic deployments, then click "Create server".
And you're done! Your Hetzner Cloud server is added to your DeployHQ server list, and you can start deploying as always.
Advanced Server Features
Your Hetzner Cloud server supports several advanced features that can enhance your deployment experience:
Zero-Downtime Deployments (Atomic Deployments)
Enable atomic deployments to ensure zero downtime during deployments. This feature creates a new release directory for each deployment and atomically switches a symlink once the deployment is complete, ensuring your live application is never interrupted.
Learn more about setting up zero-downtime deployments
Turbo Deployments (Accelerated Transfer)
Speed up your deployments by up to 90% using compressed TAR-based transfers instead of transferring individual files. This is particularly beneficial for projects with many small files.
Learn more about Turbo Deployments
Unlink Before Upload
This option removes files from the server before uploading new versions, which can help avoid issues with certain file systems or deployment scenarios. This setting is available in your server configuration under advanced options.