yxtay · yxtay · May 30, 2026 · May 29, 2026 · May 29, 2026 · May 29, 2026
@@ -26,3 +26,13 @@ submitting changes.
 - Commits should follow conventional commits style.
 - Formatting is enforced via pre-commit hooks for YAML, Shell scripts (shfmt),
   and Markdown.
+
+## Infrastructure Initialization
+
+- **Cloud-init**: The instance initialization is handled via
+  `oci-rm/templates/cloud-init.yaml`.
+- **Terraform Fallback**: `oci-rm/compute.tf` is configured to automatically
+  use the `cloud-init.yaml` template if the `user_data` variable is left
+  empty.
+- **Networking**: `iptables` is used for port management instead of `ufw` to
+  ensure compatibility with Docker networking.
@@ -50,8 +50,8 @@ All variables have sensible defaults. Required inputs:
 
 - **Compartment** — target OCI compartment
 - **SSH Public Key** — key for instance access
-- **Cloud-init Script** (optional) — paste `scripts/init.sh` to auto-install
-  Dokploy. This will be wrapped in a structured cloud-config.
+- **Cloud-init Configuration** (optional) — paste `oci-rm/templates/cloud-init.yaml`
+  to customize the instance setup. Defaults to the provided template.
 
 ### Deploy via OCI Console (recommended)
 
@@ -102,49 +102,33 @@ watch -n 600 bash scripts/oci-rm-stack-apply.sh
 */10 * * * * STACK_ID=<stack-ocid> /path/to/scripts/oci-rm-stack-apply.sh
 ```
 
-## Dokploy Setup on OCI
+## Docker Setup on OCI
 
-This repository includes a script to automate the setup of Dokploy on an Oracle
-Cloud Infrastructure (OCI) Ubuntu instance.
+This repository includes a cloud-init configuration to automate the setup of a
+Docker-ready Ubuntu instance on Oracle Cloud Infrastructure (OCI).
 
-### Initialization Script
+### Cloud-init Configuration
 
-The `scripts/init.sh` script performs the following actions:
+The `oci-rm/templates/cloud-init.yaml` configuration performs the following actions:
 
 1. Updates and upgrades system packages.
-2. Configures `iptables` to allow traffic on essential ports:
-    - **80 (TCP)**: HTTP traffic.
-    - **443 (TCP/UDP)**: HTTPS traffic.
-    - **3000 (TCP)**: Dokploy Dashboard.
-3. Ensures `iptables` rules are persistent across reboots using
-`iptables-persistent`.
-4. Installs Dokploy if it is not already present, or updates it if it is.
+1. Configures `iptables` to allow traffic on essential ports:
+    - **80 (TCP)**: HTTP.
+    - **443 (TCP/UDP)**: HTTPS (including HTTP/3).
+    - **9443 (TCP)**: Portainer (to be added later).
+1. Installs Docker using the official `get.docker.com` script.
+1. Adds the `ubuntu` user to the `docker` group.
+1. Reboots to apply all changes.
 
 ### Usage
 
 #### As Cloud-init User Data
 
-When creating a new OCI instance, you can provide the contents of
-`scripts/init.sh` as the **Cloud-init script** (User Data) to automate the
-entire setup process.
+When creating a new OCI instance, the Terraform stack automatically uses
+the template. You can also manually provide the contents of
+`oci-rm/templates/cloud-init.yaml` as the **Cloud-init script** (User Data).
 
-#### Manual Execution
+#### Portainer
 
-You can also run the script manually on an existing Ubuntu instance:
-
-```bash
-sudo ./scripts/init.sh
-```
-
-### Managing Deployments with Dokploy
-
-Once Dokploy is installed, you can access the dashboard at
-`http://<your-instance-ip>:3000`.
-
-Dokploy allows you to easily manage and deploy:
-
-- **Docker Compose Stacks**: Deploy complex multi-container applications by
-providing your `docker-compose.yml` directly in the Dokploy interface.
-- **Applications**: Deploy web applications from GitHub, GitLab, or Bitbucket.
-- **Databases**: Easily provision and manage PostgreSQL, MySQL, MongoDB, and
-Redis instances.
+Portainer will be added in a future update to manage your containers easily via
+a web interface.
@@ -5,7 +5,7 @@ data "oci_identity_availability_domain" "ad" {
 
 data "oci_core_images" "instance_image" {
   compartment_id           = var.compartment_ocid
-  operating_system         = var.instance_image_os
+  operating_system         = "Canonical Ubuntu"
   operating_system_version = var.instance_image_os_version
   shape                    = "VM.Standard.A1.Flex"
   sort_by                  = "TIMECREATED"
@@ -14,7 +14,7 @@ data "oci_core_images" "instance_image" {
   lifecycle {
     postcondition {
       condition     = length(self.images) > 0
-      error_message = "No images found for ${var.instance_image_os} ${var.instance_image_os_version} with shape VM.Standard.A1.Flex in this region/compartment."
+      error_message = "No images found for Canonical Ubuntu ${var.instance_image_os_version} with shape VM.Standard.A1.Flex in this region/compartment."
     }
   }
 }
@@ -44,8 +44,8 @@ resource "oci_core_instance" "instance" {
     boot_volume_size_in_gbs = var.boot_volume_size_in_gbs
   }
 
-  metadata = merge(
-    { ssh_authorized_keys = var.ssh_public_key },
-    var.user_data != "" ? { user_data = base64encode(var.user_data) } : {}
-  )
+  metadata = {
+    ssh_authorized_keys = var.ssh_public_key
+    user_data           = base64encode(var.user_data != "" ? var.user_data : file("${path.module}/templates/cloud-init.yaml"))
+  }
 }
@@ -1,3 +1,3 @@
 locals {
-  ssh_username = var.instance_image_os == "Canonical Ubuntu" ? "ubuntu" : "opc"
+  ssh_username = "ubuntu"
 }
@@ -19,9 +19,8 @@ variableGroups:
       - instance_memory_in_gbs
       - boot_volume_size_in_gbs
 
-  - title: "Operating System Selection"
+  - title: "Operating System"
     variables:
-      - instance_image_os
       - instance_image_os_version
 
   - title: "Access and Automation"
@@ -100,26 +99,14 @@ variables:
     default: 200
     required: true
 
-  instance_image_os:
-    type: enum
-    title: "Operating System"
-    description: "The operating system to install on the instance."
-    enum:
-      - "Canonical Ubuntu"
-      - "Oracle Linux"
-    default: "Canonical Ubuntu"
-    required: true
-
   instance_image_os_version:
     type: enum
     title: "OS Version"
-    description: "Ubuntu: 24.04, 22.04, 20.04 | Oracle Linux: 9, 8"
+    description: "Ubuntu version"
     enum:
       - "24.04"
       - "22.04"
       - "20.04"
-      - "9"
-      - "8"
     default: "24.04"
     required: true
 
@@ -138,11 +125,10 @@ variables:
 
   user_data:
     type: text
-    title: "Cloud-init Script (User Data)"
-    description: "Optional bash script to run on first boot. The script will be wrapped in a cloud-config runcmd."
+    title: "Cloud-init Configuration"
+    description: "Cloud-init configuration in YAML format (defaults to templates/cloud-init.yaml)."
     required: false
     default: ""
-
   vcn_display_name:
     type: string
     title: "VCN Name"
@@ -167,8 +153,8 @@ variables:
   tcp_ingress_ports:
     type: string
     title: "TCP Ingress Ports"
-    description: "Comma-separated list of TCP ports to allow ingress (e.g., 80,443,3000)."
-    default: "80,443,3000"
+    description: "Comma-separated list of TCP ports to allow ingress (e.g., 80,443,9443)."
+    default: "80,443,9443"
     required: false
 
   udp_ingress_ports:

@@ -0,0 +1,26 @@
+#cloud-config
+package_update: true
+package_upgrade: true
+
+packages:
+  - curl
+  - iptables-persistent
+
+runcmd:
+  # Configure iptables
+  - [iptables, -I, INPUT, "1", -p, tcp, --dport, "80", -j, ACCEPT]
+  - [iptables, -I, INPUT, "1", -p, tcp, --dport, "443", -j, ACCEPT]
+  - [iptables, -I, INPUT, "1", -p, udp, --dport, "443", -j, ACCEPT]
+  - [iptables, -I, INPUT, "1", -p, tcp, --dport, "9443", -j, ACCEPT]
+  - [netfilter-persistent, save]
+
+  # Install Docker
+  - [curl, -fsSL, "https://get.docker.com", -o, /tmp/get-docker.sh]
+  - [sh, /tmp/get-docker.sh]
+  - [usermod, -aG, docker, ubuntu]
+  - [rm, /tmp/get-docker.sh]
+
+power_state:
+  mode: reboot
+  message: Rebooting after cloud-init setup
+  condition: true
@@ -63,25 +63,14 @@ variable "boot_volume_size_in_gbs" {
   }
 }
 
-variable "instance_image_os" {
-  type        = string
-  description = "Operating system"
-  default     = "Canonical Ubuntu"
-
-  validation {
-    condition     = contains(["Canonical Ubuntu", "Oracle Linux"], var.instance_image_os)
-    error_message = "instance_image_os must be 'Canonical Ubuntu' or 'Oracle Linux'."
-  }
-}
-
 variable "instance_image_os_version" {
   type        = string
-  description = "OS version (Ubuntu: 22.04, 20.04 | Oracle Linux: 9, 8)"
+  description = "Ubuntu OS version"
   default     = "24.04"
 
   validation {
-    condition     = contains(["24.04", "22.04", "20.04", "9", "8"], var.instance_image_os_version)
-    error_message = "instance_image_os_version must be one of: 24.04, 22.04, 20.04, 9, 8."
+    condition     = contains(["24.04", "22.04", "20.04"], var.instance_image_os_version)
+    error_message = "instance_image_os_version must be one of: 24.04, 22.04, 20.04."
   }
 }
 
@@ -104,7 +93,7 @@ variable "ssh_source_cidr" {
 variable "tcp_ingress_ports" {
   type        = string
   description = "Comma-separated list of TCP ports to allow ingress"
-  default     = "80,443,3000"
+  default     = "80,443,9443"
 
   validation {
     condition     = alltrue([for p in compact(split(",", replace(var.tcp_ingress_ports, " ", ""))) : can(tonumber(p)) && tonumber(p) >= 1 && tonumber(p) <= 65535])
@@ -125,7 +114,7 @@ variable "udp_ingress_ports" {
 
 variable "user_data" {
   type        = string
-  description = "Cloud-init script to run on first boot (paste contents of scripts/init.sh to auto-install Dokploy)"
+  description = "Cloud-init configuration to run on first boot (defaults to templates/cloud-init.yaml)"
   default     = ""
 }