oci-homelab

Oracle Cloud Infrastructure (OCI) has a generous free option for ARM64 based instances - 4 CPUs with 24 GB memory (and more - for details see Always Free Resources docs).

This repo contains Terraform plan that builds the infrastructure matching free resource limits with an emphasis on basic security principles:

• Instance is not exposed to the internet - stays behind NAT with only egress traffic allowed
• Automated Wireguard client setup

The main goal for this project is an ultimate self hosted homelab setup with site-to-site VPN based on Cloudflare WARP-to-WARP using vanilla Wireguard with warp.sh.
At least it's what I did 😉

usage

oci

account

1. Create an account
   Sign up for an Oracle Cloud account here. You will need to provide credit card details for verification (Oracle will charge and immediately reverse a $100 fee).

2. Upgrade to PAYG
   Convert your account to Pay As You Go (PAYG) as described here. You won't be charged as long as you stay within the Free Tier limits.

3. Set Governance Rules
   Optionally, set Governance Rules to enforce limits on main resources. See this Reddit post for guidance.

debian

Since OCI doesn't offer any rolling-release Linux distro image, I've decided to use Debian Sid. Latest image is always available here.

QCOW2 images can be easily imported to OCI by uploading them to Object Storage - for a step by step guide, check out the docs.

terraform

1. Clone the repository and prepare configuration file:

   git clone https://github.com/b0ch3nski/oci-homelab.git
   cd oci-homelab
   cp terraform.tfvars.example terraform.tfvars

2. Edit and customize terraform.tfvars file.

   Start with oci_connection block - fill it accordingly to the official instruction.

3. Initialize Terraform environment:

   terraform init

4. Create and review a plan:

   terraform plan -out=oci_homelab.tfplan

5. Build infrastructure by applying the plan:

   terraform apply oci_homelab.tfplan