Skip to content

plcpp-2/terrform-infra

BranchesTags

Repository files navigation

Personal Blockchain and Portfolio Infrastructure

Project Overview

Personal infrastructure for blockchain applications and portfolio management using Oracle Cloud Infrastructure (OCI) and Terraform.

Infrastructure Components

  • Compute Instance: Blockchain node and portfolio application host
  • Network Configuration: VCN, Subnet, Security Lists
  • Deployment: Terraform-managed infrastructure

Configuration Details

  • Region: us-chicago-1
  • Compute Shape: VM.Standard.A1.Flex (4 OCPUs, 24GB RAM)
  • Primary Use: Personal blockchain and asset management

Security Considerations

  • Minimal external access
  • SSH-only authentication
  • No multi-user support

Deployment Instructions

  1. Ensure OCI CLI is configured
  2. Validate variables in terraform.tfvars
  3. Run terraform init
  4. Run terraform plan
  5. Run terraform apply

Troubleshooting

  • Check OCI IAM policies
  • Verify network security configurations
  • Validate API key permissions

Future Improvements

  • Implement more granular security rules
  • Add monitoring and logging
  • Explore multi-region redundancy

Maintenance

Regular updates and security patches recommended.

Prerequisites

  1. Oracle Cloud Infrastructure account
  2. Terraform installed (version 0.12 or later)
  3. OCI CLI configured with API key
  4. SSH key pair for instance access

Configuration

  1. Create your API signing key:
openssl genrsa -out ~/.oci/oci_api_key.pem 2048
openssl rsa -pubout -in ~/.oci/oci_api_key.pem -out ~/.oci/oci_api_key_public.pem

  1. Upload the public key to OCI Console:

    • Navigate to User Settings
    • Add the public key in API Keys section
    • Save the fingerprint

  2. Copy terraform.tfvars.example to terraform.tfvars:

cp terraform.tfvars.example terraform.tfvars
  1. Edit terraform.tfvars with your specific values:
    • tenancy_ocid
    • user_ocid
    • fingerprint
    • private_key_path
    • compartment_id
    • availability_domain

Usage

  1. Initialize Terraform:
terraform init
  1. Review the plan:
terraform plan
  1. Apply the configuration:
terraform apply
  1. When finished, destroy the infrastructure:
terraform destroy

Security Considerations

  • Enhanced Instance Security:
    • Secure Boot prevents unauthorized boot loaders and kernels
    • TPM provides hardware-based security features
    • Measured Boot ensures platform integrity
    • Memory Encryption protects against physical memory attacks
  • The security list is configured with basic rules. Adjust according to your needs.
  • SSH access is restricted by default
  • All sensitive information should be stored in terraform.tfvars (git-ignored)
  • Use environment variables for additional security: 
    export TF_VAR_tenancy_ocid="your-tenancy-ocid"
export TF_VAR_user_ocid="your-user-ocid"
export TF_VAR_fingerprint="your-fingerprint"
export TF_VAR_private_key_path="path-to-your-private-key"

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages