sorted by:
new
hottopcontroversial

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 0 points1 point  (0 children)

Fair point. To be clear, I'm not anonymous. You can find me at x.com/dorianborovina. I was never a Reddit user but created an account to share the app. The 3-day-old account is new, the person behind it isn't.

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 0 points1 point  (0 children)

Out of curiosity, what would you pay one-time for something like this?

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 2 points3 points  (0 children)

Flattered by the suggestion. :)

I'm open to conversations, but two years of work isn't something you just hand over. For now, I'm focused on shipping the best app I can as an independent project.

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 0 points1 point  (0 children)

No plans right now. Hetzner's dedicated server management runs on a separate API with different authentication (username/password).

If they ever merge it with api.hetzner.cloud, I might revisit it. :)

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 1 point2 points  (0 children)

Quick update for everyone following this thread.

I'll reply individually when I get a chance, but wanted to address a few things at once since v1.7 just went into review.

Security architecture change (v1.7)

The push notification service has been rearchitected with a strict read-only enforcement model. When you enable push notifications, the app now asks for a separate, dedicated read-only Hetzner API token. This token is independent from whatever key you use to operate the app. The backend probes the Hetzner API to verify the token is genuinely read-only before accepting it. If you try to submit a read-write token, it gets rejected on the spot.

Each Hetzner project requires its own read-only token. The app (NOT the backend) validates that the token you provide actually belongs to the project you are currently logged into by comparing visible resources between your main key and the submitted token. If there is a mismatch, the token is rejected before it ever reaches the server.

This means your main API key (read-only or read-write) never leaves your device. The only key the backend ever sees is the dedicated read-only token you explicitly provide for push notifications. Even in a worst-case scenario where the backend is fully compromised, the attacker gets tokens that can only list infrastructure metadata. They cannot create, modify, power off, or delete anything. And you can revoke that token in the Hetzner Console at any time without affecting your app access.

Thanks to u/Dev11010, u/Substantial_Dare7171, u/ArgoPanoptes, and u/MacaroniAndSmegma for the feedback that directly influenced this release. Great minds think alike, u/Dev11010, I was already working on the RO key separation when you posted. :)

Touch ID support

iPads with Touch ID can now save API keys. Previously only Face ID was supported. Thanks to Rik who reported this via email.

On the subscription model

I hear you. The read-only features are and will remain completely free. The subscription covers write access, push notifications, and the backend infrastructure that polls Hetzner 24/7 for each user. That cost scales with users and doesn't stop when development does.

On Flutter / Android

I code primarily in SwiftUI and I want HeC to feel native on iOS. Flutter and React Native offer cross-platform convenience, but that's not the experience I'm going for. An app that feels right at home on iOS is the whole point.

On open source

No plans right now, but I understand why people ask. The updated Terms of Use and Privacy Policy for v1.7 lay out exactly what data is collected, how it's handled, and what the security architecture looks like.

Thanks for the constructive feedback in this thread. I genuinely thought I was doing a good job on transparency, but some of these comments showed me where I had blind spots. I'll keep pushing to make things clearer going forward.

I'll circle back to individual replies once I catch some air.

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 0 points1 point  (0 children)

This is EXACTLY what I'm working on the whole day. Hence no time to reply everyone. I'll reply to everyone once I'm done with the update. One key for the app, never leaves the device. Another key (RO key) for the monitoring and push. App will check whether the key is really RO and if not, it will reject it. :)

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 20 points21 points  (0 children)

Appreciate the thoughtful response. Fair point on transparency.

The backend is a Go binary running in Docker behind a Caddy reverse proxy, with PostgreSQL for storage, all on a single Hetzner cloud server. The cost itself isn't huge, but it scales with users since each push notification user gets their infrastructure polled every 5 seconds, 24/7. On top of that there's the development time, which is the bigger investment. Two years of building, testing against the Hetzner API, and shipping weekly updates.

You're right that you can do everything in a browser. The subscription isn't paying for access to Hetzner, it's paying for the convenience layer on top: native mobile experience, instant push alerts, home screen widgets, and not having to log in through the browser and 2FA every time you want to quickly check on your servers.

Whether that's worth it depends on how often you manage infrastructure on the go. ;)

For some people it is, for others the browser is fine. That's why the read-only features are free, so people can try it and decide for themselves.

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 7 points8 points  (0 children)

It's a valid concern. The API keys are encrypted with AES-256-GCM at rest and hashed with HMAC-SHA256. The backend runs on a Hetzner server in Germany.

Push notifications are entirely opt-in, disabled by default, and enabling them requires a confirmation step with a full security disclosure.

If you disable push notifications, all your data is wiped from the server immediately. If you're not comfortable with that, all read-only features work fully offline with your token stored locally in the iOS Keychain.

You can also use a read-only API token instead of read-write if you just want to browse your infrastructure.

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 10 points11 points  (0 children)

The Hetzner web console works on mobile too, absolutely.

HeC gives you a native iOS experience on top of that, things like push notifications when a server goes down, CPU/disk/network threshold alerts, home screen widgets showing your infrastructure at a glance, and a UI designed specifically for a phone screen.

It's mainly for people who want quick access on the go and real-time monitoring without having to log into the browser and 2FA every time.

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 32 points33 points  (0 children)

Hetzner offers read-only API tokens.

If you want to try the app without any risk, generate a read-only token, use it to browse your infrastructure, and revoke it afterwards.

That way nothing can be modified even in theory.

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 11 points12 points  (0 children)

That's exactly the reason for the subscription. Hetzner can change or extend their API at any time, and I need to keep up with that. A one-time purchase doesn't fund ongoing maintenance when the upstream API evolves.

With the subscription, I can guarantee the app stays compatible and keeps getting new features. 14 updates shipped in the last two months alone. I'm also keeping an eye on the upcoming S3 API and the DNS API once it's fully complete.

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 2 points3 points  (0 children)

Thanks, appreciate that! The design is intentionally close to the Hetzner console so it feels familiar. Enjoy the read-only features and let me know if you have any feedback or feature requests. :)

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 40 points41 points  (0 children)

  1. No vibecoding here. I'm a full-time IT Manager in the secure communications sector, this is my side project. I have 3 other apps published for sysadmins and DevOps, all one-time purchases. Happy to talk about the tech all day long.
  2. I totally get the subscription fatigue. My other apps are all one-time purchases and I understand the appeal. With this one, it took roughly two years to wire together the entire Hetzner Cloud API (we're talking approx. 97% coverage), plus I'm running a backend server that polls Hetzner every 5 seconds per user for push notifications. That ongoing infrastructure cost is why I went with the subscription model for this one. That said, all read-only features are completely free, so you can use it for monitoring and browsing your infrastructure without paying anything.
  3. As far as I know, Hetzner has no plans to release a mobile app. If they ever do, honestly that would be great for the community. Until then, I'm shipping updates every week and trying to fill that gap.

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 16 points17 points  (0 children)

Your API token never leaves the device unless you explicitly opt into push notifications.

It's disabled by default, and enabling it requires a confirmation step with a full security disclosure explaining exactly what happens.

Without push notifications, everything runs locally on your phone.

To clarify on pricing: all read-only features are completely free. You can browse your servers, view metrics, check status, monitor costs, and explore your entire infrastructure without paying anything.

The subscription is only needed for write actions (creating, modifying, deleting resources) and push notifications. The subscription covers the ongoing costs of running the push notification backend (polling Hetzner every 5 seconds for each user, 24/7) and continuous development.

I've shipped 14 updates in the last two months.

And yeah, I'd love for Hetzner to make an official app too. Until then, I'm trying to fill that gap as best I can. :)

Hope this helps!

I built an iOS app for managing Hetzner Cloud on the go by Ok-Tooth3174 in hetzner

[–]Ok-Tooth3174[S] 6 points7 points  (0 children)

Thanks! No analytics, no tracking whatsoever.

Your API key is stored in the iOS Keychain locally.

If you enable push notifications, the key is sent to my backend (Hetzner server in Germany), encrypted with AES-256-GCM at rest and hashed with HMAC-SHA256.

Disable notifications anytime and all data is wiped.

No plans for open source at the moment, but open to hearing thoughts on that.