vps-set-up-playbook/ORACLECLOUD.md

# Install Debian on Oracle Cloud

## Debian Image
To set up a (ARM64-based) Debian OS on Oracle Cloud, download the [Generic Cloud qcow2 image](https://cloud.debian.org/images/cloud/bookworm-backports/daily/).

### Upload the image to the storage bucket

### Import it as a Custom image
Image type: QCOW2
Launch mode: Native mode

### Edit image details
Compatible shapes: VM.Standard.A1.Flex

### Edit image capabilities
Fireware: UEFI_64
Launch Mode: Custom
Consistent volume naming: Disabled


## Create compute instance

### Image and shape
My Images: debian-12-backports-genericcloud-arm64
VM.Standard.A1.FlexAlways (Free-eligible)

### Primary VNIC IP addresses
Check IPv6 Address, IPv4 should be already checked.
Automatically assign IPv6 addresses from prefix

### Upload public key files (.pub)

### Boot Volume
Use in-transit encryption

## Virtual cloud networks
Virtual cloud networks > vcn > Security List Details

### Ingress rules
Stateless | Source | IP Protocol | Source Port Range | Destination Port Range | Type and Code | Allows | Description
------- | ------- | ------- | ------- | ------- | ------- | ------- | -------
No | 0.0.0.0/0 | ICMP | 3, 4 | ICMP traffic for: 3, 4 Destination Unreachable: Fragmentation Needed and Don't Fragment was Set |  | 
No | [IPv4 CIDR Block] | ICMP | 3 | ICMP traffic for: 3 Destination Unreachable |  | 
No | ::/0 | IPv6-ICMP | 2 | IPv6-ICMP traffic for: 2 Packet Too Big |  | 
No | [IPv4 CIDR Block] | ICMP | 8 | ICMP traffic for: 8 Echo |  | 
No | [IPv6 Prefix] | ICMP | 8 | ICMP traffic for: 8 Echo |  | 
No | 0.0.0.0/0 | UDP | All | [Wireguard Port] |  | UDP traffic for ports: [Wireguard Port]  |  | 
No | [Wireguard Subnet]/32 | TCP | All | [SSH Port] |  | TCP traffic for ports: [SSH Port]  |  | 
No | [IPv4 CIDR Block] | TCP | All | All |  | TCP traffic for ports: All |  | 
No | [IPv6 Prefix] | TCP | All | All |  | TCP traffic for ports: All |  | 

### Egress rules
Stateless | Source | IP Protocol | Source Port Range | Destination Port Range | Type and Code | Allows | Description
------- | ------- | ------- | ------- | ------- | ------- | ------- | -------
No | 0.0.0.0/0 | 	All Protocols | | | | All traffic for all ports |  | 
No | ::/0 | 	All Protocols | | | | All traffic for all ports |  |
Inital commit 2023-11-11 02:06:42 +08:00			`# Install Debian on Oracle Cloud`

			`## Debian Image`
			`To set up a (ARM64-based) Debian OS on Oracle Cloud, download the [Generic Cloud qcow2 image](https://cloud.debian.org/images/cloud/bookworm-backports/daily/).`

			`### Upload the image to the storage bucket`

			`### Import it as a Custom image`
			`Image type: QCOW2`
			`Launch mode: Native mode`

			`### Edit image details`
			`Compatible shapes: VM.Standard.A1.Flex`

			`### Edit image capabilities`
			`Fireware: UEFI_64`
			`Launch Mode: Custom`
			`Consistent volume naming: Disabled`


			`## Create compute instance`

			`### Image and shape`
			`My Images: debian-12-backports-genericcloud-arm64`
			`VM.Standard.A1.FlexAlways (Free-eligible)`

			`### Primary VNIC IP addresses`
			`Check IPv6 Address, IPv4 should be already checked.`
			`Automatically assign IPv6 addresses from prefix`

			`### Upload public key files (.pub)`

			`### Boot Volume`
			`Use in-transit encryption`

			`## Virtual cloud networks`
			`Virtual cloud networks > vcn > Security List Details`

			`### Ingress rules`
			`Stateless \| Source \| IP Protocol \| Source Port Range \| Destination Port Range \| Type and Code \| Allows \| Description`
			`------- \| ------- \| ------- \| ------- \| ------- \| ------- \| ------- \| -------`
			`No \| 0.0.0.0/0 \| ICMP \| 3, 4 \| ICMP traffic for: 3, 4 Destination Unreachable: Fragmentation Needed and Don't Fragment was Set \| \|`
			`No \| [IPv4 CIDR Block] \| ICMP \| 3 \| ICMP traffic for: 3 Destination Unreachable \| \|`
			`No \| ::/0 \| IPv6-ICMP \| 2 \| IPv6-ICMP traffic for: 2 Packet Too Big \| \|`
			`No \| [IPv4 CIDR Block] \| ICMP \| 8 \| ICMP traffic for: 8 Echo \| \|`
			`No \| [IPv6 Prefix] \| ICMP \| 8 \| ICMP traffic for: 8 Echo \| \|`
			`No \| 0.0.0.0/0 \| UDP \| All \| [Wireguard Port] \| \| UDP traffic for ports: [Wireguard Port] \| \|`
			`No \| [Wireguard Subnet]/32 \| TCP \| All \| [SSH Port] \| \| TCP traffic for ports: [SSH Port] \| \|`
			`No \| [IPv4 CIDR Block] \| TCP \| All \| All \| \| TCP traffic for ports: All \| \|`
			`No \| [IPv6 Prefix] \| TCP \| All \| All \| \| TCP traffic for ports: All \| \|`

			`### Egress rules`
			`Stateless \| Source \| IP Protocol \| Source Port Range \| Destination Port Range \| Type and Code \| Allows \| Description`
			`------- \| ------- \| ------- \| ------- \| ------- \| ------- \| ------- \| -------`
			`No \| 0.0.0.0/0 \| All Protocols \| \| \| \| All traffic for all ports \| \|`
			`No \| ::/0 \| All Protocols \| \| \| \| All traffic for all ports \| \|`