Skip to content

Terraform project that deploys VSCode Server on Oracle Cloud Infrastructure (free tier) and protect the access with Cloudflare Zero Trust (optional) or an SSH tunnel

License

Notifications You must be signed in to change notification settings

timoa/terraform-oci-vscode-server

Repository files navigation

Deploy VSCode Server on OCI with Terraform

Latest Release Build Status License

Diagram VSCode hosted on OCI with CloudFlare Access (zero trust)

Terraform project that deploys VSCode Server on Oracle Cloud Infrastructure using only the free tier.

WARNING: This project is currently under active development. Please check back later.

The challenge

Goal

Deploy a free and easy maintenable VSCode Server.

Limitations

Currently, Oracle Cloud Free tier provides great performance (4vCPU ARM based, 24GB of RAM, and 200GB of storage), but:

  • The instances are preemptible, which means that they can be terminated at any time
  • We can't create custom images (with Packer for ex.), so we have to install VSCode Server and other dependencies at boot time
  • Can be hard to find an OCI datacenter that still has available capacity

Use cases

  • Code from any computer with your VSCode and your tools without any install
  • Code from your tablet or slow computer with a remote VSCode Server
  • Onboard a new team member without spending the first days configuring VSCode and other tools on their computer

How to start

Create an OCI account

Signup for a free OCI account here.

If you're new to Oracle Cloud Infrastructure, you need to the following:

  • Tenant: kind of an account, like a company or an organization
  • Compartment: it's a isolated area to deploy a project or an environment (similar a GCP project).

I recommend to create a new compartment for deploying VSCode Server, that way you will be able to use share free tier resource for a different project or rebuild from scratch a new VSCode Server instead of using the default compartment.

Configure the OCI authentication

Deploy the VSCode Server instance

Access to VSCode Server from your browser

Create a Cloudflare acount (optional)

Signup for a free Cloudflare account here.

Configure the Cloudflare Zero Trust (optional)

TODO

  • Create the custom VCN (VPC)
  • Get the latest Ubuntu image automatically
  • Create the block volume for /data (100GB)
  • Attach the block volume to the instance
  • Create the instance on free tier (4 vCPU, 24GB memory)
  • Configure the instance and install VSCode Server with Cloud Init
  • Create automatically the SSH key pair
  • Mount and format the block volume on /data
  • Restrict SSH and VS Code port access
  • Configure backups of the block volume only
  • Configure Cloudflare Access (ZeroTrust) to secure the instance access
  • Install dependencies/tools on the data volume to speed up the provisioning
  • Create dynamically an Ansible Vault to save the sensitive data used by Ansible
  • Encrypt the block volume with a KMS key
  • Write the documentation for the manual steps (Oracle Cloud Infrastructure & Cloudflare accounts, etc.)
  • Explain how to avoid the "Out of Host capacity" error on Oracle Cloud Infrastructure

Known issues

  • [bug] Optional dependencies install are executed in parallel and can fail (dpkg lock) (#11)
  • [bug] Inconsistent mounting of the /data volume (#12)
  • [bug] Interactive terminal during Ansible run due to the SSH Host to allow (#13)