mysticaltech/terraform-hcloud-kube-hetzner v2.19.3

on GitHub

📋 v2.19.3 Patch Release

This is a patch release for the v2.19 series focused on upgrade-safe reliability fixes. It is intended to be backward-compatible and upgrade-safe from v2.19.2.

Patch fixes:

• Terraform Legacy Module Regression - Removed the child-module GitHub provider configuration that prevented callers from using count, for_each, or depends_on; release lookups now use unauthenticated HTTP requests instead (#2155).
• SSH Public Key Normalization - Trimmed trailing whitespace from SSH public keys to avoid Hetzner provider apply inconsistencies when users pass keys with file(...).
• NAT Router Validation - Made NAT router validations null-safe when nat_router = null (#2152, #2153).
• Autoscaler ZRAM Bootstrap - Fixed autoscaler nodes hanging in cloud-init when zram_size is configured (#2161, #2162).
• NAT Router Fail2ban - Fixed the Debian 12 SSH jail by applying journald/systemd backend support and starting/restarting fail2ban during NAT router provisioning (#2163).
• MicroOS Snapshot Growth - Reduced snapper timeline retention to avoid disk pressure on small nodes (#2167).
• Longhorn Volume Reconfiguration - Re-runs Longhorn volume setup on volume identity/size/path/fstype changes, grows filesystems correctly, and stores fstab entries by filesystem UUID instead of mutable Hetzner volume device IDs (#2174, #2180).
• System Upgrade Plans - Re-applies system-upgrade-controller Plans when system_upgrade_use_drain or system_upgrade_enable_eviction changes after initial provisioning (#2172).
• Control Plane LB Health Check - Added an explicit HTTPS /readyz health check for the control-plane load balancer while keeping the service TCP passthrough (#2176).
• Hetzner CSI Values Docs - Documented existing hetzner_csi_values support for custom CSI Helm values (#2168).
• Longhorn RWX Guidance - Documented the upstream Longhorn RWX/NFS 4.1 issue and the NFS 4.0 workaround (#2169).

Upgrade

module "kube-hetzner" {
  source  = "kube-hetzner/kube-hetzner/hcloud"
  version = "2.19.3"
}

terraform init -upgrade
terraform plan
terraform apply

Thanks

Thanks to @nacholiya, @acschm1d, @milesibastos, @stufently, and @amalysh for the upstream fixes that went into this patch train.

What's Changed

• v2.19.3 patch train by @mysticaltech in #2183
• Fix nat_router validation when variable is null by @nacholiya in #2153
• Fix zram.service autoscaler cloud-init deadlock by @acschm1d in #2162
• Fix NAT router fail2ban sshd jail on Debian 12 by @milesibastos in #2163
• Reduce snapper timeline limits to prevent disk fill by @stufently in #2167
• Trigger Longhorn filesystem resize on volume size change by @amalysh in #2174

New Contributors

• @nacholiya made their first contribution in #2153
• @acschm1d made their first contribution in #2162
• @milesibastos made their first contribution in #2163
• @stufently made their first contribution in #2167
• @amalysh made their first contribution in #2174

Full Changelog: v2.19.2...v2.19.3