Hetzner Server Management
Hetzner服务器管理
Create and manage Hetzner Cloud servers using the
CLI.
使用
CLI创建和管理Hetzner Cloud服务器。
Prefer ARM (best value)
优先选择ARM机型(性价比最高)
hcloud server create
--name dev
--type cax21
--image ubuntu-24.04
--location nbg1
--ssh-key connorads
--ssh-key connor@penguin
hcloud server create
--name dev
--type cax21
--image ubuntu-24.04
--location nbg1
--ssh-key connorads
--ssh-key connor@penguin
hcloud server create
--name dev
--type cpx21
--image ubuntu-24.04
--location nbg1
--ssh-key connorads
--ssh-key connor@penguin
hcloud server create
--name dev
--type cpx21
--image ubuntu-24.04
--location nbg1
--ssh-key connorads
--ssh-key connor@penguin
IPv6-only (saves ~$0.60/month on IPv4)
仅IPv6(相比IPv4每月可节省约0.60美元)
hcloud server create
--name dev
--type cax21
--image ubuntu-24.04
--location nbg1
--ssh-key connorads
--ssh-key connor@penguin
--without-ipv4
hcloud server create
--name dev
--type cax21
--image ubuntu-24.04
--location nbg1
--ssh-key connorads
--ssh-key connor@penguin
--without-ipv4
With user-data (auto-run install script)
结合user-data使用(自动运行安装脚本)
Use heredoc - process substitution <(echo '...') escapes the shebang incorrectly
使用here文档 - 进程替换<(echo '...')会错误转译shebang
ssh connor@$(hcloud server ip dev) "cloud-init status"
ssh connor@$(hcloud server ip dev) "cloud-init status"
View recent installation logs
查看近期安装日志
ssh connor@$(hcloud server ip dev) "sudo journalctl -u cloud-final -n 50 --no-pager"
ssh connor@$(hcloud server ip dev) "sudo journalctl -u cloud-final -n 50 --no-pager"
Follow installation in real-time
实时跟踪安装过程
ssh connor@$(hcloud server ip dev) "sudo journalctl -u cloud-final -f"
ssh connor@$(hcloud server ip dev) "sudo journalctl -u cloud-final -f"
Check if tools are installed
检查工具是否已安装
ssh connor@$(hcloud server ip dev) "which zsh mise && echo $SHELL"
ssh connor@$(hcloud server ip dev) "which zsh mise && echo $SHELL"
With swap (recommended for production)
结合swap使用(生产环境推荐)
Ubuntu cloud images don't include swap by default. Add swap via cloud-init at creation:
Ubuntu云镜像默认不包含swap分区。可在创建服务器时通过cloud-init添加swap:
Create server with 16GB swap (1:1 ratio for 16GB RAM server)
创建带有16GB swap的服务器(16GB内存服务器推荐1:1比例)
hcloud server create
--name dev
--type cax33
--image ubuntu-24.04
--location nbg1
--ssh-key connorads
--ssh-key connor@penguin
--user-data-from-file - <<'EOF'
#cloud-config
swap:
filename: /swapfile
size: 16G
maxsize: 16G
EOF
**Recommended swap sizes:**
- 4GB RAM → 4-8GB swap
- 8GB RAM → 8GB swap
- 16GB+ RAM → 16GB swap (1:1 ratio)
**Add swap to existing server:**
```bash
hcloud server create
--name dev
--type cax33
--image ubuntu-24.04
--location nbg1
--ssh-key connorads
--ssh-key connor@penguin
--user-data-from-file - <<'EOF'
#cloud-config
swap:
filename: /swapfile
size: 16G
maxsize: 16G
EOF
**推荐swap大小:**
- 4GB内存 → 4-8GB swap
- 8GB内存 → 8GB swap
- 16GB及以上内存 → 16GB swap(1:1比例)
**为现有服务器添加swap:**
```bash
Create 16GB swap file
创建16GB swap文件
ssh connor@$(hcloud server ip dev) "sudo fallocate -l 16G /swapfile &&
sudo chmod 600 /swapfile &&
sudo mkswap /swapfile &&
sudo swapon /swapfile &&
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab"
ssh connor@$(hcloud server ip dev) "sudo fallocate -l 16G /swapfile &&
sudo chmod 600 /swapfile &&
sudo mkswap /swapfile &&
sudo swapon /swapfile &&
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab"
Verify swap is active
验证swap是否激活
ssh connor@$(hcloud server ip dev) "free -h"
ssh connor@$(hcloud server ip dev) "free -h"
ssh connor@$(hcloud server ip dev)
ssh connor@$(hcloud server ip dev)
hcloud server poweroff dev
hcloud server poweron dev
hcloud server reboot dev
hcloud server poweroff dev
hcloud server poweron dev
hcloud server reboot dev
Rebuild (reinstall OS, keeps IP)
重建服务器(重新安装系统,保留IP)
hcloud server rebuild dev --image ubuntu-24.04
hcloud server rebuild dev --image ubuntu-24.04
Server types (commonly used)
常用服务器类型
Prices in USD for EU regions (US regions ~20% higher):
| Type | Arch | vCPU | RAM | Disk | ~USD/mo |
|---|
| cax11 | ARM | 2 | 4GB | 40GB | $4.50 |
| cax21 | ARM | 4 | 8GB | 80GB | $8 |
| cax31 | ARM | 8 | 16GB | 160GB | $16 |
| cpx21 | x86 | 3 | 4GB | 80GB | $9 |
| cpx31 | x86 | 4 | 8GB | 160GB | $18 |
欧盟地区价格(美元计价,美国地区价格约高20%):
| 类型 | 架构 | vCPU | 内存 | 磁盘 | 约美元/月 |
|---|
| cax11 | ARM | 2 | 4GB | 40GB | $4.50 |
| cax21 | ARM | 4 | 8GB | 80GB | $8 |
| cax31 | ARM | 8 | 16GB | 160GB | $16 |
| cpx21 | x86 | 3 | 4GB | 80GB | $9 |
| cpx31 | x86 | 4 | 8GB | 160GB | $18 |
| ID | City | Country |
|---|
| fsn1 | Falkenstein | DE |
| nbg1 | Nuremberg | DE |
| hel1 | Helsinki | FI |
| ash | Ashburn | US |
| hil | Hillsboro | US |
| sin | Singapore | SG |
| ID | 城市 | 国家 |
|---|
| fsn1 | Falkenstein | 德国 |
| nbg1 | 纽伦堡 | 德国 |
| hel1 | 赫尔辛基 | 芬兰 |
| ash | 阿什本 | 美国 |
| hil | 希尔斯伯勒 | 美国 |
| sin | 新加坡 | 新加坡 |
hcloud ssh-key create --name mykey --public-key-from-file ~/.ssh/id_ed25519.pub
hcloud ssh-key create --name mykey --public-key-from-file ~/.ssh/id_ed25519.pub
hcloud image list --type system
hcloud image list --type system
hcloud image list --type system --architecture arm
hcloud image list --type system --architecture arm
Cloning GitHub repos (SSH agent forwarding)
克隆GitHub仓库(SSH代理转发)
Use the
SSH host (which has agent forwarding enabled) to clone private repos without copying keys to the server. If you hit host key errors, add GitHub's host key first.
使用
SSH主机配置(已启用代理转发)克隆私有仓库,无需将密钥复制到服务器。如果遇到主机密钥错误,请先添加GitHub的主机密钥。
First time only: add GitHub's host key
首次使用:添加GitHub的主机密钥
ssh dev "ssh-keyscan github.com >> ~/.ssh/known_hosts 2>/dev/null"
ssh dev "ssh-keyscan github.com >> ~/.ssh/known_hosts 2>/dev/null"
Confirm forwarded agent is visible
确认转发的代理可见
ssh dev-agent "ssh-add -l"
ssh dev-agent "ssh-add -l"
Clone with agent forwarding (use -agent suffix)
结合代理转发克隆仓库(使用-agent后缀)
ssh dev-agent "mkdir -p ~/git && cd ~/git && git clone git@github.com:you/repo.git"
ssh dev-agent "mkdir -p ~/git && cd ~/git && git clone git@github.com:you/repo.git"
Clone specific branch
克隆指定分支
ssh dev-agent "mkdir -p ~/git && cd ~/git && git clone git@github.com:you/repo.git && cd repo && git checkout branch-name"
ssh dev-agent "mkdir -p ~/git && cd ~/git && git clone git@github.com:you/repo.git && cd repo && git checkout branch-name"
Push/pull with agent forwarding
结合代理转发推送/拉取代码
ssh dev-agent "cd repo && git push"
For interactive sessions (e.g., lazygit):
```bash
ssh dev-agent
ssh dev-agent "cd repo && git push"
对于交互式会话(如lazygit):
```bash
ssh dev-agent
Then on server: git clone/push/pull works with forwarded agent
然后在服务器上:git克隆/推送/拉取可通过转发的代理正常工作
After creating a server, always clear any old host keys for that IP (Hetzner reuses IPs):
bash
ssh-keygen -R $(hcloud server ip dev) 2>/dev/null
ssh-keyscan $(hcloud server ip dev) >> ~/.ssh/known_hosts 2>/dev/null
Then add/update
with two profiles:
创建服务器后,务必清除该IP对应的旧主机密钥(Hetzner会复用IP):
bash
ssh-keygen -R $(hcloud server ip dev) 2>/dev/null
ssh-keyscan $(hcloud server ip dev) >> ~/.ssh/known_hosts 2>/dev/null
Hetzner <name> - no agent forwarding (safe for AI agents)
Hetzner <name> - 无代理转发(对AI Agent更安全)
Host <name>
HostName <ip-address>
User connor
ForwardAgent no
Host <name>
HostName <ip-address>
User connor
ForwardAgent no
Hetzner <name> - with agent forwarding (for git push/pull)
Hetzner <name> - 带代理转发(用于GitHub推送/拉取)
Host <name>-agent
HostName <ip-address>
User connor
ForwardAgent yes
- Get IP: `hcloud server ip <name>`
- If entry exists, update the HostName in both profiles
- Default profile (`<name>`) has no agent forwarding - safer for AI agents
- Use `<name>-agent` when you need to push/pull to GitHub
- This enables VS Code Remote-SSH to show the server in the dropdown
Host <name>-agent
HostName <ip-address>
User connor
ForwardAgent yes
- 获取IP:`hcloud server ip <name>`
- 如果已有配置条目,更新两个配置中的HostName
- 默认配置(`<name>`)无代理转发 - 对AI Agent更安全
- 当需要向GitHub推送/拉取代码时使用`<name>-agent`
- 此配置可让VS Code远程SSH在下拉列表中显示该服务器
- ARM (cax*) servers are best value for dev work
- IPv6-only saves money but requires Tailscale/cloudflared for access from IPv4 networks
- User-data runs as root on first boot
- The dotfiles install.sh handles creating user , installing Nix, home-manager, and mise tools
- ARM(cax*)机型是开发工作的高性价比选择
- 仅IPv6配置可节省成本,但需要通过Tailscale/cloudflared从IPv4网络访问
- User-data在首次启动时以root身份运行
- dotfiles的install.sh脚本负责创建connor用户、安装Nix、home-manager和mise工具