diff --git a/2405-hcloud/README.md b/2405-hcloud/README.md
new file mode 100644
index 0000000..14b75bc
--- /dev/null
+++ b/2405-hcloud/README.md
@@ -0,0 +1,81 @@
+# Automatisierte Nutzung der Hetzner Cloud
+
+Dieses Verzeichnis enthält die begleitenden Konfigurationsdateien und Befehle zum Artikel in der Ausgabe 05/24.
+
+## Dateien
+
+- [cloud-config.yaml](cloud-config.yaml)  
+  vollständige Konfiguration der Hetzner Cloud-Instanz
+- [firewall-config.json](firewall-config.json)  
+  Konfiguration der Firewall-Regeln für die Cloud-Instanz
+- [server-create.sh](server-create.sh)  
+  Shell-Skript zum Erstellen der Cloud-Instanz
+- [server-delete.sh](server-delete.sh)  
+  Shell-Skript zum Löschen der Cloud-Instanz
+- [server-init.sh](server-init.sh)  
+  Shell-Skript zum initialen Anlegen der IP-Adressen
+- [server-purge.sh](server-purge.sh)  
+  Shell-Skript zum finalen Entfernen der IP-Adressen
+- [server-reset.sh](server-reset.sh)  
+  Shell-Skript zum Neueinrichten der Cloud-Instanz
+
+## Befehle
+
+```bash
+# Im Projekt anmelden
+hcloud context create demo-project
+
+# In ein Projekt wechseln
+hcloud context use demo-project
+
+# Projekte auflisten
+hcloud context list
+
+# Permanente IPv4-Adresse anlegen
+hcloud primary-ip create \
+  --datacenter nbg1-dc3 \
+  --enable-protection delete \
+  --type ipv4 \
+  --name demo-ipv4
+
+# Permanente IPv6-Adresse anlegen
+hcloud primary-ip create \
+  --datacenter nbg1-dc3 \
+  --enable-protection delete \
+  --type ipv6 \
+  --name demo-ipv6
+
+# Firewall anlegen
+hcloud firewall create \
+  --name demo-firewall \
+  --rules-file firewall-config.json
+
+# Server anlegen
+hcloud server create \
+  --primary-ipv4 demo-ipv4 \
+  --primary-ipv6 demo-ipv6 \
+  --datacenter nbg1-dc3 \
+  --image debian-12 \
+  --name demo-server \
+  --ssh-key demo-ssh-key \
+  --type cx11 \
+  --firewall demo-firewall \
+  --user-data-from-file cloud-config.yaml
+
+# Server schützen
+hcloud server enable-protection \
+  demo-server delete rebuild
+
+# Schutz des Servers aufheben
+hcloud server disable-protection \
+  demo-server delete rebuild
+
+# Server herunterfahren
+hcloud server shutdown demo-server
+
+# Server löschen
+hcloud server delete demo-server
+
+# Firewall löschen
+hcloud firewall delete demo-firewall
+```
diff --git a/2405-hcloud/cloud-config.yaml b/2405-hcloud/cloud-config.yaml
new file mode 100644
index 0000000..dbd9e3a
--- /dev/null
+++ b/2405-hcloud/cloud-config.yaml
@@ -0,0 +1,74 @@
+#cloud-config
+timezone: Europe/Berlin
+
+apt_update: true
+apt_upgrade: false
+packages:
+- apparmor
+- binutils
+- ca-certificates
+- curl
+- gnupg
+- lsb-release
+- fail2ban
+- python3-systemd
+
+write_files:
+- content: |
+    [DEFAULT]
+    # Debian 12 has no log files, just journalctl
+    backend = systemd
+    # "bantime" is the number of seconds that a host is banned.
+    bantime  = 1d
+    # "maxretry" is the number of failures before a host get banned.
+    maxretry = 2
+    # A host is banned if it has generated "maxretry" during the last "findtime"
+    findtime  = 1h
+    [sshd]
+    enabled = true
+  path: /etc/fail2ban/jail.local
+- content: |
+    {
+      "ipv6": true,
+      "fixed-cidr-v6": "fd00:ffff::/80"
+    }
+  path: /etc/docker/daemon.json
+- content: |
+    [Unit]
+    Description=Docker Compose Demo Service
+    Requires=docker.service
+    After=docker.service
+
+    [Service]
+    Type=oneshot
+    RemainAfterExit=yes
+    WorkingDirectory=/root/demo
+    ExecStart=/usr/bin/docker compose up -d
+    ExecStop=/usr/bin/docker compose down
+    TimeoutStartSec=0
+
+    [Install]
+    WantedBy=multi-user.target
+  path: /etc/systemd/system/demo-compose.service
+- content: |
+    services:
+      nginx:
+        restart: unless-stopped
+        image: nginx
+        ports:
+          - "80:80/tcp"
+          - "80:80/udp"
+          - "443:443/tcp"
+          - "443:443/udp"
+  path: /root/demo/docker-compose.yaml
+
+runcmd:
+- timedatectl set-timezone Europe/Berlin
+- mkdir -p /etc/apt/keyrings
+- curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+- chmod a+r /etc/apt/keyrings/docker.gpg
+- echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
+- apt -y update
+- apt -y install docker-ce docker-ce-cli containerd.io docker-compose-plugin
+- systemctl enable demo-compose
+- reboot
diff --git a/2405-hcloud/firewall-config.json b/2405-hcloud/firewall-config.json
new file mode 100644
index 0000000..2c906e4
--- /dev/null
+++ b/2405-hcloud/firewall-config.json
@@ -0,0 +1,26 @@
+[
+  {
+    "description":"ssh",
+    "destination_ips":[],
+    "direction":"in",
+    "port":"22",
+    "protocol":"tcp",
+    "source_ips":["0.0.0.0/0","::/0"]
+  },
+  {
+    "description":"web",
+    "destination_ips":[],
+    "direction":"in",
+    "port":"80",
+    "protocol":"tcp",
+    "source_ips":["0.0.0.0/0","::/0"]
+  },
+  {
+    "description":"websecure",
+    "destination_ips":[],
+    "direction":"in",
+    "port":"443",
+    "protocol":"tcp",
+    "source_ips":["0.0.0.0/0","::/0"]
+  }
+]
diff --git a/2405-hcloud/server-create.sh b/2405-hcloud/server-create.sh
new file mode 100755
index 0000000..9c08dde
--- /dev/null
+++ b/2405-hcloud/server-create.sh
@@ -0,0 +1,5 @@
+set -e
+hcloud context use demo-project
+hcloud firewall create --name demo-firewall --rules-file firewall-config.json
+hcloud server create --primary-ipv4 demo-ipv4 --primary-ipv6 demo-ipv6 --datacenter nbg1-dc3 --image debian-12 --name demo-server --ssh-key demo-ssh-key --type cx11 --firewall demo-firewall --user-data-from-file cloud-config.yaml
+hcloud server enable-protection demo-server delete rebuild
diff --git a/2405-hcloud/server-delete.sh b/2405-hcloud/server-delete.sh
new file mode 100755
index 0000000..1b5ee88
--- /dev/null
+++ b/2405-hcloud/server-delete.sh
@@ -0,0 +1,6 @@
+set -e
+hcloud context use demo-project
+hcloud server disable-protection demo-server delete rebuild
+hcloud server shutdown demo-server
+hcloud server delete demo-server
+hcloud firewall delete demo-firewall
diff --git a/2405-hcloud/server-init.sh b/2405-hcloud/server-init.sh
new file mode 100755
index 0000000..9212c94
--- /dev/null
+++ b/2405-hcloud/server-init.sh
@@ -0,0 +1,4 @@
+set -e
+hcloud context use demo-project
+hcloud primary-ip create --datacenter nbg1-dc3 --enable-protection delete --type ipv4 --name demo-ipv4
+hcloud primary-ip create --datacenter nbg1-dc3 --enable-protection delete --type ipv6 --name demo-ipv6
diff --git a/2405-hcloud/server-purge.sh b/2405-hcloud/server-purge.sh
new file mode 100755
index 0000000..e5f83d9
--- /dev/null
+++ b/2405-hcloud/server-purge.sh
@@ -0,0 +1,6 @@
+set -e
+hcloud context use demo-project
+hcloud primary-ip disable-protection demo-ipv4
+hcloud primary-ip disable-protection demo-ipv6
+hcloud primary-ip delete demo-ipv4
+hcloud primary-ip delete demo-ipv6
diff --git a/2405-hcloud/server-reset.sh b/2405-hcloud/server-reset.sh
new file mode 100755
index 0000000..d2bdfaf
--- /dev/null
+++ b/2405-hcloud/server-reset.sh
@@ -0,0 +1,3 @@
+set -e
+./server-delete.sh
+./server-create.sh
diff --git a/README.md b/README.md
index 4168f1f..4e0b2cf 100644
--- a/README.md
+++ b/README.md
@@ -6,6 +6,8 @@ In diesem Repository findest du die Quelltexte und Konfigurationsbeispiele zu Ar
 
 - [Softwareprojekte selbst hosten mit Forgejo](2503-forgejo)  
   *Java aktuell 03/25*
+- [Automatisierte Nutzung der Hetzner Cloud](2405-hcloud)  
+  *Java aktuell 05/24*
 - [Web Components mit Polymer](1704-polymer)  
   *Java aktuell 04/17*