├── providers.tf ├── doc ├── dokploy-logo.webp └── dokploy-screenshot.png ├── helper.tf ├── .gitignore ├── output.tf ├── locals.tf ├── bin ├── dokploy-worker.sh └── dokploy-main.sh ├── variables.tf ├── network.tf ├── README.md └── main.tf /providers.tf: -------------------------------------------------------------------------------- 1 | provider "oci" {} 2 | -------------------------------------------------------------------------------- /doc/dokploy-logo.webp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/statickidz/dokploy-oci-free/HEAD/doc/dokploy-logo.webp -------------------------------------------------------------------------------- /doc/dokploy-screenshot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/statickidz/dokploy-oci-free/HEAD/doc/dokploy-screenshot.png -------------------------------------------------------------------------------- /helper.tf: -------------------------------------------------------------------------------- 1 | # Random resource ID 2 | resource "random_string" "resource_code" { 3 | length = 5 4 | special = false 5 | upper = false 6 | } 7 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | **/.terraform 2 | # .tfstate files 3 | *.tfstate 4 | *.tfstate.* 5 | *.plan 6 | .DS_Store 7 | .history 8 | .vscode/ 9 | .env 10 | .ssh 11 | **/node_modules/ 12 | .terraform.lock.hcl -------------------------------------------------------------------------------- /output.tf: -------------------------------------------------------------------------------- 1 | output "dokploy_dashboard" { 2 | value = "http://${oci_core_instance.dokploy_main.public_ip}:3000/ (wait 3-5 minutes to finish Dokploy installation)" 3 | } 4 | 5 | output "dokploy_worker_ips" { 6 | value = [for instance in oci_core_instance.dokploy_worker : "${instance.public_ip} (use it to add the server in Dokploy Dashboard)"] 7 | } 8 | -------------------------------------------------------------------------------- /locals.tf: -------------------------------------------------------------------------------- 1 | # Instance config 2 | locals { 3 | instance_config = { 4 | is_pv_encryption_in_transit_enabled = true 5 | ssh_authorized_keys = var.ssh_authorized_keys 6 | shape = var.instance_shape 7 | shape_config = { 8 | memory_in_gbs = var.memory_in_gbs 9 | ocpus = var.ocpus 10 | } 11 | source_details = { 12 | source_id = var.source_image_id 13 | source_type = "image" 14 | } 15 | availability_config = { 16 | recovery_action = "RESTORE_INSTANCE" 17 | } 18 | instance_options = { 19 | are_legacy_imds_endpoints_disabled = false 20 | } 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /bin/dokploy-worker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Add ubuntu SSH authorized keys to the root user 4 | mkdir -p /root/.ssh 5 | cp /home/ubuntu/.ssh/authorized_keys /root/.ssh/ 6 | chown root:root /root/.ssh/authorized_keys 7 | chmod 600 /root/.ssh/authorized_keys 8 | 9 | # Add ubuntu user to sudoers 10 | echo "ubuntu ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers 11 | 12 | # OpenSSH 13 | apt install -y openssh-server 14 | systemctl status sshd 15 | 16 | # Permit root login 17 | sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config 18 | systemctl restart sshd 19 | 20 | # Allow Docker Swarm traffic 21 | ufw allow 80,443,3000,996,7946,4789,2377/tcp 22 | ufw allow 7946,4789,2377/udp 23 | 24 | iptables -I INPUT 1 -p tcp --dport 2377 -j ACCEPT 25 | iptables -I INPUT 1 -p udp --dport 7946 -j ACCEPT 26 | iptables -I INPUT 1 -p tcp --dport 7946 -j ACCEPT 27 | iptables -I INPUT 1 -p udp --dport 4789 -j ACCEPT 28 | 29 | # Reorder FORWARD chain rules: 30 | # Remove the default REJECT rule (ignore error if not found) 31 | iptables -D FORWARD -j REJECT --reject-with icmp-host-prohibited || true 32 | # Append the REJECT rule at the end so that Docker rules can be matched first 33 | iptables -A FORWARD -j REJECT --reject-with icmp-host-prohibited 34 | 35 | netfilter-persistent save -------------------------------------------------------------------------------- /bin/dokploy-main.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Add ubuntu SSH authorized keys to the root user 4 | mkdir -p /root/.ssh 5 | cp /home/ubuntu/.ssh/authorized_keys /root/.ssh/ 6 | chown root:root /root/.ssh/authorized_keys 7 | chmod 600 /root/.ssh/authorized_keys 8 | 9 | # Add ubuntu user to sudoers 10 | echo "ubuntu ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers 11 | 12 | # OpenSSH 13 | apt install -y openssh-server 14 | systemctl status sshd 15 | 16 | # Permit root login 17 | sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config 18 | systemctl restart sshd 19 | 20 | # Install Dokploy 21 | curl -sSL https://dokploy.com/install.sh | sh 22 | 23 | # Allow Docker Swarm traffic 24 | ufw allow 80,443,3000,996,7946,4789,2377/tcp 25 | ufw allow 7946,4789,2377/udp 26 | 27 | iptables -I INPUT 1 -p tcp --dport 2377 -j ACCEPT 28 | iptables -I INPUT 1 -p udp --dport 7946 -j ACCEPT 29 | iptables -I INPUT 1 -p tcp --dport 7946 -j ACCEPT 30 | iptables -I INPUT 1 -p udp --dport 4789 -j ACCEPT 31 | 32 | # Reorder FORWARD chain rules: 33 | # Remove the default REJECT rule (ignore error if not found) 34 | iptables -D FORWARD -j REJECT --reject-with icmp-host-prohibited || true 35 | # Append the REJECT rule at the end so that Docker rules can be matched first 36 | iptables -A FORWARD -j REJECT --reject-with icmp-host-prohibited 37 | 38 | netfilter-persistent save -------------------------------------------------------------------------------- /variables.tf: -------------------------------------------------------------------------------- 1 | variable "ssh_authorized_keys" { 2 | description = "SSH public key for instances. For example: ssh-rsa AAEAAAA....3R ssh-key-2024-09-03" 3 | type = string 4 | } 5 | 6 | variable "compartment_id" { 7 | description = "The OCID of the compartment. Find it: Profile → Tenancy: youruser → Tenancy information → OCID https://cloud.oracle.com/tenancy" 8 | type = string 9 | } 10 | 11 | variable "source_image_id" { 12 | description = "Source Ubuntu 22.04 image OCID. Find the right one for your region: https://docs.oracle.com/en-us/iaas/images/image/128dbc42-65a9-4ed0-a2db-be7aa584c726/index.htm" 13 | type = string 14 | } 15 | 16 | variable "num_worker_instances" { 17 | description = "Number of Dokploy worker instances to deploy (max 3 for free tier)." 18 | type = number 19 | default = 1 20 | } 21 | 22 | variable "availability_domain_main" { 23 | description = "Availability domain for dokploy-main instance. Find it Core Infrastructure → Compute → Instances → Availability domain (left menu). For example: WBJv:EU-FRANKFURT-1-AD-1" 24 | type = string 25 | } 26 | 27 | variable "availability_domain_workers" { 28 | description = "Availability domain for dokploy-main instance. Find it Core Infrastructure → Compute → Instances → Availability domain (left menu). For example: WBJv:EU-FRANKFURT-1-AD-2" 29 | type = string 30 | } 31 | 32 | variable "instance_shape" { 33 | description = "The shape of the instance. VM.Standard.A1.Flex is free tier eligible." 34 | type = string 35 | default = "VM.Standard.A1.Flex" # OCI Free 36 | } 37 | 38 | variable "memory_in_gbs" { 39 | description = "Memory in GBs for instance shape config. 6 GB is the maximum for free tier with 3 working nodes." 40 | type = string 41 | default = "6" # OCI Free 42 | } 43 | 44 | variable "ocpus" { 45 | description = "OCPUs for instance shape config. 1 OCPU is the maximum for free tier with 3 working nodes." 46 | type = string 47 | default = "1" # OCI Free 48 | } 49 | -------------------------------------------------------------------------------- /network.tf: -------------------------------------------------------------------------------- 1 | # VCN configuration 2 | resource "oci_core_vcn" "dokploy_vcn" { 3 | cidr_block = "10.0.0.0/16" 4 | compartment_id = var.compartment_id 5 | display_name = "network-dokploy-${random_string.resource_code.result}" 6 | dns_label = "vcn${random_string.resource_code.result}" 7 | } 8 | 9 | # Subnet configuration 10 | resource "oci_core_subnet" "dokploy_subnet" { 11 | cidr_block = "10.0.0.0/24" 12 | compartment_id = var.compartment_id 13 | display_name = "subnet-dokploy-${random_string.resource_code.result}" 14 | dns_label = "subnet${random_string.resource_code.result}" 15 | route_table_id = oci_core_vcn.dokploy_vcn.default_route_table_id 16 | vcn_id = oci_core_vcn.dokploy_vcn.id 17 | 18 | # Attach the security list 19 | security_list_ids = [oci_core_security_list.dokploy_security_list.id] 20 | } 21 | 22 | # Internet Gateway configuration 23 | resource "oci_core_internet_gateway" "dokploy_internet_gateway" { 24 | compartment_id = var.compartment_id 25 | display_name = "Internet Gateway network-dokploy" 26 | enabled = true 27 | vcn_id = oci_core_vcn.dokploy_vcn.id 28 | } 29 | 30 | # Default Route Table 31 | resource "oci_core_default_route_table" "dokploy_default_route_table" { 32 | manage_default_resource_id = oci_core_vcn.dokploy_vcn.default_route_table_id 33 | 34 | route_rules { 35 | destination = "0.0.0.0/0" 36 | destination_type = "CIDR_BLOCK" 37 | network_entity_id = oci_core_internet_gateway.dokploy_internet_gateway.id 38 | } 39 | } 40 | 41 | # Security List for Dokploy 42 | resource "oci_core_security_list" "dokploy_security_list" { 43 | compartment_id = var.compartment_id 44 | vcn_id = oci_core_vcn.dokploy_vcn.id 45 | display_name = "Dokploy Security List" 46 | 47 | # Ingress Rules for Dokploy 48 | ingress_security_rules { 49 | protocol = "6" # TCP 50 | source = "0.0.0.0/0" 51 | tcp_options { 52 | min = 3000 53 | max = 3000 54 | } 55 | description = "Allow HTTP traffic for Dokploy on port 3000" 56 | } 57 | 58 | # SSH 59 | ingress_security_rules { 60 | protocol = "6" # TCP 61 | source = "0.0.0.0/0" 62 | tcp_options { 63 | min = 22 64 | max = 22 65 | } 66 | description = "Allow SSH traffic on port 22" 67 | } 68 | 69 | # HTTP & HTTPS traffic 70 | ingress_security_rules { 71 | protocol = "6" # TCP 72 | source = "0.0.0.0/0" 73 | tcp_options { 74 | min = 80 75 | max = 80 76 | } 77 | description = "Allow HTTP traffic on port 80" 78 | } 79 | 80 | ingress_security_rules { 81 | protocol = "6" # TCP 82 | source = "0.0.0.0/0" 83 | tcp_options { 84 | min = 443 85 | max = 443 86 | } 87 | description = "Allow HTTPS traffic on port 443" 88 | } 89 | 90 | # ICMP traffic 91 | ingress_security_rules { 92 | description = "ICMP traffic for 3, 4" 93 | icmp_options { 94 | code = "4" 95 | type = "3" 96 | } 97 | protocol = "1" 98 | source = "0.0.0.0/0" 99 | source_type = "CIDR_BLOCK" 100 | stateless = "false" 101 | } 102 | 103 | ingress_security_rules { 104 | description = "ICMP traffic for 3" 105 | icmp_options { 106 | code = "-1" 107 | type = "3" 108 | } 109 | protocol = "1" 110 | source = "10.0.0.0/16" 111 | source_type = "CIDR_BLOCK" 112 | stateless = "false" 113 | } 114 | 115 | # Traefik Proxy 116 | ingress_security_rules { 117 | protocol = "6" # TCP 118 | source = "0.0.0.0/0" 119 | tcp_options { 120 | min = 81 121 | max = 81 122 | } 123 | description = "Allow Traefik HTTP traffic on port 81" 124 | } 125 | 126 | ingress_security_rules { 127 | protocol = "6" # TCP 128 | source = "0.0.0.0/0" 129 | tcp_options { 130 | min = 444 131 | max = 444 132 | } 133 | description = "Allow Traefik HTTPS traffic on port 444" 134 | } 135 | 136 | # Ingress rules for Docker Swarm 137 | ingress_security_rules { 138 | protocol = "6" # TCP 139 | source = "0.0.0.0/0" 140 | tcp_options { 141 | min = 2376 142 | max = 2376 143 | } 144 | description = "Allow Docker Swarm traffic on port 2376" 145 | } 146 | 147 | ingress_security_rules { 148 | protocol = "6" # TCP 149 | source = "0.0.0.0/0" 150 | tcp_options { 151 | min = 2377 152 | max = 2377 153 | } 154 | description = "Allow Docker Swarm traffic on port 2377" 155 | } 156 | 157 | ingress_security_rules { 158 | protocol = "6" # TCP 159 | source = "0.0.0.0/0" 160 | tcp_options { 161 | min = 7946 162 | max = 7946 163 | } 164 | description = "Allow Docker Swarm traffic on port 7946" 165 | } 166 | 167 | ingress_security_rules { 168 | protocol = "17" # UDP 169 | source = "0.0.0.0/0" 170 | udp_options { 171 | min = 7946 172 | max = 7946 173 | } 174 | description = "Allow Docker Swarm UDP traffic on port 7946" 175 | } 176 | 177 | ingress_security_rules { 178 | protocol = "17" # UDP 179 | source = "0.0.0.0/0" 180 | udp_options { 181 | min = 4789 182 | max = 4789 183 | } 184 | description = "Allow Docker Swarm UDP traffic on port 4789" 185 | } 186 | 187 | # Egress Rule (optional, if needed) 188 | egress_security_rules { 189 | protocol = "all" 190 | destination = "0.0.0.0/0" 191 | description = "Allow all egress traffic" 192 | } 193 | } 194 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Dokploy Deployment on OCI Free Tier 2 | 3 | This Terraform project deploys a Dokploy instance along with worker nodes in Oracle Cloud Infrastructure (OCI) Free Tier. **Dokploy** is an open-source platform to manage your app deployments and server configurations. 4 | 5 | ## Deploy 6 | 7 | [![Deploy to Oracle Cloud](https://oci-resourcemanager-plugin.plugins.oci.oraclecloud.com/latest/deploy-to-oracle-cloud.svg)](https://cloud.oracle.com/resourcemanager/stacks/create?zipUrl=https://github.com/statickidz/dokploy-oci-free/archive/refs/heads/main.zip) 8 | 9 | *Clicking the "Deploy to Oracle Cloud" button will load the Oracle Cloud Resource Manager to deploy the infrastructure described in this Terraform project. During deployment, you'll be prompted to configure the stack parameters. Review the settings, then launch the stack deployment.* 10 | 11 | ## About Dokploy 12 | 13 | ![Dokploy Logo](doc/dokploy-logo.webp) 14 | 15 | Dokploy is an open-source deployment tool designed to simplify the management of servers, applications, and databases on your own infrastructure with minimal setup. It streamlines CI/CD pipelines, ensuring easy and consistent deployments. 16 | 17 | For more information, visit the official page at [dokploy.com](https://dokploy.com). 18 | 19 | ![Dokploy Screenshot](doc/dokploy-screenshot.png) 20 | 21 | ## OCI Free Tier Overview 22 | 23 | Oracle Cloud Infrastructure (OCI) offers a Free Tier with resources ideal for light workloads, such as the VM.Standard.E2.1.Micro instance. These resources are free as long as usage remains within the limits. 24 | 25 | For detailed information about the free tier, visit [OCI Free Tier](https://www.oracle.com/cloud/free/). 26 | 27 | *Note: Free Tier instances are subject to availability, and you might encounter "Out of Capacity" errors. To bypass this, upgrade to a paid account. This keeps your free-tier benefits but removes the capacity limitations, ensuring access to higher-tier resources if needed.* 28 | 29 | ## Prerequisites 30 | 31 | Before you begin, ensure you have the following: 32 | 33 | - An Oracle Cloud Infrastructure (OCI) account with Free Tier resources available. 34 | - An SSH public key for accessing the instances. 35 | 36 | ## Servers & Cluster 37 | 38 | ### Add Servers to Dokploy 39 | 40 | To begin deploying applications, you need to add servers to your Dokploy cluster. A server in Dokploy is where your applications will be deployed and managed. 41 | 42 | #### Steps to Add Servers: 43 | 44 | 1. **Login to Dokploy Dashboard**: 45 | - Access the Dokploy dashboard via the main instance's public IP address. You'll need to use the login credentials configured during setup. 46 | 1. **Generate SSH Keys**: 47 | - On the left-hand menu, click on "SSH Keys" and add your private and public SSH key to connect your server. 48 | 2. **Navigate to Servers Section**: 49 | - On the left-hand menu, click on "Servers" and then "Add Server." 50 | 3. **Fill in Server Details**: 51 | - **Server Name**: Give your server a meaningful name. 52 | - **IP Address**: Enter the public IP address of the instance. If you’re using private networking, you can enter the private IP address instead. 53 | - **SSH Key**: Select the previous created SSH key. 54 | - **Username**: The SSH user for connecting to the server, use `root`. 55 | 4. **Submit**: 56 | - After filling out the necessary fields, click "Submit" to add the server. 57 | 58 | ### Configure a Dokploy Cluster with new workers 59 | 60 | After setting up the main Dokploy instance, you can expand your cluster by adding worker nodes. These worker instances will help distribute the workload for your deployments. 61 | 62 | See more info about configuring your cluster on the [Dokploy Cluster Docs](https://docs.dokploy.com/docs/core/cluster). 63 | 64 | ## Project Structure 65 | 66 | - `bin/`: Contains bash scripts for setting up Dokploy on both the main instance and the worker instances. 67 | - `dokploy-main.sh`: Script to install Dokploy on the main instance. 68 | - `dokploy-worker.sh`: Script to configure necessary dependencies on worker instances. 69 | - `helper.tf`: Contains helper functions and reusable modules to streamline the infrastructure setup. 70 | - `doc/`: Directory for images used in the README (e.g., screenshots of Dokploy setup). 71 | - `locals.tf`: Defines local values used throughout the Terraform configuration, such as dynamic values or reusable expressions. 72 | - `main.tf`: Core Terraform configuration file that defines the infrastructure for Dokploy's main and worker instances. 73 | - `network.tf`: Configuration for setting up the required OCI networking resources (VCNs, subnets, security lists, etc.). 74 | - `output.tf`: Specifies the output variables such as the IP addresses for the dashboard and worker nodes. 75 | - `providers.tf`: Declares the required cloud providers and versions, particularly for Oracle Cloud Infrastructure. 76 | - `README.md`: This file, providing instructions on deployment and usage. 77 | - `variables.tf`: Defines input variables used in the project, including compartment ID, SSH keys, instance shape, and more. 78 | 79 | ## Terraform Variables 80 | 81 | Below are the key variables for deployment which are defined in `variables.tf`: 82 | 83 | - `ssh_authorized_keys`: Your SSH public key for accessing the instances. 84 | - `compartment_id`: OCI compartment ID for instance deployment. 85 | - `num_worker_instances`: Number of worker instances to deploy for Dokploy. 86 | - `availability_domain_main`: Availability domain for the main instance. 87 | - `availability_domain_workers`: Availability domains for worker instances. 88 | - `instance_shape`: Instance shape (e.g., VM.Standard.E2.1.Micro) used for deployment. 89 | - `memory_in_gbs`: Memory size (GB) per instance. 90 | - `ocpus`: Number of OCPUs per instance. 91 | -------------------------------------------------------------------------------- /main.tf: -------------------------------------------------------------------------------- 1 | # Main instance 2 | resource "oci_core_instance" "dokploy_main" { 3 | display_name = "dokploy-main-${random_string.resource_code.result}" 4 | compartment_id = var.compartment_id 5 | availability_domain = var.availability_domain_main 6 | 7 | is_pv_encryption_in_transit_enabled = local.instance_config.is_pv_encryption_in_transit_enabled 8 | shape = local.instance_config.shape 9 | 10 | metadata = { 11 | ssh_authorized_keys = local.instance_config.ssh_authorized_keys 12 | user_data = base64encode(file("./bin/dokploy-main.sh")) 13 | } 14 | 15 | create_vnic_details { 16 | display_name = "dokploy-main-${random_string.resource_code.result}" 17 | subnet_id = oci_core_subnet.dokploy_subnet.id 18 | assign_ipv6ip = false 19 | assign_private_dns_record = true 20 | assign_public_ip = true 21 | } 22 | 23 | availability_config { 24 | recovery_action = local.instance_config.availability_config.recovery_action 25 | } 26 | 27 | instance_options { 28 | are_legacy_imds_endpoints_disabled = local.instance_config.instance_options.are_legacy_imds_endpoints_disabled 29 | } 30 | 31 | shape_config { 32 | memory_in_gbs = local.instance_config.shape_config.memory_in_gbs 33 | ocpus = local.instance_config.shape_config.ocpus 34 | } 35 | 36 | source_details { 37 | source_id = local.instance_config.source_details.source_id 38 | source_type = local.instance_config.source_details.source_type 39 | } 40 | 41 | agent_config { 42 | is_management_disabled = "false" 43 | is_monitoring_disabled = "false" 44 | plugins_config { 45 | desired_state = "DISABLED" 46 | name = "Vulnerability Scanning" 47 | } 48 | plugins_config { 49 | desired_state = "DISABLED" 50 | name = "Management Agent" 51 | } 52 | plugins_config { 53 | desired_state = "ENABLED" 54 | name = "Custom Logs Monitoring" 55 | } 56 | plugins_config { 57 | desired_state = "DISABLED" 58 | name = "Compute RDMA GPU Monitoring" 59 | } 60 | plugins_config { 61 | desired_state = "ENABLED" 62 | name = "Compute Instance Monitoring" 63 | } 64 | plugins_config { 65 | desired_state = "DISABLED" 66 | name = "Compute HPC RDMA Auto-Configuration" 67 | } 68 | plugins_config { 69 | desired_state = "DISABLED" 70 | name = "Compute HPC RDMA Authentication" 71 | } 72 | plugins_config { 73 | desired_state = "ENABLED" 74 | name = "Cloud Guard Workload Protection" 75 | } 76 | plugins_config { 77 | desired_state = "DISABLED" 78 | name = "Block Volume Management" 79 | } 80 | plugins_config { 81 | desired_state = "DISABLED" 82 | name = "Bastion" 83 | } 84 | } 85 | } 86 | 87 | # Worker instances (similar to main instance) 88 | resource "oci_core_instance" "dokploy_worker" { 89 | count = var.num_worker_instances 90 | 91 | display_name = "dokploy-worker-${count.index + 1}-${random_string.resource_code.result}" 92 | compartment_id = var.compartment_id 93 | availability_domain = var.availability_domain_workers 94 | 95 | is_pv_encryption_in_transit_enabled = local.instance_config.is_pv_encryption_in_transit_enabled 96 | shape = local.instance_config.shape 97 | 98 | metadata = { 99 | ssh_authorized_keys = local.instance_config.ssh_authorized_keys 100 | user_data = base64encode(file("./bin/dokploy-worker.sh")) 101 | } 102 | 103 | create_vnic_details { 104 | display_name = "dokploy-worker-${count.index + 1}-${random_string.resource_code.result}" 105 | subnet_id = oci_core_subnet.dokploy_subnet.id 106 | assign_ipv6ip = false 107 | assign_private_dns_record = true 108 | assign_public_ip = true 109 | } 110 | 111 | availability_config { 112 | recovery_action = local.instance_config.availability_config.recovery_action 113 | } 114 | 115 | instance_options { 116 | are_legacy_imds_endpoints_disabled = local.instance_config.instance_options.are_legacy_imds_endpoints_disabled 117 | } 118 | 119 | shape_config { 120 | memory_in_gbs = local.instance_config.shape_config.memory_in_gbs 121 | ocpus = local.instance_config.shape_config.ocpus 122 | } 123 | 124 | source_details { 125 | source_id = local.instance_config.source_details.source_id 126 | source_type = local.instance_config.source_details.source_type 127 | } 128 | 129 | agent_config { 130 | is_management_disabled = "false" 131 | is_monitoring_disabled = "false" 132 | plugins_config { 133 | desired_state = "DISABLED" 134 | name = "Vulnerability Scanning" 135 | } 136 | plugins_config { 137 | desired_state = "DISABLED" 138 | name = "Management Agent" 139 | } 140 | plugins_config { 141 | desired_state = "ENABLED" 142 | name = "Custom Logs Monitoring" 143 | } 144 | plugins_config { 145 | desired_state = "DISABLED" 146 | name = "Compute RDMA GPU Monitoring" 147 | } 148 | plugins_config { 149 | desired_state = "ENABLED" 150 | name = "Compute Instance Monitoring" 151 | } 152 | plugins_config { 153 | desired_state = "DISABLED" 154 | name = "Compute HPC RDMA Auto-Configuration" 155 | } 156 | plugins_config { 157 | desired_state = "DISABLED" 158 | name = "Compute HPC RDMA Authentication" 159 | } 160 | plugins_config { 161 | desired_state = "ENABLED" 162 | name = "Cloud Guard Workload Protection" 163 | } 164 | plugins_config { 165 | desired_state = "DISABLED" 166 | name = "Block Volume Management" 167 | } 168 | plugins_config { 169 | desired_state = "DISABLED" 170 | name = "Bastion" 171 | } 172 | } 173 | } 174 | --------------------------------------------------------------------------------