Install
VS Marketplace (recommended)
Hetzner Cloud Toolkit brings the Hetzner Cloud control panel into your editor. Create servers, manage networks, configure firewalls, attach volumes, balance load — all without leaving VS Code.
Features
🖥 Server Management
- View all servers with live status indicators (running, off, initializing)
- 7-step creation wizard — name, server type, OS image, SSH keys, network, cloud-init, review
- Power on / off / reboot from the context menu or server detail panel
- Delete with confirmation
- Root password shown in-editor when no SSH key is used
- Server Detail panel — specs, network info, labels, in-panel power/reboot/delete, SSH terminal launch
- Status polling — transient states (starting, stopping, rebuilding) auto-refresh the tree
🗂 Multi-Project Support
- Add as many Hetzner projects (API tokens) as you need
- Switch active project from the sidebar or status bar
- All tokens stored encrypted in VS Code's SecretStorage
🌐 Network Management
- View all private networks and their subnets
- Create networks inline — even from inside the server wizard
- Add subnets to existing networks
- Network Detail panel — view subnets and attached servers, delete subnets inline
- Delete networks with confirmation
🔥 Firewalls
- Create firewalls with a default rule set or empty
- Add and delete individual rules (inbound/outbound, protocol, port, IP ranges)
- Apply firewalls to servers or remove them
- Tailscale UDP 41641 rule offered automatically when a Tailscale key is configured
💾 Volumes
- Create block storage volumes (location list fetched live from API)
- Attach and detach volumes from servers
- Resize volumes
- Delete with confirmation
⚖️ Load Balancers
- Create load balancers (type, location, algorithm selection)
- Add and remove server targets — cross-location servers annotated with a warning
- Delete load balancers with confirmation
📦 Storage Boxes (Hetzner Robot)
- List storage boxes from your Hetzner Robot account
- Mount to servers via cloud-init injection
- Copy CIFS mount commands to clipboard
☁️ Cloud-init Template Library
- Save, load, and delete named cloud-init templates
- Stored in VS Code global state (no keychain size limits)
- Inject Tailscale auth key automatically as a
runcmd block
🔑 SSH Key Management
- View all SSH keys in your Hetzner project
- Add a key by selecting a
.pub file from ~/.ssh/
- Delete keys with confirmation
- Built-in SSH Key Generation Guide — step-by-step for Windows, macOS, WSL, and Linux/RHEL, including Ed25519 vs RSA explainer
🐟 Tailscale Auto-Install
- Set a Tailscale auth key once — stored securely in SecretStorage
- Toggle auto-injection in the server wizard
- Automatically appends the correct
runcmd block to your cloud-init
🚀 First-Use Onboarding
- SETUP panel guides you through: adding your API key, generating SSH keys, and configuring Tailscale
- Prompts the SSH key guide automatically when you add your first project
Getting Started
1. Get a Hetzner Cloud API Token
- Log in to console.hetzner.cloud
- Open your project → Security → API Tokens
- Click Generate API Token — give it Read & Write permissions
- Copy the token (shown only once)
- Open the Hetzner Cloud Toolkit sidebar (cloud icon in the Activity Bar)
- In SETUP, click Add Hetzner Project API Key
- Enter a project name and paste your token
- Your servers, networks, images, and SSH keys will load automatically
3. Create your first server
- In the SERVERS panel, click the + button or run
Hetzner Cloud Toolkit: Create Server
- Work through the 7-step wizard
- Your new server appears in the tree within seconds
Extension Settings
| Setting |
Default |
Description |
Hetzner Cloud Toolkit.tailscale.enableByDefault |
true |
Pre-check the Tailscale toggle in the server wizard |
Hetzner Cloud Toolkit.tailscale.extraArgs |
--accept-routes --ssh |
Extra arguments passed to tailscale up in cloud-init |
Requirements
- VS Code 1.85.0 or later
- A Hetzner Cloud account and API token
- No other dependencies — no Node modules are bundled at runtime
Privacy & Security
- API tokens are stored using VS Code's built-in
SecretStorage API (OS-level encrypted keychain — Windows Credential Manager, macOS Keychain, libsecret on Linux)
- No data is sent anywhere except directly to
api.hetzner.cloud and robot-ws.your-server.de (Robot API)
- The extension makes no telemetry calls
Contributing
Issues and PRs welcome at github.com/brwinnov/vscode-hetzner-cloud.
License
MIT © 2026 brwinnov
| |
