docs: Dateien zum hcloud-Artikel in Ausgabe 05/24

2025-05-25 18:19:58 +02:00 · 2025-05-25 18:19:58 +02:00 · 4ea8e3e8c8
commit 4ea8e3e8c8
parent 18a465e5a0
9 changed files with 207 additions and 0 deletions
--- a/2405-hcloud/README.md
+++ b/2405-hcloud/README.md
@ -0,0 +1,81 @@
 # Automatisierte Nutzung der Hetzner Cloud
 Dieses Verzeichnis enthält die begleitenden Konfigurationsdateien und Befehle zum Artikel in der Ausgabe 05/24.
 ## Dateien
 - [cloud-config.yml](cloud-config.yml)  
  vollständige Konfiguration der Hetzner Cloud-Instanz
 - [firewall-config.json](firewall-config.json)  
  Konfiguration der Firewall-Regeln für die Cloud-Instanz
 - [server-create.sh](server-create.sh)  
  Shell-Skript zum Erstellen der Cloud-Instanz
 - [server-delete.sh](server-delete.sh)  
  Shell-Skript zum Löschen der Cloud-Instanz
 - [server-init.sh](server-init.sh)  
  Shell-Skript zum initialen Anlegen der IP-Adressen
 - [server-purge.sh](server-purge.sh)  
  Shell-Skript zum finalen Entfernen der IP-Adressen
 - [server-reset.sh](server-reset.sh)  
  Shell-Skript zum Neueinrichten der Cloud-Instanz
 ## Befehle
 ```bash
 # Im Projekt anmelden
 hcloud context create demo-project
 # In ein Projekt wechseln
 hcloud context use demo-project
 # Projekte auflisten
 hcloud context list
 # Permanente IPv4-Adresse anlegen
 hcloud primary-ip create \
  --datacenter nbg1-dc3 \
  --enable-protection delete \
  --type ipv4 \
  --name demo-ipv4
 # Permanente IPv6-Adresse anlegen
 hcloud primary-ip create \
  --datacenter nbg1-dc3 \
  --enable-protection delete \
  --type ipv6 \
  --name demo-ipv6
 # Firewall anlegen
 hcloud firewall create \
  --name demo-firewall \
  --rules-file firewall-config.json
 # Server anlegen
 hcloud server create \
  --primary-ipv4 demo-ipv4 \
  --primary-ipv6 demo-ipv6 \
  --datacenter nbg1-dc3 \
  --image debian-12 \
  --name demo-server \
  --ssh-key demo-ssh-key \
  --type cx11 \
  --firewall demo-firewall \
  --user-data-from-file cloud-config.yaml
 # Server schützen
 hcloud server enable-protection \
  demo-server delete rebuild
 # Schutz des Servers aufheben
 hcloud server disable-protection \
  demo-server delete rebuild
 # Server herunterfahren
 hcloud server shutdown demo-server
 # Server löschen
 hcloud server delete demo-server
 # Firewall löschen
 hcloud firewall delete demo-firewall
 ```
--- a/2405-hcloud/cloud-config.yaml
+++ b/2405-hcloud/cloud-config.yaml
@ -0,0 +1,74 @@
 #cloud-config
 timezone: Europe/Berlin
 apt_update: true
 apt_upgrade: false
 packages:
 - apparmor
 - binutils
 - ca-certificates
 - curl
 - gnupg
 - lsb-release
 - fail2ban
 - python3-systemd
 write_files:
 - content: |
    [DEFAULT]
    # Debian 12 has no log files, just journalctl
    backend = systemd
    # "bantime" is the number of seconds that a host is banned.
    bantime  = 1d
    # "maxretry" is the number of failures before a host get banned.
    maxretry = 2
    # A host is banned if it has generated "maxretry" during the last "findtime"
    findtime  = 1h
    [sshd]
    enabled = true
  path: /etc/fail2ban/jail.local
 - content: |
    {
      "ipv6": true,
      "fixed-cidr-v6": "fd00:ffff::/80"
    }
  path: /etc/docker/daemon.json
 - content: |
    [Unit]
    Description=Docker Compose Demo Service
    Requires=docker.service
    After=docker.service
    [Service]
    Type=oneshot
    RemainAfterExit=yes
    WorkingDirectory=/root/demo
    ExecStart=/usr/bin/docker compose up -d
    ExecStop=/usr/bin/docker compose down
    TimeoutStartSec=0
    [Install]
    WantedBy=multi-user.target
  path: /etc/systemd/system/demo-compose.service
 - content: |
    services:
      nginx:
        restart: unless-stopped
        image: nginx
        ports:
          - "80:80/tcp"
          - "80:80/udp"
          - "443:443/tcp"
          - "443:443/udp"
  path: /root/demo/docker-compose.yaml
 runcmd:
 - timedatectl set-timezone Europe/Berlin
 - mkdir -p /etc/apt/keyrings
 - curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
 - chmod a+r /etc/apt/keyrings/docker.gpg
 - echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
 - apt -y update
 - apt -y install docker-ce docker-ce-cli containerd.io docker-compose-plugin
 - systemctl enable demo-compose
 - reboot
--- a/2405-hcloud/firewall-config.json
+++ b/2405-hcloud/firewall-config.json
@ -0,0 +1,26 @@
 [
  {
    "description":"ssh",
    "destination_ips":[],
    "direction":"in",
    "port":"22",
    "protocol":"tcp",
    "source_ips":["0.0.0.0/0","::/0"]
  },
  {
    "description":"web",
    "destination_ips":[],
    "direction":"in",
    "port":"80",
    "protocol":"tcp",
    "source_ips":["0.0.0.0/0","::/0"]
  },
  {
    "description":"websecure",
    "destination_ips":[],
    "direction":"in",
    "port":"443",
    "protocol":"tcp",
    "source_ips":["0.0.0.0/0","::/0"]
  }
 ]
--- a/2405-hcloud/server-create.sh
+++ b/2405-hcloud/server-create.sh
@ -0,0 +1,5 @@
 set -e
 hcloud context use demo-project
 hcloud firewall create --name demo-firewall --rules-file firewall-config.json
 hcloud server create --primary-ipv4 demo-ipv4 --primary-ipv6 demo-ipv6 --datacenter nbg1-dc3 --image debian-12 --name demo-server --ssh-key demo-ssh-key --type cx11 --firewall demo-firewall --user-data-from-file cloud-config.yaml
 hcloud server enable-protection demo-server delete rebuild
--- a/2405-hcloud/server-delete.sh
+++ b/2405-hcloud/server-delete.sh
@ -0,0 +1,6 @@
 set -e
 hcloud context use demo-project
 hcloud server disable-protection demo-server delete rebuild
 hcloud server shutdown demo-server
 hcloud server delete demo-server
 hcloud firewall delete demo-firewall
--- a/2405-hcloud/server-init.sh
+++ b/2405-hcloud/server-init.sh
@ -0,0 +1,4 @@
 set -e
 hcloud context use demo-project
 hcloud primary-ip create --datacenter nbg1-dc3 --enable-protection delete --type ipv4 --name demo-ipv4
 hcloud primary-ip create --datacenter nbg1-dc3 --enable-protection delete --type ipv6 --name demo-ipv6
--- a/2405-hcloud/server-purge.sh
+++ b/2405-hcloud/server-purge.sh
@ -0,0 +1,6 @@
 set -e
 hcloud context use demo-project
 hcloud primary-ip disable-protection demo-ipv4
 hcloud primary-ip disable-protection demo-ipv6
 hcloud primary-ip delete demo-ipv4
 hcloud primary-ip delete demo-ipv6
--- a/2405-hcloud/server-reset.sh
+++ b/2405-hcloud/server-reset.sh
@ -0,0 +1,3 @@
 set -e
 ./server-delete.sh
 ./server-create.sh
--- a/README.md
+++ b/README.md
@ -6,6 +6,8 @@ In diesem Repository findest du die Quelltexte und Konfigurationsbeispiele zu Ar
 - [Softwareprojekte selbst hosten mit Forgejo](2503-forgejo)  
  *Java aktuell 03/25*
 - [Automatisierte Nutzung der Hetzner Cloud](2405-hcloud)  
  *Java aktuell 05/24*
 - [Web Components mit Polymer](1704-polymer)  
  *Java aktuell 04/17*